Privacy Policy

SafetyWorks Training Ltd

1. Context and Overview Key Details

Policy Owner: Data Protection Lead
Approved by: Director - Ryan Davies
Effective Date: 25 November 2025 (reviewed and updated as required)

Introduction SafetyWorks Training Ltd (“SafetyWorks”, “we”, “our”, “us”) collects and processes personal data to deliver training services and operate effectively as a business. We may hold information relating to customers, suppliers, instructors, business contacts, course delegates, employees, and other individuals we interact with.

2. Personal Data We Hold and Why We process personal data to:

Deliver day-to-day business operations
Register and assess course delegates
Issue training certificates
Provide delegate reports to client organisations
Share training records with relevant accrediting bodies
Process sales and purchase invoices
Maintain internal records and compliance documentation

Data is stored electronically across our CRM system, accounting software, secure cloud services (e.g. Microsoft 365), and internal file systems. We also collect limited data via paper-based forms (e.g. test sheets and course evaluations), which are securely stored and later digitised where appropriate.

3. Data Collection and Storage - CRM Data

We store the following types of data: Company Contacts:

Company name
Contact name
Job title
Phone number(s)
Business email address
Company address
Marketing preferences (opt-in/opt-out)

Course Delegates:

Name
Employer
Employee number (if applicable)
Date of birth
Course details and dates
Assessment results (pass/fail, scores)

How Data is Collected Data is collected through:

Course booking processes
Training attendance forms
Assessment/test sheets
Course feedback forms
Direct communication with clients

All data collection includes clear information about why the data is required and how it will be used.

Use of Data Delegate data is used to:

Produce certificates and training records
Provide confirmation of training to employers
Maintain compliance records

4. Sharing of Data We may share personal data where necessary to:

Provide certification to the organisation that booked the training
Meet requirements of accrediting bodies and regulators

This may include:

Name
Date of birth
Course details and dates
Assessment information
Instructor details
Equipment used (where applicable)

We only share the minimum data required and only with relevant, authorised organisations.

5. Website Tracking and Cookies Our website uses cookies and analytics tools (such as Google Analytics) to:

Monitor website performance
Understand user behaviour
Improve user experience

We may use this data to identify legitimate business interest and improve our services. Users can manage or disable cookies via their browser settings. Please note that disabling cookies may affect website functionality.

We do not sell or share personal website data with third parties for marketing purposes.

6. Data Accuracy We aim to keep all personal data accurate and up to date. Data is collected directly from individuals or their employer, and we provide clear information at the point of collection. We generate new business contacts through:

Website enquiries
Direct communication (calls, meetings, visits)
Marketing activities
Industry events and trade shows

We only contact organisations where we believe our services are relevant and of legitimate interest. All marketing communications include an option to opt out. We do not purchase third-party contact lists.

7. Data Security and Breaches We take data security seriously and implement appropriate measures, including:

Secure IT systems and cloud storage
Regular system updates and security patches
Antivirus, firewall, and ransomware protection
Staff training on data protection

In the event of a data breach that poses a risk to individuals, we will:

Notify the Information Commissioner’s Office (ICO) within 72 hours (where

required)

Inform affected individuals promptly

A data breach may include loss, unauthorised access, or disclosure of personal data that could result in harm such as financial loss, reputational damage, or loss of confidentiality.

8. Legal Disclosure We may disclose personal data without consent where required by law, including requests from law enforcement or regulatory bodies. All such requests will be reviewed to ensure they are lawful and appropriate.

9. Transparency and Your Rights We are committed to transparency and ensuring individuals understand:

What data we collect
How it is used
Their rights under data protection law

Individuals have the right to:

Access their data
Request corrections
Request deletion (where applicable)
Object to certain types of processing

Requests can be made by contacting us directly.

10. Right to be Forgotten Where applicable, individuals may request deletion of their data:

Course delegates: Requests will be reviewed in consultation with the employer

who commissioned the training

Contacts: Data can be removed from our CRM if no longer required
Website users: Tracking data can be removed upon request

Please note: we may retain certain records where required for legal or compliance purposes.

11. Data Retention Training records are retained to meet industry and regulatory requirements, including Health and Safety Executive (HSE) guidance.

Standard retention period: minimum 7 years
Paper records are securely destroyed after this period
Electronic records may be retained longer for compliance and verification purposes

This data may be required as evidence of training (e.g. following workplace incidents).

12. Data Transfer If a contract with a client ends, we can provide relevant personal data upon request. However, we may retain training records where necessary for compliance, legal obligations, or audit purposes.

Contact Us For any questions about this policy or your data, please contact: SafetyWorks Training Ltd Ryan Davies Ryan@safetyworkstraining.com / 0773941155 SafetyWorks Training Limited 2 Park Lane West, Bootle, Merseyside, England, L30 3TA