AKE International Privacy Policy – September 2019

AKE International Ltd take the privacy and protection of your personal information seriously, we’re committed to
protecting your privacy and ensuring that any information you do share is secure and never misused.

This notice describes our Privacy Policy and forms part of our website’s Terms and Conditions (‘Website Terms’). By
accepting our Website Terms, visiting www.akegroup.com (‘the Website’) or using our services and products you are
accepting and consenting to the practices described within this Privacy Policy.

This policy explains what personal information we may collect, how we collect it and why. It describes some of the
measures we take in order to protect your personal information, who we may share it with, how and why we use it and what
your rights are.

Please read this policy carefully as it contains important information.

This Privacy Policy does not cover the links within this site linking to other websites. We encourage you to read the
privacy statements on the other websites you visit.

Who we are

AKE International Ltd (registered company number 06982794) 16 Swan Court, 9 Tanner Street, London SE1 3LE and Dovehills,
Bishops Frome WR6 5BQ

If you have any comments or concerns about any aspect of this policy, or any privacy or data protection issue, please
email us at privacy@akegroup.com or alternatively write to us at: Privacy Dept: AKE International Ltd, Dovehills,
Bishops Frome WR6 5BQ

Our commitment to protecting your privacy

  • We only collect and use the personal information we need to provide or improve our products and services
  • We will keep your personal information safe and secure
  • We will never sell or pass your details on to third-parties and only share it in the ways mentioned in this
    policy
  • We only keep your information for as long as necessary. (Deletion Policy is available upon request)
  • You may make a Subject Access Request in respect of the information we hold about you
  • We will regularly review this policy

Updating the Privacy Policy

We will regularly review our Privacy Policy and will indicate when it was last updated.

This Privacy Policy was introduced in May 2018 and last reviewed and updated in September 2019

The law

The legislation that applies to this Privacy Policy includes the:

  • Industrial Training Act 1982 and any relevant Levy Order
  • Data Protection Act 2018 (DPA)
  • EU Data Protection Directive 95/46/EC
  • Regulation of Investigatory Powers Act 2000
  • Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000
  • Electronic Communications Data Protection Directive 2002/58/EC
  • Privacy and Electronic Communications (EC Directive) Regulations 2003
  • General Data Protection Regulation (EU) 2016/679) (GDPR) as introduced into national law on 25 May 2018
  • All applicable laws, regulations and secondary legislation relating to the processing of personal data and
    privacy
  • Guidance and codes of practice issued by the Information Commissioner
  • Any successor legislation to the DPA and GDPR.

How we collect and use your information

You provide us with information when you use our websites, products, services and social media, including when you:

  • Complete online forms
  • Correspond with us by phone, email or otherwise
  • Subscribe to our services
  • Search for a product
  • Participate in promotions
  • Register to attend training courses

We collect information about you when you visit our websites through the use of cookies.

What we collect

The information we collect from you, may include:

  • Name, address, email and telephone number
  • Date of birth
  • National Insurance number
  • Financial and credit card information
  • Photograph(s)
  • IP address
  • Geographical location
  • Browser type
  • Device type
  • Operating system
  • Browsing data, such as access times
  • Navigation history
  • Physical health
  • Mental health
  • Racial or ethnic origin
  • Religious or other beliefs

How we use your information

We may use your information for one or more of the following reasons:

  • Fulfil our statutory obligations, duties and functions as a business
  • Administration of our records and accounts
  • Manage our employees, sub-contractors and interns
  • Provide training, intelligence and security services for our clients
  • Advertise, promote and market our services
  • Administer certification and qualifications
  • Perform our duties as a registered data controller
  • Confirm identities and prevent crime
  • Notify you about any changes to our services
  • Carry out our contractual obligations
  • Provide and improve our services
  • Improve the operation, security and presentation of our sites
  • Provide focused online advertising in line with your interests and preferences
  • Measure and assess the effectiveness of our online content and marketing
  • Enable you to participate in interactive features on one of our websites.

How we protect your data

We take the security of your personal information very seriously. We maintain physical, electronic and procedural
safeguards in connection with the collection, storage and disclosure of personally identifiable information. Our
security procedures mean that we may occasionally request proof of identity before we disclose personal information to
you. We carry out regular security reviews in order to maintain continuous protection. We have strict protocols around
access and ensure that staff authorised to access your data are adequately trained in line with GDPR codes of conduct.

Third-party websites you access through links on our websites will have their own privacy policies. We do not accept any
responsibility or liability for them.

Sharing your information

We will not disclose your Personal Data to any third-party except in accordance with this Privacy Policy. We may allow
third-parties to use Personal Data we hold about you in the following circumstances:

  • If we have been legitimately asked to provide information for legal or regulatory purposes or as part of legal
    proceedings
  • To help us administer accounts, services and products we have provided before, do provide now or may provide in
    the future
  • Companies and individuals that perform functions on our behalf such as
    • Fulfilling orders
    • Delivering packages
    • Sending mail via the postal system and electronically by email,
    • Analysing data
    • Providing marketing assistance
    • Administrating and distributing certification
    • Providing search results and links (including paid listings and links)
    • Processing credit and debit card payments

Those parties are bound by strict contractual provisions with us and only have access to the Personal Data needed to
perform their functions, and may not use it for other purposes. Further more, they must process the Personal Data in
accordance with this Privacy Policy and as permitted by GDPR.

As part of our legal responsibilities, we do share information where necessary with:

  • Service providers
  • Employer(s)
  • Card payment services
  • Awarding bodies
  • Funding bodies
  • Law enforcement agencies

Data transfer outside the EU

Personal data shall not be transferred to a country or territory outside the EU unless that country or territory ensures
that appropriate safeguards are in place, and on condition that enforceable data subject rights and effective legal
remedies for data subjects are available.

