Privacy Policy
- Last Updated:
Introduction
RKMS Academy, a service provided by Rosewood Management Services Limited, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal information when you engage with our training services. It also outlines your rights regarding your data and how you can manage or request access to it.
By using RKMS Academy’s services, you agree to the collection and use of your information in accordance with this policy.
Who We Are
RKMS Academy is operated by Rosewood Management Services Limited, a company registered in the UK. We offer both online and in-person training courses aimed at helping individuals and businesses achieve compliance in areas such as ISO certification, health and safety, and Lean management.
For questions or requests related to your data, please contact our Data Protection Officer at admin@rkmsuk.co.uk.
What Information We Collect
We collect several types of information for various purposes, including to provide and improve our training services.
Types of Information Collected:
- Personal Information:
- Name
- Email address
- Contact details
- Job title and company information
- Uploaded Data:
You may upload various types of data as part of the training process, including:- Compliance-related documentation
- Audit records
You are responsible for ensuring that any data uploaded complies with applicable laws.
- Usage Data:
We collect information on how you access and use RKMS Academy services, including:- Device information (e.g., desktop or mobile)
- IP address
- Pages visited and time spent on the platform
- System activity and feature usage
- Cookies and Tracking Technologies:
We use cookies to improve user experience and analyse site traffic. More information is available in the Cookie Policy below.
Collection of Information from Minors
We understand the importance of protecting the privacy and personal data of minors. If a participant is under the age of 18 (or 16, depending on course eligibility), specific provisions apply to the collection and processing of their personal information.
Parental or Guardian Consent
For any participant under the age of 18, we require verifiable consent from a parent or legal guardian before collecting or processing their personal data. It is the responsibility of the participant to inform us if they are under 18 and require parental or guardian consent. By enrolling a minor in a course, the parent or guardian agrees to our Terms and Conditions and this Privacy Policy on behalf of the minor.
Types of Data Collected from Minors
We only collect the information necessary to provide educational services to minors, which may include:
- Name
- Contact details (such as email or phone number)
- Course participation and progress
- Assessment results
We do not collect any unnecessary personal data or sensitive information from minors unless explicitly required for a course or as required by law.
Data Use and Protection for Minors
Personal data collected from minors is solely used for the purpose of delivering our training services, including providing access to course materials, assessments, and issuing certificates of completion. We do not use this data for marketing purposes, and minors will not receive any marketing communications.
We take additional measures to protect minors’ personal data by:
- Limiting data access to employees or third-party service providers who are essential for course delivery.
- Implementing security measures such as encryption to ensure the protection of minors’ personal information.
Parental Rights
Parents or legal guardians of minors have the following rights in relation to their child’s personal data:
- Right of Access: You may request to view the personal information we hold about your child.
- Right to Rectification: If any data is inaccurate, you can request that we correct it.
- Right to Erasure: You may request that we delete your child’s personal data, subject to certain legal or contractual obligations.
- Right to Withdraw Consent: Consent for data processing can be withdrawn at any time. If consent is withdrawn, we may no longer be able to provide access to the course or issue certification.
To exercise these rights, please contact our Data Protection Officer at admin@rkmsuk.co.uk.
Data Retention for Minors
We retain personal data for minors only as long as necessary to provide the educational service or to meet legal or regulatory requirements. Once a course is completed, or if the account is inactive for a certain period, personal data will be deleted in accordance with our data retention policies.
Compliance with UK GDPR
We comply with the UK General Data Protection Regulation (UK GDPR) when processing the personal data of minors. For participants under the age of 16, we will seek parental consent in jurisdictions where this is a legal requirement.
How We Use Your Information
We use the information you provide to:
- To Provide and Improve the Service:
- Set up and manage your account.
- Provide you with access to the platform’s features and training materials.
- Send service-related communications, such as updates or notifications.
- Ensure the security and stability of the platform.
- To Communicate with You:
We may use your contact information to:- Send marketing emails, if you have consented.
- Inform you about new courses, promotions, or updates.
