Get in touch

Get in touch

  • This field is for validation purposes and should be left unchanged.

Privacy Notice

X

When you submit an enquiry via our website, we use the personal data you supply to respond to your query, including providing you with any requested information about our products and services. We may also email you several times after your enquiry in order to follow up on your interest and ensure that we have answered your it to your satisfaction. We will do this based on our legitimate interest in providing accurate information prior to a sale. Your enquiry is stored and processed as an email which is hosted by Microsoft within the European Economic Area (EEA). We keep enquiry emails for two years, after which they are securely archived and kept for seven years, when we delete them.

Reveal Menu

Privacy Policy - May 2024 - Version 12

This privacy notice tells you about the information we collect and process from you when you use our
website and associated software offerings. In collecting this information, we are acting as a data
controller and, by law, we are required to provide you with information about us, about why and how
we use your data, and about the rights you have over your data.

 

Who are we?

We are CertiKit. Our address is 6 High Street, Belper, Derbyshire DE56 1GF, United Kingdom. You can contact us by post at the above address, by email at [email protected] or by telephone on +44 (0)1332 417065.

We are not required to have a data protection officer, so any enquiries about our use of your personal data should be addressed to the contact details above.

Within the EU, enquiries should be directed to our representative within your country, a list of which can be found here: List of EU Representatives

 

How we use your information

When you use our website
When you submit an enquiry via our website
When you purchase a product or service from our website 
When you use our cyber awareness training platform
When you sign up to receive our newsletter
When you download a free document
When you submit a review about us
When you take part in our feedback survey
When you sign up to our webinars
Your rights as a data subject
Your right to complain
Updates to this privacy policy

When you use our website

When you use our website to browse our products and services and view the information, we make available a number of cookies which are used by us and by third parties to allow the website to function, to collect useful information about visitors and to help to make your user experience better.

For more information about our use of cookies, please see our cookie policy.

We also collect information about your device, operating system and IP address, browser type and version, and information about your visit, including URL, clickstream, length of visits to certain pages, and page interaction information.

We use this information to provide you with information about our products and services. We may also email or call you after your visit in order to follow up on your interest. We may contact you via phone and email for up to one year after your first visit, or no more than two months after the last scheduled contact, whichever is the later. We will do this based on our legitimate interest in providing accurate information prior to a sale, but you have the option to ask us not to.

Your information is stored and processed by a third party processor which is hosted within the European Economic Area (EEA).

We do not use the information you provide to make any automated decisions that might affect you.

When you submit an enquiry via our website

When you submit an enquiry via our website, we ask you for your name, contact telephone number, email address and country.

We use this information to respond to your query, including providing you with any requested information about our products and services. We may also email or call you after your enquiry in order to follow up on your interest and ensure that we have answered your enquiry to your satisfaction. We may contact you via phone and email for up to one year after your first enquiry, or no more than two months after the last scheduled contact, whichever is the later. We will do this based on our legitimate interest in providing accurate information prior to a sale, but you have the option to ask us not to.

Your enquiry is stored and processed within our Office 365 environment which is hosted by Microsoft within the European Economic Area (EEA). Your name, phone number, email address and country are stored on our website which is hosted with Digital Ocean.

We do not use the information you provide to make any automated decisions that might affect you.

We keep enquiry emails for two years, after which they are securely archived and kept for seven years, when we delete them.

When you purchase a product or service from our website

When you purchase a product or service from us online, we ask you for your name, address, contact telephone number, email address and credit card information. We also record your IP (Internet Protocol) address, which is the address of your computer on the Internet.

We will use your information to verify your credit card details for your purchase, process your order and to send you your products. We will also send you a receipt via email and we may use your telephone number to contact you regarding your purchase.

We require this information in order to process your payment, deliver your products or services and fulfil our contract with you. We record your IP address in order to show that the correct tax was applied to the sale, which we are required to do by law.

Your information is stored on our website, which is hosted with Digital Ocean and on our ShareFile cloud server, both of which are based within the European Union. Your credit card details are passed to a third-party payment processor called Braintree which is based in the USA and our contract with them provides effective safeguards for your information. We do not retain your credit card information. If you pay using PayPal your information is shared with PayPal. Your information may also be stored and processed within our Office 365 environment which is hosted by Microsoft within the European Economic Area (EEA).

We also share your name and email address with MailChimp so that we can send you emails about supporting you in your use of your toolkit, our post-sale feedback surveys, our quarterly newsletter, and other promotional and product launch emails. We will do this based on legitimate interest in providing you with information we think will be useful to you. You can unsubscribe from these emails at any time via the unsubscribe button at the bottom of the emails. We keep your personal data for as long as we produce and distribute our emails. If you withdraw your consent, we will mark your details so that they are not used and delete them after two years.

We may use the data provided to call and email you to share relevant services that may be of interest, gain feedback or provide other information that we think will be useful to you.

Your name, email address and order number are shared with reviews.co.uk so that we can send you an email asking you to submit a review about our products. Entering a review is optional.

We may share your name, email address and country with Google in order to remarket our products and services to you after you have left our website. You can update your ad preferences and settings in Google’s Ad Centre.

We do not use the information you provide to make any automated decisions that might affect you.

We keep your order information for an indefinite period, as the licenses we sell for our products do not expire.

When you use our cyber awareness training platform

When you use our cyber awareness training platform we will ask for a name and email address of the user who will act as the administrative user for the customer system, and who will be responsible for creating additional users within the system. The lawful basis for collecting and using this information is in the performance of a contract with you to provide the cyber awareness training platform. For additional users created by the admin user within the system, CertiKit acts a processor in line with the terms of our data processing agreement.

The details of the admin user are stored within the cyber awareness training platform itself, which is hosted within the UK by our sub-processor, Usecure Limited.

