Privacy Policy
The Northern School of Marketing Ltd
Company Number: 16519903
Registered Address: Unit 5, Harley Court, Sopwith Close, Stockton-on-Tees, TS18 3TT
Effective Date: 01/01/2025
1. Purpose of This Policy
This Privacy Policy sets out how The Northern School of Marketing Ltd collects, processes, stores and protects your personal data when you access our educational platform, courses, and services.
We are committed to ensuring that your privacy is protected and that all personal data is handled in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. Who We Are
The Northern School of Marketing Ltd is a private limited company providing digital education and training services. We act as the Data Controller for the personal data collected through our website, services, and communications.
If you have any questions about this policy, please contact:
Data Protection Officer
The Northern School of Marketing Ltd
Unit 5, Harley Court, Sopwith Close
Stockton-on-Tees, TS18 3TT
Email: [Insert contact email]
3. What Data We Collect
We may collect and process the following categories of personal data:
| Category | Examples |
|---|---|
| Identity Data | Name, date of birth, gender (if provided) |
| Contact Data | Email address, postal address, telephone number |
| Account Data | Username, password (encrypted), login activity |
| Educational Data | Course enrolment, progress, assessments, feedback |
| Payment Data | Transaction ID, billing details (processed securely via third-party providers) |
| Technical Data | IP address, browser type, device information |
| Usage Data | Pages visited, access times, platform interaction |
| Marketing Preferences | Consent records for newsletters or updates |
We do not collect or store special category data (e.g. health data, ethnicity) unless explicitly required and consented to for accessibility or learning support purposes.
4. How We Collect Your Data
We collect personal data through:
- Direct interactions (e.g. when you register, enrol, contact us)
- Automated technologies (e.g. cookies, platform usage logs)
- Third-party integrations (e.g. payment gateways or analytics tools)
5. Lawful Basis for Processing
We process your data under the following legal bases:
- Contractual necessity – to provide you with access to courses and services you have purchased.
- Legal obligation – to comply with UK law and financial regulations.
- Legitimate interests – to maintain platform security, improve services, and communicate service updates.
- Consent – for marketing communications or optional analytics and tracking cookies.
You have the right to withdraw consent at any time.
6. How We Use Your Data
We use your data for the following purposes:
- To create and manage your learner account
- To provide educational content and support
- To process payments and issue invoices
- To monitor engagement and platform performance
- To notify you of course updates or changes
- To send optional newsletters or marketing (if you have opted in)
- To meet legal, regulatory or tax obligations
We do not sell or rent your data to any third party.
7. How We Share Your Data
We only share your personal data with trusted third parties where necessary to deliver our services, including:
- Payment processors (e.g. Stripe)
- Learning management systems
- Email and communication platforms
- Analytics providers (e.g. anonymised usage reporting)
All third parties are contractually bound to handle your data securely and in accordance with UK GDPR. We will never transfer your data outside the UK without lawful safeguards in place.
8. Data Retention
We retain personal data only for as long as necessary:
| Type of Data | Retention Period |
|---|---|
| Account and course data | 6 years after last activity, unless requested for deletion |
| Financial records | 6 years (as required by UK tax law) |
| Email communications | 3 years, unless part of an active enquiry or complaint |
| Consent records | Until consent is withdrawn or no longer valid |
After the retention period, data is securely deleted or anonymised.
9. Your Rights
Under the UK GDPR, you have the following rights:
- Right to access – request a copy of your personal data
- Right to rectification – request correction of inaccurate data
- Right to erasure – request deletion of your data (“right to be forgotten”)
- Right to restrict processing – request temporary pause on processing
- Right to data portability – request data in a usable format
- Right to object – to processing under legitimate interests or direct marketing
- Right to withdraw consent – at any time where processing is based on consent
You may exercise any of these rights by contacting our Data Protection Officer. We may need to verify your identity before fulfilling requests.
10. Data Security
We implement appropriate technical and organisational measures to protect your data, including:
- Encrypted data transmission (SSL)
- Role-based access controls
- Regular platform security reviews
- Secure password management
- Staff data protection training
In the event of a data breach, we will notify affected individuals and the Information Commissioner’s Office (ICO) as required by law.
11. Cookies
Our use of cookies is governed by our [Cookies Policy]. You can manage your cookie preferences at any time using the cookie banner or your browser settings.
12. Changes to This Policy
We may update this Privacy Policy to reflect changes in law or the way we operate. The latest version will always be available on our website with a clearly marked effective date.
We recommend checking this page regularly. Significant changes will be communicated via email or platform notice.
13. Complaints
If you believe your data rights have been breached, you may raise a complaint with:
Information Commissioner’s Office (ICO)
Wycliffe House, Water Lane, Wilmslow
Cheshire, SK9 5AF
Website: www.ico.org.uk
Helpline: 0303 123 1113
We encourage you to contact us first so we can try to resolve your concerns.