Gateway Training CIC

Last Updated: November 2025

Gateway Training CIC ("we," "us," "our," or "Company") is committed to protecting your privacy and ensuring you have a positive experience on our website and when using our services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, contact us for training services, or participate in our training programs.

Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our services.

We may collect information about you in the following ways:

• Contact Information: When you contact us through our website, email, or phone, we collect your name, email address, phone number, company name, and job title.
• Training Enquiries: When you request information about or book a training course, we collect details about your training needs, the number of participants, preferred dates, and location.
• Participant Information: For training delivery, we collect names, job titles, and emergency contact information for course participants.
• Payment Information: If applicable, we collect billing address and payment details (processed securely through third-party payment processors).
• Health and Safety Information: For First Aid at Work and other training, we may collect relevant health information disclosed by participants for safety purposes.

• Website Usage: We may collect information about your interactions with our website, including pages visited, time spent on pages, and links clicked.
• Device Information: We may collect information about the device you use to access our website, including browser type, IP address, and operating system.
• Cookies: We use cookies and similar tracking technologies to enhance your experience (see Section 8).

We use the information we collect for the following purposes:

• To provide, deliver, and improve our training services
• To respond to your enquiries and communicate with you about training
• To process bookings and payments
• To send confirmatory and reminder communications about training
• To comply with legal and regulatory obligations (e.g., Health and Safety at Work Act 1974)
• To evaluate and improve our services
• To prevent fraud and enhance security
• To conduct anonymous market research and analytics
• To meet safeguarding and duty of care requirements related to training delivery

We process your personal data based on the following legal grounds:

• Contract: Processing is necessary to perform our training services contract with you
• Legal Obligation: We process data to comply with health and safety, employment law, and other legal requirements
• Legitimate Interests: We process data to improve our services, prevent fraud, and operate our business effectively
• Consent: Where you have explicitly agreed to us processing your data for specific purposes (e.g., marketing communications)

We do not sell your personal information. However, we may share your information with:

• Employers/Organisations: We share participant information with the organisation that booked the training, as necessary for course delivery and reporting
• Service Providers: Third parties who assist us in delivering services (e.g., payment processors, email providers, website hosts) under strict confidentiality agreements
• Legal Requirements: We may disclose information when required by law or to protect the safety and rights of individuals
• Training Records: We maintain training records and certificates as required by law and may share summary information with relevant regulatory bodies if required

We retain your personal information for the following periods:

• Enquiry Information: Retained for 12 months or until the enquiry is resolved
• Training Participants: Records retained for a minimum of 7 years (in compliance with Health and Safety regulations) or longer if legally required
• Marketing Communications: Retained while you remain subscribed; deleted upon request
• Payment Records: Retained for 6 years (as required by tax and accounting regulations)

Under data protection law, you have the following rights:

• Right of Access: You can request a copy of the personal data we hold about you
• Right to Rectification: You can request correction of inaccurate or incomplete data
• Right to Erasure: You can request deletion of your data (subject to legal obligations)
• Right to Restrict Processing: You can request limitation on how we use your data
• Right to Data Portability: You can request your data in a structured format
• Right to Object: You can object to processing of your data for marketing or certain other purposes
• Right to Withdraw Consent: You can withdraw consent to process your data at any time

To exercise any of these rights, please contact us using the details in Section 12.

Our website may use cookies and similar tracking technologies to improve your experience. Cookies are small text files stored on your device. You can control cookies through your browser settings. Disabling cookies may affect your ability to use certain website features.

We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, and destruction. However, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.

All payment information is processed through secure, encrypted connections. We do not store full credit card details.

As our business operates within the UK and EU, we primarily process data within these regions in compliance with GDPR. If we transfer data outside these areas, we ensure appropriate safeguards are in place.

Our services are not directed to children under 13. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with information, we will take steps to delete such information and terminate the child's involvement with our services.

If you have questions about this Privacy Policy, wish to exercise your rights, or have concerns about how we handle your data, please contact us:

Gateway Training CIC

Email: bekah@gatewaytrainingcic.co.uk

Phone: 07568161302

Address: Dover, Kent

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of significant changes by updating the "Last Updated" date and posting the revised policy on our website. Your continued use of our services constitutes your acceptance of the updated Privacy Policy.

If you are unhappy with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Information Commissioner's Office (ICO) Website: www.ico.org.uk Phone: 0303 123 1113