Privacy policy

Effective date: 19 June 2026

1. Introduction

Data Protection Global Ltd is committed to protecting your privacy and handling personal data in a fair, lawful and transparent way.

This Privacy Policy explains how Data Protection Global Ltd collects, uses, stores, shares and protects personal data when you visit our website, create an account, enrol in a course, use our learning platform, contact us, subscribe to updates, download resources, request team training, or otherwise interact with our services.

This Privacy Policy applies to all users of our website and services, including visitors, learners, customers, business contacts, team training clients, newsletter subscribers, and anyone who communicates with us.

By using our website or services, you acknowledge that your personal data will be handled as described in this Privacy Policy.

2. Who We Are

Data Protection Global Ltd is a UK-based online learning provider offering professional training in data protection, GDPR, UK GDPR, Data Protection Officer skills, privacy compliance, CIPP/E preparation, AI governance, staff awareness, and related professional development areas.

For the purposes of UK data protection law, Data Protection Global Ltd is the data controller for the personal data described in this Privacy Policy, unless we clearly state otherwise.

You can contact us at:

[email protected]

3. The Laws We Follow

We process personal data in line with applicable UK data protection and privacy laws, including:

the UK General Data Protection Regulation;
the Data Protection Act 2018;
the Privacy and Electronic Communications Regulations, where applicable;
other relevant UK laws and regulatory requirements.

We aim to collect only the personal data we need and to use it only for clear and lawful purposes.

4. Personal Data We Collect

The personal data we collect depends on how you use our website and services.

4.1 Identity Data

We may collect:

first name;
last name;
username;
learner profile details;
job title;
organisation name;
sector or professional role;
certificate name;
certificate ID;
learner ID.

4.2 Contact Data

We may collect:

email address;
telephone number;
billing address;
business address;
country or region;
communication preferences.

4.3 Account Data

If you create an account or use our learning platform, we may collect:

login details;
account settings;
profile information;
password or authentication information;
course access history;
saved preferences;
support history.

We do not intend to store your password in plain text.

4.4 Course and Learning Data

When you enrol in or complete a course, we may collect:

courses purchased or accessed;
course progress;
modules completed;
lesson activity;
quiz attempts;
quiz results;
assessment responses, where applicable;
course completion status;
certificate issue date;
certificate ID;
downloaded learning resources;
feedback, ratings or reviews;
learner support messages.

4.5 Payment and Transaction Data

When you purchase a course or service, we may collect:

order details;
course purchased;
payment status;
invoice or receipt information;
billing details;
refund information;
transaction reference;
payment confirmation.

We do not intend to store full debit or credit card details on our own systems. Payments may be processed securely by third-party payment providers.

4.6 Communication Data

When you contact us, we may collect:

messages you send to us;
email correspondence;
support requests;
enquiry details;
responses to surveys or forms;
records of complaints or feedback.

4.7 Team Training and Business Enquiry Data

If you contact us about team training or business services, we may collect:

name;
work email;
company name;
job title;
team size;
training interests;
organisation sector;
message content;
preferred training topics;
enquiry history.

4.8 Marketing Data

If you subscribe to updates or interact with our marketing, we may collect:

email address;
subscription preferences;
email engagement;
marketing consent status;
course interests;
resource downloads;
webinar or event interests.

4.9 Technical and Usage Data

When you use our website or platform, we may automatically collect:

IP address;
browser type and version;
device type;
operating system;
time zone setting;
website pages visited;
referring website;
date and time of visits;
click activity;
course page views;
error logs;
cookie identifiers;
general location inferred from IP address.

We use this information to operate, secure and improve our website and services.

4.10 Special Category Data

We do not normally need to collect special category data, such as health information, religious beliefs, political opinions, trade union membership, biometric data, or information about race or ethnicity.

If you choose to provide this type of information to us, for example in a support request, we will only use it where necessary and where we have a valid lawful basis and condition under data protection law.

