Privacy Policy

Effective Date: 9 April 2026

Training Provider Startup (“we”, “our”, “us”) is committed to protecting and respecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Training Provider Startup operates as a UK-based training provider delivering education and learning services through a blended learning model.

For the purposes of data protection law, we act as the Data Controller of your personal data.

Contact:
Email: mark@trainingproviderstartup.com

2. Information We Collect

We collect and process the following categories of personal data:

  • Identity Data: full name, date of birth
  • Contact Data: email address, phone number, postal address
  • Transaction Data: payment confirmations (processed via Stripe; we do not store full card details)
  • Technical Data: IP address, browser type, device information
  • Usage Data: how you use our website, LMS, and services
  • Marketing Data: preferences in receiving communications

3. Lawful Basis for Processing

We process your personal data under the following lawful bases:

  • Contractual obligation – to deliver courses and services you have enrolled in
  • Legal obligation – to comply with regulatory or legal requirements
  • Legitimate interests – to improve services, systems, and user experience
  • Consent – for marketing communications and optional data processing

4. How We Use Your Information

Your data is used to:

  • Deliver and manage your learning experience
  • Provide access to our LMS (Moodle) and course content
  • Process payments via Stripe
  • Communicate regarding enrolment, support, and course progress
  • Deliver live sessions via Zoom
  • Manage relationships through GoHighLevel (CRM and email systems)
  • Send marketing communications where consent has been provided
  • Monitor and improve platform performance and user experience
  • Meet legal, regulatory, and quality assurance requirements

5. Data Storage and Security

Your data is securely stored using trusted third-party systems, including:

  • Moodle (Learning Management System)
  • GoHighLevel (CRM and communication platform)
  • Zoom (live session delivery)
  • Secure cloud infrastructure

We implement appropriate technical and organisational measures, including:

  • Secure access controls
  • Data encryption where applicable
  • Restricted user permissions
  • Regular system monitoring

6. Sharing Your Information

We do not sell your personal data.

We may share your data with:

  • Stripe (payment processing)
  • Moodle (course delivery)
  • GoHighLevel (CRM and communications)
  • Zoom (live training sessions)
  • Regulatory or awarding bodies where required
  • Legal authorities where required by law

All third parties are contractually obligated to process your data securely and in compliance with data protection legislation.

7. International Transfers

Some of our service providers may store or process data outside the UK.

Where this occurs, we ensure appropriate safeguards are in place, such as:

  • UK-approved Standard Contractual Clauses (SCCs)
  • Adequacy decisions where applicable

8. Marketing Communications

We may send marketing communications where:

  • You have provided consent, or
  • There is a legitimate interest (in line with UK regulations)

You can withdraw consent at any time by:

  • Clicking the unsubscribe link in emails
  • Contacting us directly

9. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Improve website functionality
  • Analyse user behaviour
  • Support marketing and advertising campaigns

This may include tools such as Google Analytics and Meta Pixel.

You can control or disable cookies via your browser settings.

10. Data Retention

We retain your personal data only for as long as necessary to:

  • Deliver services
  • Meet legal and regulatory obligations
  • Maintain accurate records for audit and quality assurance

When data is no longer required, it is securely deleted or anonymised.

11. Your Rights

Under UK GDPR, you have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request erasure (“right to be forgotten”)
  • Restrict processing
  • Object to processing
  • Data portability
  • Withdraw consent at any time

To exercise your rights, contact:
mark@trainingproviderstartup.com

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
https://www.ico.org.uk

12. Age Restrictions

Our services are strictly intended for individuals aged 18 and over.

We do not knowingly collect or process data relating to individuals under this age.

13. Third-Party Links

Our website may contain links to third-party websites.

We are not responsible for the privacy practices or content of external sites.

14. Changes to This Policy

We may update this Privacy Policy periodically.

Any updates will be published on this page with a revised effective date.

15. Contact Us

For any questions regarding this policy or your personal data:

Email: mark@trainingproviderstartup.com