Privacy Policy

Last Updated: January 2026

Introduction

This Privacy Policy explains how deep-train collects, uses, discloses, and safeguards your information when you visit our website or engage with our services. We are committed to protecting your privacy and ensuring transparency about our data practices.

Information We Collect

Personal Information

We may collect personal information that you voluntarily provide to us when you:

• Register for training programmes
• Contact us via email
• Subscribe to our communications
• Participate in our training sessions

This information may include your name, email address, organisation name, job title, and any other details you choose to provide.

Automatically Collected Information

When you visit our website, certain information about your device and browsing actions may be automatically collected, including:

• IP address
• Browser type and version
• Operating system
• Pages visited and time spent on pages
• Referring website addresses

How We Use Your Information

We use the information we collect for the following purposes:

• To process and manage training programme registrations
• To communicate with you about our services
• To respond to your enquiries and provide customer support
• To improve our website and training programmes
• To send you information about upcoming programmes and updates (with your consent)
• To comply with legal obligations
• To protect our rights and prevent fraud

Legal Basis for Processing

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

• Contract Performance: Processing necessary to fulfill our contractual obligations when you register for training
• Legitimate Interests: Processing necessary for our legitimate business interests, such as improving our services
• Consent: Where you have given explicit consent for specific processing activities
• Legal Obligation: Where processing is required to comply with legal requirements

Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

• Service Providers: With third-party vendors who perform services on our behalf, such as payment processing or email delivery
• Legal Requirements: When required by law or to protect our rights and safety
• Business Transfers: In connection with a merger, acquisition, or sale of assets

All third-party service providers are required to maintain appropriate security measures and are prohibited from using your information for purposes other than those we specify.

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Specifically:

• Training registration data is retained for seven years for compliance purposes
• Email correspondence is retained for three years
• Website analytics data is anonymised after 24 months

Your Data Protection Rights

Under GDPR, you have the following rights:

• Right to Access: Request copies of your personal data
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data
• Right to Restrict Processing: Request limitation of how we use your data
• Right to Data Portability: Request transfer of your data to another organisation
• Right to Object: Object to our processing of your personal data
• Rights Related to Automated Decision-Making: Protection from decisions based solely on automated processing

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within one month.

Security Measures

We implement appropriate technical and organisational security measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication procedures
• Staff training on data protection

However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. When we transfer data outside the UK or European Economic Area, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission.

Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete such information.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website and updating the "Last Updated" date. Your continued use of our services after such changes constitutes acceptance of the updated policy.

Contact Information

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

deep-train Ltd
42 Kingsway House
Bristol BS1 4QP
United Kingdom
Email: [email protected]

Supervisory Authority

You have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal data violates data protection laws. In the UK, the supervisory authority is the Information Commissioner's Office (ICO).