Changes to this privacy notice
Our company and our data protection officer
We are Training Synergy Ltd and Premier IT Group Ltd, trading as escalla, Angel Wharf, 170 Shepherdess Walk, London, N1 7JL. We are a data controller of your personal data, and provider of your product or services.
We have a dedicated data protection officer (DPO). You can contact the DPO by emailing DPO@escalla.co.uk, or using the Contact section on our website, or by writing to the above address, marking it for the attention of the DPO.
1. What kinds of personal information about you do we process?
Personal information that we’ll process in connection with all our products and services, if relevant, includes:
- Personal and contact details, such as title, full name, address, contact details, emergency contact details
- Date of birth, gender and/or age
- Nationality and ethnicity
- Learning needs, qualifications, CV, employment history and bank details
- Company information, including company name, contact details and address, number of employees, companies house number, apprenticeship mentors
- IT systems, software applications, LMS systems, e-learning preferences
- Training suppliers and budget, and personnel responsible for buying training
- Your plans for recruitment/inductions in the future
- Records of your contact with us such as via the phone and/or email
- Products and services you hold with us, as well as have been interested in
- Marketing to you and analysing data, including history of those communications, whether you open them or click on links, and information about products or services we think you may be interested in.
2. What is the source of your personal information?
We’ll collect personal information from the following general sources:
- From you directly, through calls, registering an account on our website, email requests or enquiry forms
- Apprenticeship applications and enrolment packs
- Trade shows and events
- Training courses, webinars and seminars
- Information generated about you when you use our products and services
- Cookies via our website
- Polls and surveys
- Electronic newsletters and electronic email updates
3. What do we use your personal data for?
We use your personal data, including any of the personal data listed in section 1 above, for the following purposes:
- Tailor products or services to your training needs
- Identify relevant interested individuals or organisations for our services
- Provide relevant information about updates to our services
- Updating your records, making financial payments and recovering debt
- Add to PICS so that we can receive funding from the ESFA
- Add to relevant awarding bodies (City and Guilds and ACE) to register for and claim apprenticeship certificates on behalf of our apprentices
- Offer personalised marketing information about relevant products and/or services
- Share relevant industry news
- Manage the product or service you have with us
- Manage any aspect of the product or service
- Perform and/or test the performance of our products, services and internal processes
- Improve the operation of our business and that of our business partners
- Follow guidance and best practice under the change to rules of governmental and regulatory bodies
- Management and auditing of our business operations including accounting
- Monitor and keep records of our communications with you and our staff
- Market research and analysis and developing statistics
- Direct marketing communications and related profiling to help us to offer you relevant products and service, including deciding whether or not to offer you certain products and service. We’ll send marketing to you by email, phone, post, social media and digital channels. Offers may relate to any of our products and services such as apprenticeships, digital training and support, and local government training and information, as well as any other offers and news we think may be of interest to you
- Develop new products and services and to review and improve current products and services
- Optimising your experience of our website
- Comply with legal and regulatory obligations, requirements and guidance
- Processing payment and billing information when you register for certain paid services
- Survey replies, the information you provide will be made anonymous and aggregated with the responses of other users and used for the improvement of the services
4. What are the legal grounds for our processing of your personal information (including when we share it with others)?
We rely on the following legal bases to use your personal data:
(a) Where it is needed to provide you with our products or services, such as:
- Assessing an application for a product or service you hold with us, including considering whether or not to offer you the product, the price, the payment methods available and the conditions to attach
- Managing products and services you hold with us, or an application for one
- Updating your records, contacting you about your account and recovering debt (where appropriate)
- Sharing your personal information with internal/external business partners and services providers when appropriate
- All stages and activities relevant to managing the product or service including enquiry, application, administration and management of accounts, and information requests
(b) Where it is in our legitimate interests to do so, such as:
- Managing your products and services, updating your records, contacting you about your account and doing this for recovering debt (where appropriate)
- To perform and/or test the performance of our products, services and internal processes
- To follow guidance and recommended best practice of government and regulatory bodies
- For management and audit of our business operations including accounting
- To carry out monitoring and to keep records of our communications with you and our staff
- For market research and analysis and developing statistics
- For direct marketing communications and related profiling to help us to offer you relevant products and services, including deciding whether or not to offer you certain products and service. We will send marketing to you by email, phone, post and social media and digital channels
- Where we need to share your personal information with people or organisations in order to run our business or comply with any legal and/or regulatory obligations
(c) To comply with our legal obligations
(d) With your consent or explicit consent:
- For some direct marketing communications
- For some of our processing of special categories of personal data such as about your health, if you are a vulnerable customer or some criminal records information
(e) For a public interest, such as:
- Processing of your special categories of personal data such as about your health, criminal records information (including alleged offences), or if you are a vulnerable customer