We do not use the information you provide to make any automated decisions that might affect you.

We keep this personal data for as long as the customer wishes to subscribe to the cyber awareness training platform. If you inform us that you no longer wish to make use of the system (subject to applicable terms) we will delete the personal data 30 days after the end of the contract.

When you sign up to receive our newsletter

When you sign up to receive our newsletter, we ask for your name, your email address and your country.

We will ask for your consent to use your name and email address to email you our newsletter which contains information about our products and other information which we feel might be of interest to you. You can withdraw your consent at any time and we will stop sending you the newsletter.

Your name and email address are stored on our website which is hosted with Digital Ocean.

We also share your name and email address with MailChimp so that we can send you newsletter emails and other promotional and product launch emails that may be of interest. You can unsubscribe from these emails at any time via the unsubscribe button at the bottom of the emails.

We do not use the information you provide to make any automated decisions that might affect you.

We keep your personal data for as long as we produce and distribute our newsletter. If you withdraw your consent, we will mark your details so that they are not used and delete them after two years.

When you download a free document

When you request to download a free document from our website, we ask for your name, company name (which is optional), phone number, email address and country.

We use this information to email you a link to download the requested document. We may also email or call you after your download in order to follow up on your interest in our products and services. We only contact you for up to one year after your last download, or no more than two months after the last scheduled contact, whichever is the later. We will do this based on our legitimate interest in marketing to prospects for our products and services, but you have the option to ask us not to.

Your name, phone number and email address are stored on our website which is hosted with Digital Ocean. Your details may be stored and processed within our Office 365 environment which is hosted by Microsoft within the European Economic Area (EEA).

We also share your name and email address with MailChimp so that we can send you emails to follow up on your interest in our products and services. You can unsubscribe from these emails at any time via the unsubscribe button at the bottom of the emails. We will store your data in Mailchimp for one year after your last download, and after that the data will be archived in this platform. We do not use the information you provide to make any automated decisions that might affect you.

We may share your name, email address and country with Google in order to remarket our products and services to you after you have left our website. You can update your ad preferences and settings in Google’s Ad Centre.

Your personal data is stored for one year after you requested your download, after which it is deleted.

When you submit a review about us

When you submit a review about us we record your name and your email address.

We use this information to provide verified independent views about our products and services to potential customers. Your name and the content of your review (but not your email address) may be publicly displayed on our website. We will do this based on our legitimate interest in marketing our products and services.

Your details are shared with a third party reviews system called reviews.co.uk which is based within the European Economic Area (EEA).

We do not use the information you provide to make any automated decisions that might affect you.

Your personal data is stored for as long as we are marketing the product or services that the review refers to, after which it is deleted. You may ask us to remove your review at any time.

When you take part in our feedback survey

When you take part in our feedback survey, we record your name, your email address, your organization name, your job role and your answers to questions we ask about your opinion of, and use of, our products and services.

We use this information to develop and improve our products and services and our customer relationships. Your job role, organization and some or all of your comments may be publicly displayed on our website as a testimonial. We will do this based on our legitimate interest in marketing our products and services. We may contact you using the information provided for a testimonial and/or case study.

Your details are shared with a third party surveys system, hosted by Google, which is based within the European Economic Area (EEA). We also store and process your data within our Office 365 environment which is hosted by Microsoft within the European Economic Area (EEA).

We do not use the information you provide to make any automated decisions that might affect you.

Your personal data is stored for two years, or for as long as we are marketing the product or services that the review refers to, whichever is shorter. You may ask us to remove a testimonial that is based on your feedback from our website at any time.

When you sign up to our webinars

When you sign up to our webinars, you will enter your full name and email address to register. This data will be held in Microsoft Teams Events Platform.

Your details may be stored and processed within our Office 365 environment which is hosted by Microsoft within the European Economic Area (EEA).

We also share your name and email address with MailChimp so that we can send a copy of the recording and any follow up emails that may be of interest. You can unsubscribe from these emails at any time via the unsubscribe button at the bottom of the emails. We will store your data in Mailchimp for one year after your webinar registration, and after that the data will be archived in this platform. We do not use the information you provide to make any automated decisions that might affect you.

Your rights as a data subject

By law, you can ask us what information we hold about you, and you can ask us to correct it if it is inaccurate. If we have asked for your consent to process your personal data, you may withdraw that consent at any time.

If we are processing your personal data for reasons of consent or to fulfil a contract, you can ask us to give you a copy of the information in a machine-readable format so that you can transfer it to another provider.

If we are processing your personal data for reasons of consent or legitimate interest, you can request that your data be erased.

You have the right to ask us to stop using your information for a period of time if you believe we are not doing so lawfully.

Finally, in some circumstances you can ask us not to reach decisions affecting you using automated processing or profiling.

To submit a request regarding your personal data by email, post or telephone, please use the contact information provided above in the Who Are We section of this policy.

Your right to complain

If you have a complaint about our use of your information, we would prefer you to contact us directly in the first instance so that we can address your complaint. However, you can also contact the Information Commissioner’s Office via their website at www.ico.org.uk/concerns or write to them at:

Information Commissioner’s Office

Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Within the EU, complaints should be directed to our representative within your country, a list of which can be found here:

List of EU Representatives

Updates to this privacy policy

We regularly review and, if appropriate, update this privacy policy from time to time, and as our services and use of personal data evolves. If we want to make use of your personal data in a way that we haven’t previously identified, we will contact you to provide information about this and, if necessary, to ask for your consent.

We will update the version number and date of this document each time it is changed.

We’ve helped more than 7000 businesses with their compliance

Testimonials

Great library of documents that helped tremendously in the development of our respective systems. The organization and hierarchy of the documents were easy to follow.

GC&E Systems Group, Inc.
USA

View all Testimonials