5. How We Collect Personal Data

We may collect personal data in the following ways.

5.1 Directly From You

You may provide personal data when you:

visit our website;
create an account;
enrol in a course;
buy a course;
complete a form;
contact us;
request team training;
download a guide;
subscribe to emails;
complete a quiz;
submit feedback;
leave a review;
request support;
ask for a certificate or account update.

5.2 Automatically

We may collect technical and usage data automatically through:

cookies;
analytics tools;
server logs;
learning platform activity records;
security tools;
similar tracking technologies.

Please read our Cookie Policy for more information about cookies and similar technologies.

5.3 From Third Parties

We may receive personal data from:

payment providers;
learning platform providers;
email marketing tools;
analytics providers;
team training purchasers;
business partners;
social media platforms, where you interact with us;
referral sources;
professional service providers.

6. How We Use Your Personal Data

We use personal data for the following purposes.

6.1 To Provide Our Website and Services

We use personal data to:

operate our website;
manage user accounts;
provide access to courses;
deliver course content;
track learning progress;
provide quizzes and learning activities;
issue certificates;
provide learner support;
respond to enquiries;
manage downloads and resources;
maintain service records.

6.2 To Process Orders and Payments

We use personal data to:

process course purchases;
confirm payments;
manage invoices and receipts;
handle refunds;
prevent payment fraud;
maintain financial records;
provide purchased services.

6.3 To Manage Course Access and Certificates

We use personal data to:

record course enrolment;
track completion;
issue certificates;
verify certificate records;
manage certificate corrections;
maintain learner records;
support future access to learning history.

6.4 To Respond to Enquiries and Support Requests

We use personal data to:

answer questions;
provide technical support;
help with account access;
respond to course queries;
investigate complaints;
keep records of communication.

6.5 To Provide Team Training Services

We use personal data to:

respond to organisation enquiries;
prepare training proposals;
manage team learner access;
support business customers;
provide agreed training reports;
communicate with organisation contacts;
manage business relationships.

6.6 To Improve Our Website, Courses and Services

We use personal data to:

understand how users use our website;
improve course design;
improve learning experience;
test new features;
identify popular topics;
improve navigation and content;
monitor performance;
fix technical problems.

6.7 To Send Service Communications

We may send you non-marketing service messages, such as:

account information;
course access details;
payment confirmations;
certificate information;
platform updates;
security notices;
changes to our terms or policies;
support responses.

These messages are necessary for the service and are not marketing.

6.8 To Send Marketing Communications

Where permitted, we may send you:

course updates;
new course announcements;
learning resources;
newsletters;
offers;
event or webinar invitations;
information about related training services.

You can unsubscribe from marketing emails at any time.

6.9 To Protect Our Website, Users and Business

We use personal data to:

detect misuse;
prevent fraud;
protect accounts;
monitor website security;
investigate suspicious activity;
enforce our Terms and Conditions;
protect our rights and users’ rights.

6.10 To Comply With Legal Obligations

We may use personal data to:

keep accounting and tax records;
respond to legal requests;
comply with regulatory duties;
manage disputes;
meet data protection obligations;
maintain business records.

7. Lawful Bases for Processing

We only use personal data where we have a lawful basis under UK data protection law. The lawful bases under UK GDPR include consent, contract, legal obligation and legitimate interests, among others.

We may rely on the following lawful bases.

7.1 Contract

We process personal data where it is necessary to provide a course, account, certificate, resource or service you have requested or purchased.

This includes:

creating your account;
giving course access;
processing purchases;
issuing certificates;
providing learner support;
managing team training services.

7.2 Consent

We rely on consent where required, such as for:

certain marketing emails;
optional cookies;
testimonials using identifiable information;
specific optional activities where consent is requested.

You can withdraw consent at any time.

7.3 Legitimate Interests

We may process personal data where it is necessary for our legitimate business interests and your rights do not override those interests.

