Privacy Policy

Lawson’s Training Centre Ltd is fully committed to compliance with the EU General Data Protection Regulations (GDPR), which came into force on 25th May 2018.

These principles summarise our commitment to protecting your privacy:

  • We only collect and use the personal information we need to provide or improve our products and services.
  • You may request access to the information we hold about you at any time.
  • We keep your personal data secure.
  • We are transparent about how and why we process your information.
  • We will never sell your data.
  • We only share your information in ways described in this policy or with your explicit permission.
  • We keep you informed about important changes affecting your data.
  • We take responsibility for protecting your data and complying with the law.
  • We only keep hard copies of your information for as long as required.

 

Our Details

In this policy, “we”, “us” and “our” refer to Lawson’s Training Centre Ltd.

We are registered in England and Wales, registration number 2523310, registered office Lawson’s Training Centre Ltd, Whinbank Farm, Distington, Workington, CA14 4QH which is also our principal place of business.

 

What we collect

We are committed to safeguarding the privacy of our customers and website visitors.

The data we collect/ process may contain the following;

 

Personal Data – which may include your name, address, accreditation numbers (e.g.: CPCS / NPORS registration number), date of birth, NI number, telephone number, email address, identity verification information and employment details.

Service Data – The type of service data information we process may include course bookings, names, dates, locations, results/ certification, providers, attendance records and any other course related information.

Transaction data – This includes information about any purchases you make with us, whether online, by phone, by email, or through your employer/ a third party. It may cover payments, invoices, refunds, payment provider details, and any questions or issues related to those transactions.

Correspondence data – which may include the communication content and any metadata associated with the communication made using emails, phone records, online form enquiries, or direct enquiries.

Enquiry data – information contained in any enquiry you submit to us regarding our business or business services.

Website Usage Data – Collected via Google Analytics and similar tools, including IP address, Browser type & version, Operating system, Geographic location, Length of visit, page interactions, and website navigation patterns.

CCTV – CCTV footage in applicable locations. Audio files required by certain awarding bodies.

 

Data Sources

We collect data from:

  • You directly
  • Your employer
  • Brokers, course bookers or third party training coordinators
  • Training partners / awarding bodies providing results or verification data

 

Legal Bases for Processing

We process personal data under the following lawful bases:

  • Contractual Necessity
    • To provide training, testing, certification, and customer services.
  • Legitimate Interests
    • For purposes such as:
    • Business administration
    • Course management
    • Verification with awarding bodies
    • Maintaining training and certification records
    • Website performance monitoring
    • These interests are balanced against your rights.
  • Legal Obligation
    • To comply with:
    • Awarding body regulations
    • HMRC retention requirements
    • Health & safety rules
    • Evidence requirements for regulated training
  • Consent
    • Used only where required (e.g., marketing communications, optional cookies).
    • You may withdraw consent at any time.
  • Vital Interests
    • Where necessary to protect your safety or the safety of others.

 

How We Use Personal Data

We may use your information to:

  • Process bookings and deliver training services
  • Verify learner identity
  • Produce and record training outcomes
  • Communicate with learners and employers
  • Issue certificates
  • Maintain internal business records
  • Manage payments, invoices, refunds and disputes
  • Improve our website and services
  • Meet legal, regulatory, and accreditor obligations

 

Statutory or Contractual Requirement

Providing certain personal data is mandatory. If this information is not provided, we will be unable to deliver training, process assessments, or issue certifications.

 

Information Sharing

We do not sell personal information.

We may share data with:

  • Awarding bodies
  • Subcontracted trainers and partner training organisations
  • Your employer or broker who arranged your booking
  • Payment service providers
  • Insurance providers, legal advisors, auditors
  • IT and cloud service providers
  • Law enforcement where legally required

All third parties are GDPR-compliant and must process your data securely and responsibly.

 

Service Provider

Bookings and any corresponding data relating to our products and services may be stored on our CRM cloud software. The provider of this is Dante Systems Limited, who are registered in England and Wales, registration number:  02368853, registered office: Dante Systems Limited, Cornerstone House, Midland Way, Thornbury Bristol, Bristol BS35 2BS

 

Information Retention

Personal, service, and correspondence data that we process is retained indefinitely on our secure online systems.

Hard‑copies of training and assessment paperwork is retained in accordance with the retention requirements set by the relevant awarding bodies, etc.

Transactional / accounts data will be kept and stored in line with the HMRC requirements.

 

Your Data Protection Rights

You have the right to:

  • Request access to your personal data
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict processing
  • Request data portability
  • Withdraw consent (where applicable)

To exercise these rights, email: info@lawsonstraining.co.uk

 

Deletion Requests

We will respond to written deletion requests within 30 working days.

Accredited training paperwork is the intellectual property of the awarding body and cannot be destroyed without their written consent. We will forward such requests to the relevant body.

You may exercise any of your rights in relation to your personal data by written notice to us.

We/ awarding bodies may not be able to delete certain data if doing so would prevent us/ them from maintaining accurate certification records or fulfilling their regulatory obligations.

Once deleted, data cannot be recovered.

 

Data Security

We implement strong technical and organisational measures including:

  • Secure servers and encrypted connections
  • Access controls and authentication
  • Staff training
  • Regular system and data backups
  • GDPR compliant processor agreements

 

CCTV / Recording Devices

Certain premises use CCTV (visual/ audio) for safety, integrity and security.

Footage is:

  • Viewed only when necessary
  • Retained temporarily unless required for investigation
  • Automatically overwritten when no longer needed

Please see CCTV policy for more information.

 

Awarding Bodies and Suppliers

Your data may be shared with awarding bodies or subcontracted trainers and partner training organisations relevant to your training to facilitate your course. Their privacy policies are available on their respective websites. Please contact us via email if you require additional information.

 

Contact Us

For any questions or concerns regarding this Privacy Policy or your personal data, please contact:

Lawson’s Training Centre Ltd

Email: info@lawsonstraining.co.uk

This policy is reviewed annually, and earlier if updates or regulatory changes necessitate revision.