5. When do we share your personal information?
We may share information with the following third parties for the purposes listed above:
- escalla Ltd companies and service providers
- Internal departments, including Sales, Marketing and Accounts for the purpose of quality surveys, news, and information useful to self-development
- Apprenticeship training partners, including ESFA, City and Guilds, ACE, and Skilsure
- Business partners (for example, IT providers, insurers), account beneficiaries, or others who are a part of providing your products and services or operating our business
- Governmental and regulatory bodies such as HMRC, the Financial Conduct Authority, the Prudential Regulation Authority, the Ombudsman, the Information Commissioner’s Office and under the Financial Services Compensation Scheme
- Other organisations and businesses who provide services to us such as debt recovery agencies, back up and server hosting providers, IT software and maintenance providers, document storage providers and suppliers of other back office functions
6. How and when can you withdraw your consent?
Where we’re relying upon your consent to process personal data, you can withdraw this at any time by contacting us using the details below.
7. Is your personal information transferred outside the UK or the EEA?
We’re based in the UK but sometimes your personal information may be transferred outside the European Economic Area. If we do so we’ll make sure that suitable safeguards are in place, for example by using approved contractual agreements, unless certain exceptions apply.
8. What should you do if your personal information changes?
You should tell us so that we can update our records using the details in the Contact section of our website. We’ll then update your records if we can.
9. Do you have to provide your personal information to us?
We’re unable to provide you with our products or services if you do not provide certain information to us. In cases where providing some personal information is optional, we’ll make this clear.
10. Do we do any monitoring involving processing of your personal information?
In this section monitoring means any: listening to, recording of, viewing of, intercepting of, or taking and keeping records (as the case may be) of calls, email, text messages, social media messages, in person (face to face) meetings and other communications.
We may monitor where permitted by law and we’ll do this where the law requires it, or to comply with regulatory rules, to prevent or detect crime, in the interests of protecting the security of our communications systems and procedures and for quality control and staff training purposes. This information may be shared for the purposes described above.
11. For how long is your personal information retained by us?
Unless we explain otherwise to you, we’ll hold your personal information based on the following criteria:
- For as long as we have reasonable business needs, such as managing our relationship with you and managing our operations
- For as long as we provide goods and/or services to you and then for as long as someone could bring a claim against us; and/or
- Retention periods in line with legal and regulatory requirements or guidance.
12. What are your rights under data protection laws?
Here is a list of the rights that all individuals have under data protection laws. They don’t apply in all circumstances. If you wish to use any of them, we’ll explain at that time if they are engaged or not.
- The right to be informed about the processing of your personal information
- The right to have your personal information corrected if it is inaccurate and to have incomplete personal information completed
- The right to object to processing of your personal information
- The right to restrict processing of your personal information
- The right to have your personal information erased (the “right to be forgotten”)
- The right to request access to your personal information and to obtain information about how we process it
- The right to move, copy or transfer your personal information (“data portability”)
- Rights in relation to automated decision making which has a legal effect or otherwise significantly affects you
You have the right to complain to the Information Commissioner’s Office which enforces data protection laws: https://ico.org.uk/. You can contact us using the details below.
13. Your right to object
You have the right to object to certain purposes for processing, in particular to data processed for direct marketing purposes and to data processed for certain reasons based on our legitimate interests. You can contact us by going to the Contact section of our website to exercise these rights.
14. What are your marketing preferences and what do they mean?
We may use your home address, phone number, email address and social media or digital channels to contact you according to your marketing preferences. You can stop our marketing at any time by contacting us using the details below or by following the instructions in the communication.
15. Cookies and similar technologies
We use both temporary (“session”) and persistent cookies. We use the following cookies:
- Strictly necessary cookies. These are cookies that are required for the operation of our website. including, for example, cookies that enable you to log into secure areas of our website.
- Analytical/performance cookies. These allow us to recognise and count the number of users and to see how users move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
- Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
- Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website more relevant to your interests. Where you have expressly consented, we may also share this information with third parties for this purpose.
You may delete cookies in your browser anytime and you can also block cookies from being placed by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.
In addition to our own, cookies are also placed by Google Analytics as described below.
16. Integration with third-party services
17. Links and integration with third-party websites
This website includes links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Site, we encourage you to read the privacy notice of every website you visit.
In the UK, only children aged 13 or over are able provide their own consent for online services. Children under this age need to get consent from whoever holds parental responsibility for the child – unless the online service is a preventive or counselling service.
Children have the same rights as adults over their personal data. These include the rights to access their personal data; request rectification; object to processing and have their personal data erased.
If we learn that we have collected personal information from a child under the age of 13 without verification of parental consent, we will delete that information as quickly as possible.
If you believe that we might have any unauthorised information from or about a child under 13, please contact us at DPO@escalla.co.uk.
Alternatively, you can write to escalla, Angel Wharf, 170 Shepherdess Walk, London, N1 7JL, marking it for the attention of the DPO.