This may include:

improving our website;
improving courses;
responding to enquiries;
maintaining business records;
preventing fraud;
securing our platform;
sending relevant updates to business contacts where allowed;
understanding course interest and website performance.

7.4 Legal Obligation

We may process personal data where necessary to comply with legal obligations, such as:

tax and accounting requirements;
data protection compliance;
legal claims;
fraud prevention;
regulatory requests.

8. Personal Data Use Table

Purpose	Personal Data Used	Lawful Basis
Create and manage accounts	Identity, contact, account data	Contract, legitimate interests
Provide course access	Identity, contact, course and learning data	Contract
Process payments	Identity, contact, transaction data	Contract, legal obligation
Issue certificates	Identity, course completion data, certificate data	Contract, legitimate interests
Respond to enquiries	Identity, contact, communication data	Legitimate interests, contract
Provide team training	Business enquiry data, learner data, contact data	Contract, legitimate interests
Send service messages	Identity, contact, account and course data	Contract, legitimate interests
Send marketing emails	Contact and marketing data	Consent, legitimate interests where allowed
Improve website and courses	Technical, usage and learning data	Legitimate interests, consent where required for cookies
Keep records and comply with law	Identity, transaction, account and communication data	Legal obligation, legitimate interests
Protect website and users	Technical, account and usage data	Legitimate interests, legal obligation

9. Direct Marketing

We may send marketing communications about our courses, resources and services where we are allowed to do so.

You may receive marketing if you:

subscribe to our newsletter;
download a resource;
request information;
buy a course;
show interest in similar services;
give consent to receive updates.

You can opt out at any time by clicking the unsubscribe link in our emails or by contacting:

[email protected]

Opting out of marketing does not stop service-related messages, such as course access emails, payment confirmations, security alerts or certificate information.

10. Cookies and Similar Technologies

We use cookies and similar technologies to operate our website, remember preferences, understand website performance, support learning platform functions, and improve user experience.

Some cookies are strictly necessary. Others, such as analytics or marketing cookies, may require your consent.

You can manage cookies through our cookie banner, cookie settings tool or browser settings.

Please read our Cookie Policy for more information.

11. Learning Platform and Student Area

If we provide a learner account or student area, we may store your course information in your account so you can access your learning materials, progress and certificates.

This may include:

enrolled courses;
course progress;
completed lessons;
quiz results;
certificate records;
downloaded resources;
support requests;
account preferences.

You are responsible for keeping your login details secure. You should not share your account with anyone else.

If you believe your account has been accessed without permission, contact us as soon as possible at:

[email protected]

12. User Content, Reviews and Feedback

If you submit feedback, reviews, comments, survey responses, messages or other content, we may use it to:

improve our services;
respond to you;
support quality assurance;
understand learner experience;
develop course improvements.

We may publish testimonials or reviews only where appropriate and where we have permission if the content identifies you.

You must not submit content that is unlawful, offensive, misleading, confidential without permission, or infringes another person’s rights.

13. Sharing Personal Data

We may share personal data with trusted third parties where necessary.

These may include:

website hosting providers;
learning platform providers;
payment processors;
email service providers;
analytics providers;
IT and security service providers;
cloud storage providers;
customer support tools;
professional advisers;
business partners involved in providing a requested service;
regulators, authorities, courts or law enforcement where required by law.

We require service providers to handle personal data securely and only for authorised purposes.

We do not sell personal data.

14. Third-Party Payment Providers

Payments may be processed by third-party payment providers. These providers may collect payment details directly from you.

We may receive limited transaction information, such as:

payment status;
payment reference;
amount paid;
billing details;
refund status.

We do not intend to store full payment card details on our own systems.

15. Third-Party Links

Our website, courses or resources may include links to third-party websites, tools, platforms, regulators, professional bodies, certification bodies or resources.