Cookies

When you visit AKE Groups website we place cookies on your device.

Cookies are small text files that help our websites to work and us to understand what information is most useful to our
users. They also speed things when you come back to a site. We do not use them to identify you personally.

You can delete cookies stored on your device at any time.

What we collect

Cookies allow us to gather information about your visits to our site, including your:

  • IP address
  • Geographical location
  • Browser type
  • Device type
  • Operating system
  • Browsing data, such as access times
  • Navigation history
  • Preferences

How we use your information

Cookies enable us to use google tools and services such as:

  • Google Analytics

Google Analytics helps us measure and analyse how users are using our site(s) so that we can improve their experiences.

Who has access to your information

Our staff and Google can access information related to Google Analytics cookies.

Other third-party cookies

When we use internet tools from other companies to enhance our website, these companies may also place cookies on your
devices. They include:

  • Facebook
  • Google Maps
  • Twitter
  • YouTube
  • LinkedIn

The website may include third-party advertising and links to other websites. We do not provide any personally
identifiable customer Personal Data to these advertisers or third-party websites.

Telephone

What we do

We may take personal details when you call such as name, email address phone number, this information will only be kept
if we have a legitimate reason to keep it. We may ask you for some personal information over the phone to confirm your
identity, depending on the nature of your enquiry to prevent fraud and protect your data. We may monitor and record
communications with you (including phone conversations and emails) for quality assurance and compliance.

Email and social media

There are many ways you may communicate with us online, including by:

  • Email
  • Social media (such as Facebook, LinkedIn or Twitter)

What we do

When you use email or social media it is likely you know what information you are sharing with us.

How we use and process your information, who accesses it, and how long we keep it, depends on the context in which we
collected it, but follows the terms of our Privacy Policy and UK law.

The information is handled by our authorised staff.

CCTV

Images from closed circuit television (CCTV) of a recognisable person are treated as personal data in data protection
law.

How we use CCTV

We use CCTV at Dovehills to:

  • Maintain the safety and security of our property and staff

Who has access to your information

Only authorised personnel have access to CCTV footage
Where necessary we may share the CCTV image information with:

  • The person in the image
  • Employees
  • Police
  • Security organisations
  • Individuals making an enquiry

Your rights

You can ask for a copy of your information recorded by CCTV, except in certain circumstances described by applicable
legislation. You do not have the right to instant access.

Payment details

We use your payment details to process orders and collect payments.

How we use your information

We do not use your information for any purpose you have not authorised. We process credit and debit card transactions
following the Payment Card Industry Data Security Standard (PCI DSS). Shopify / PayPal

Who has access to your information

AKE International Finance department and contracted data processors have access to your payment details to carry out
your transaction.

What we do

For bank and building society account transactions, we may make a record of your:

  • Name
  • Branch address
  • Sort code
  • Account number
  • Signature

Where possible, we only store the verification code of card transactions and other data needed to process the payment
and complete the transaction. Where this is not feasible, we use other security methods to keep your data secure. We may
process data such as the:

  • Cardholder’s name
  • Card number
  • Card security code (CSC)
  • Validity and expiry dates
  • Issue number

How long we keep it

We keep your bank or building society details for as long as you authorise and delete them when they are no longer
needed. We do not keep payment card information.

Children

Our websites, services and products are not aimed at children and we do not knowingly collect any information from them.

If we inadvertently collect information from a child, we will delete it as soon as possible.

If you know that a child has given their information to us, please contact us at privacy@akegroup.com

Your rights

Summary of your rights

You have the right to:

  • Ask for a copy of any information we hold about you
  • Withdraw any consents you have given
  • Lodge a complaint with us or the Information Commissioner’s Office or with any other relevant supervisory
    authority about how we handle your personal data
  • Ask us to correct any inaccurate or incomplete information we have about you
  • Ask us to delete your information from our records
  • Ask us to send a copy of your information to a third-party

Changing your contact preferences

You can change your contact preferences or withdraw your consents at any time by emailing us at privacy@akegroup.com

or in writing to: Privacy Dept, AKE International, Dovehill, Bishops Frome WR6 5BQ

Making a request to see your information

To see the information we hold about you, you should make a Subject Access Request in writing, including your:

  • Full name, including previous or other names, if appropriate
  • Address
  • Telephone
  • Email address

and email it to: privacy@akegroup.com or in writing to: Privacy Dept, AKE International, Dovehills, Bishops Frome WR6
5BQ

Making a complaint

If you want to make a complaint about the way we have processed your information, please either contact us at

privacy@akegroup.com or Privacy Dept, AKE International, Dovehills, Bishops Frome WR6 5BQ or the Information Commissioner’s Office

Our products and services

Booking courses

We use a booking system to register students attending our training courses.

How we use your information

We use your information to find you the right course and to process your booking.

Who has access to your information

AKE International employees who operate the course booking system, instructors delivering training courses and service
providers for accommodation and transport may have access.

What we do

We use your:

Contact details to administer the course

Identification information to prevent fraud

Profile data so we know your contact preferences and so on.

How long we keep it

We keep your profile information for no more than 3 years from the date you made your last booking, and we delete
information about the courses you attended after 3 years.

Internships

We offer a range of internships.

How we use your information

We use the information you give us to understand your career goals and development needs.

Who has access to your information

Your data will not be shared with external organisations.

What we do

We use your:

  • Contact details to ask you to confirm our records about you and to process your internship application
  • Identification information to prevent fraud
  • Achievement information to check that you have the necessary knowledge and skills
  • Profile data so we know your contact preferences and so on.

How long we keep it

  • We may keep your personal data for as long as we need to fulfil our statutory functions.
  • We keep internship records for at least 6 years.