You can unsubscribe from marketing emails at any time by following the “unsubscribe” link at the bottom of the email or by contacting us directly.
- To Improve Our Platform:
We may analyse usage data to understand how our services are being used in order to enhance the user experience and introduce new features.
Legal Basis for Processing (GDPR)
Under GDPR, we process personal data on the following legal bases:
- Contract Performance: We need to process your data to provide the RKMS Academy services you signed up for.
- Legitimate Interest: To improve and optimise our training services, including analysing user behavior and usage patterns.
- Consent: For sending marketing communications, cookies, and targeted ads (with user opt-in).
- Legal Obligation: To comply with applicable laws, such as financial record-keeping.
Data Retention
We retain your personal data and uploaded information according to the following policies:
- After Cancellation: Your data will be retained for 18 months after account cancellation. During this period, you may reactivate your account and regain access to your data. After 18 months, all data will be permanently deleted and cannot be retrieved.
- Inactivity: If your account is inactive for 6 months and is not associated with an active system, we will delete your account and all associated data.
Some data may be retained beyond these periods if necessary for legal, tax, or audit purposes.
International Data Transfers
We use third-party service providers such as Google Analytics and MailerLite, which may process or transfer your data outside the UK or EU. Where international data transfers occur, we ensure appropriate safeguards, such as Standard Contractual Clauses (SCCs), are in place to protect your personal information.
Your Rights Under GDPR
As a user, you have the following rights under GDPR:
- Right to Access: You can request a copy of the personal data we hold about you.
- Right to Rectification: You can ask us to correct any inaccurate or incomplete data.
- Right to Erasure: You can request that we delete your personal data (subject to certain legal conditions).
- Right to Restrict Processing: You can request that we limit how we use your data.
- Right to Data Portability: You can request a copy of your data in a machine-readable format.
- Right to Object: You can object to our use of your data for direct marketing or legitimate interest processing.
To exercise any of these rights, please contact us at admin@rkmsuk.co.uk. We aim to respond to all requests within 30 days.
Third-Party Services
We may share your data with trusted third-party service providers to help us deliver our services. These providers include:
- Payment processors (e.g., Stripe, GoCardless)
- Cloud storage providers (e.g., AWS, Google Cloud)
- Marketing platforms (e.g., MailerLite, HubSpot)
- Analytics tools (e.g., Google Analytics)
These third-party services process your data in accordance with their own privacy policies.
Cookies and Tracking Technologies
We use cookies to track user activity and enhance your experience. Types of cookies used include:
- Essential Cookies: Required for the platform to function.
- Analytics Cookies: Used to collect data on how users interact with the platform.
- Marketing Cookies: Used for personalised advertising and remarketing.
You can manage your cookie preferences through the cookie banner on our site. By using our platform and services, you consent to the use of cookies as described in this policy. You can disable cookies through your browser settings, but this may affect the functionality of the platform.
For more detailed information on how we use cookies, please contact us at admin@rkmsuk.co.uk.
Data Security
We are committed to protecting your data. We use a variety of security measures, including:
- Encryption of data in transit and at rest.
- Firewalls and secure server environments.
- Regular security audits and monitoring.
Although we take precautions to safeguard your information, no method of transmission over the internet or method of electronic storage is 100% secure. In the event of a data breach, we will notify you via email and relevant authorities within 72 hours if there is a risk to your data.
Automated Decision-Making and Profiling
Currently, RKMS Academy does not use automated decision-making or profiling. Should this change in the future, we will update this policy and provide you with details on how these processes work and how you can opt out.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Significant changes will be communicated to users via email, an in-platform banner, or other methods. You are encouraged to review this Privacy Policy periodically.
By continuing to use RKMS Academy after changes are made, you agree to the updated Privacy Policy.
Contact Us
If you have any questions or concerns about this Privacy Policy or your data, please contact us at:
Unit 4, The Pavilions, Avroe Crescent, Blackpool, FY4 2DP
Email: admin@rkmsuk.co.uk
Phone: 0300 373 0128