We are not responsible for the privacy practices, content, security or policies of third-party websites.

You should read the privacy policy of any third-party website before providing personal data to it.

16. Social Media

If you interact with us on social media, the relevant social media platform may process your personal data according to its own privacy policy.

We may see information you make publicly available, such as your profile name, comments, messages, reactions or shared content.

We are not responsible for how social media platforms use your personal data.

17. International Transfers

We are based in the United Kingdom. Some of our service providers may process personal data outside the UK.

Where personal data is transferred outside the UK, we will take steps to ensure that appropriate safeguards are in place where required by law. These may include adequacy regulations, approved contractual safeguards, or other lawful transfer mechanisms.

18. Data Security

We take appropriate steps to protect personal data against unauthorised access, loss, misuse, alteration or disclosure.

Security measures may include:

secure website connections;
account access controls;
password protection;
restricted access to personal data;
secure payment processing;
secure hosting;
monitoring for suspicious activity;
staff or contractor confidentiality requirements;
regular review of systems and processes.

No method of transmission over the internet or electronic storage is completely secure. You are responsible for keeping your login details safe.

19. Data Retention

We keep personal data only for as long as necessary for the purposes described in this Privacy Policy.

Retention periods may depend on:

the type of data;
the purpose for which it was collected;
legal and accounting requirements;
course access periods;
certificate verification needs;
dispute or complaint handling;
security requirements;
business record needs.

Typical retention approach:

account data is kept while your account is active and for a reasonable period afterwards;
course completion and certificate records may be kept for certificate verification and learner support;
payment and invoice records are kept for legal, tax and accounting purposes;
support and enquiry records are kept for service quality and dispute handling;
marketing data is kept until you unsubscribe or object;
technical logs are usually kept for a shorter period unless needed for security or legal reasons.

When personal data is no longer needed, we will delete, anonymise or securely archive it.

20. Your Data Protection Rights

Depending on the circumstances, you may have the following rights under UK data protection law:

the right to be informed about how your personal data is used;
the right to access your personal data;
the right to request correction of inaccurate or incomplete data;
the right to request deletion of your personal data;
the right to restrict processing;
the right to object to processing;
the right to data portability;
the right to withdraw consent where processing is based on consent;
the right to complain to the Information Commissioner’s Office.

These rights may be subject to legal limits and exemptions. The ICO explains individual rights under UK GDPR, including access, rectification, erasure, restriction and objection.

To exercise your rights, contact us at:

[email protected]

We may need to verify your identity before responding.

21. Right to Object to Marketing

You have the right to object to direct marketing at any time.

You can do this by:

clicking the unsubscribe link in our emails;
contacting us at [email protected];
changing your communication preferences where available.

Once you opt out, we will stop sending marketing emails. We may still send service-related messages.

22. Children’s Privacy

Our website, courses and services are intended for adults and professional learners.

We do not knowingly collect personal data from children under 16.

If we become aware that a child under 16 has provided personal data to us without appropriate permission, we will take reasonable steps to delete that information.

If you believe a child has provided personal data to us, please contact:

[email protected]

23. Automated Decision-Making

We do not make decisions about you based solely on automated processing that produce legal or similarly significant effects.

We may use limited automation for normal website and learning platform functions, such as:

course progress tracking;
email reminders;
certificate generation;
account notifications;
fraud or security alerts;
course recommendations.

24. Complaints

If you have a concern about how we handle your personal data, please contact us first so we can try to resolve the matter.

Email:

[email protected]

You also have the right to complain to the UK Information Commissioner’s Office.

Information Commissioner’s Office
Website: www.ico.org.uk

25. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

The latest version will be posted on our website with the updated effective date.

If we make significant changes, we may notify users by email or by placing a notice on our website.

26. Contact Us

If you have any questions about this Privacy Policy or how Data Protection Global Ltd handles personal data, please contact us:

Data Protection Global Ltd
[email protected]