Your privacy is important to us. It is The digitaltrainingdiary Ltd's policy to respect your privacy and comply with any applicable law and regulation regarding any personal information we may collect about you, including via our app, digitaltrainingdiary, and its associated services.
Personal information is any information about you which can be used to identify you. This includes information about you as a person (such as name, address, and date of birth), your devices, payment details, and even information about how you use an app or online service.
In the event our app contains links to third-party sites and services, please be aware that those sites and services have their own privacy policies. After following a link to any third-party content, you should read their posted privacy policy information about how they collect and use personal information. This Privacy Policy does not apply to any of your activities after you leave our app.
This policy is effective as of February 11, 2025.
Last updated: February 11, 2025
Information we collect falls into one of two categories: 'voluntarily provided' information and 'automatically collected' information:
We may ask for personal information — for example, when you subscribe to our newsletter or when you contact us — which may include one or more of the following:
We only collect and use your personal information when we have a legitimate reason for doing so. In which instance we only collect personal information that is reasonably necessary to provide our services to you.
We process your personal data in accordance with UK GDPR and applicable data protection laws. The legal bases for processing depend on the nature of the data and the purpose for which it is used. We rely on your consent when you voluntarily provide personal information for specific purposes, such as subscribing to updates or participating in marketing communications. You may withdraw consent at any time through the settings in your account or by contacting us directly. When processing is necessary for the performance of a contract, such as providing you with access to our platform, we process data to fulfil our obligations. We also rely on legitimate interests when processing personal information for fraud prevention, security enhancement, and service improvement, ensuring that such processing does not override your rights. In some cases, we are required to process personal information to comply with legal obligations, such as financial record-keeping or responding to regulatory inquiries.
We take all reasonable measures to protect your personal information; however, in the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify affected individuals as soon as possible and in accordance with our legal obligations. Notifications will include details of the nature of the breach, the information affected, and any recommended steps you should take to protect yourself. Where required, we will also inform the UK Information Commissioner’s Office (ICO) within the statutory timeframe. If you suspect that your personal information has been compromised, please contact us immediately.
We may collect personal information from you when you do any of the following on our app:
We may collect, hold, use and disclose information for the following purposes, and personal information will not be further processed in a manner that is incompatible with these purposes:
We may combine voluntarily provided and automatically collected personal information with general information or research data we receive from other trusted sources. For example, If you consent to us accessing your social media profiles, we may combine information sourced from those profiles with information received from you directly to provide you with an enhanced experience of our app and services.
When we collect and process personal information, and while we retain this information, we will protect it within commercially acceptable means to prevent loss and theft, as well as unauthorized access, disclosure, copying, use or modification.
Although we will do our best to protect the personal information you provide to us, we advise that no method of electronic transmission or storage is 100% secure and no one can guarantee absolute data security.
You are responsible for selecting any password and its overall security strength, ensuring the security of your own information within the bounds of our services. For example, ensuring any passwords associated with accessing your personal information and accounts are secure and confidential.
We keep your personal information only for as long as we need to. This time period may depend on what we are using your information for, in accordance with this privacy policy. For example, if you have provided us with personal information as part of creating an account with us, we may retain this information for the duration your account exists on our system. If your personal information is no longer required for this purpose, we will delete it or make it anonymous by removing all details that identify you.
However, if necessary, we may retain your personal information for our compliance with a legal, accounting, or reporting obligation or for archiving purposes in the public interest, scientific, or historical research purposes or statistical purposes.
We may disclose personal information to:
Third parties we currently use include:
The personal information we collect is stored and/or processed in United Kingdom, or where we or our partners, affiliates, and third-party providers maintain facilities.
The countries to which we store, process, or transfer your personal information may not have the same data protection laws as the country in which you initially provided the information. If we transfer your personal information to third parties in other countries: (i) we will perform those transfers in accordance with the requirements of applicable law; and (ii) we will protect the transferred personal information in accordance with this privacy policy.
Your choice: By providing personal information to us, you understand we will collect, hold, use, and disclose your personal information in accordance with this privacy policy. You do not have to provide personal information to us, however, if you do not, it may affect your use of our app or the products and/or services offered on or through it.
Information from third parties: If we receive personal information about you from a third party, we will protect it as set out in this privacy policy. If you are a third party providing personal information about somebody else, you represent and warrant that you have such person’s consent to provide the personal information to us.
Marketing permission: If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by contacting us using the details below.
Access: You may request details of the personal information that we hold about you.
Correction: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading, please contact us using the details provided in this privacy policy. We will take reasonable steps to correct any information found to be inaccurate, incomplete, misleading, or out of date.
Non-discrimination: We will not discriminate against you for exercising any of your rights over your personal information. Unless your personal information is required to provide you with a particular service or offer (for example serving particular content to your device), we will not deny you goods or services and/or charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties, or provide you with a different level or quality of goods or services.
Notification of data breaches: We will comply with laws applicable to us in respect of any data breach.
Complaints: If you believe that we have breached a relevant data protection law and wish to make a complaint, please contact us using the details below and provide us with full details of the alleged breach. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint. You also have the right to contact a regulatory body or data protection authority in relation to your complaint.
Unsubscribe: To unsubscribe from our email database or opt-out of communications (including marketing communications), please contact us using the details provided in this privacy policy, or opt-out using the opt-out facilities provided in the communication. We may need to request specific information from you to help us confirm your identity.
Users have the right to request the deletion of their personal data where it is no longer necessary for the purposes for which it was collected or processed. Requests for data deletion can be made by contacting the support team via the provided email address. Upon verification of identity, we will process deletion requests within a reasonable timeframe, subject to any legal obligations requiring the retention of certain data for compliance, dispute resolution, or legitimate business purposes. Some information may be retained in anonymised form to ensure compliance with legal or regulatory obligations without directly identifying an individual. If a request for deletion is approved, users may lose access to their accounts and any associated data, including purchased services or content. Users are advised to back up any necessary data before requesting deletion, as this process is irreversible once completed.
When a user requests deletion of their personal data, the primary account information and associated records will be removed from active systems within a reasonable timeframe. However, residual copies of deleted data may persist in our backup systems for a limited duration due to operational, legal, or regulatory requirements. Backup copies are stored in secure, restricted-access environments and are retained for a period not exceeding six months, after which they are permanently erased. During this retention period, backup data is not accessible for regular business operations and will only be used for data recovery in cases of system failure, legal compliance, or security audits. In situations where legal or regulatory obligations require us to retain certain records for a longer period, those obligations shall take precedence over the deletion request.
When a user requests account deletion, personal data is removed from active databases in accordance with our standard deletion processes. However, due to operational, financial, and legal obligations, certain data may be retained for compliance purposes. Transactional data related to purchases or financial records will be retained for a period of seven years to comply with tax, audit, and accounting regulations. Other non-financial personal data may be retained for up to twelve months in limited cases where required for fraud prevention, dispute resolution, or law enforcement requests. Once the mandatory retention period expires, all such data will be permanently erased. Users should be aware that any content shared with other users or posted in public areas of the platform may remain visible even after account deletion unless explicitly removed under applicable laws.
As part of our app distribution and functionality, certain user data may be shared with Google and Apple in compliance with their respective developer agreements, app store policies, and privacy requirements. This includes anonymised analytics, crash reports, and usage statistics required for app performance monitoring, improvement, and compliance with their store policies. If a user makes an in-app purchase through Google Play or the Apple App Store, payment processing and transaction details are handled by these platforms, and we do not store or process full payment information. Users are encouraged to review Google's Privacy Policy and Apple's Privacy Policy for details on how these platforms handle user data. We do not share personally identifiable information (PII) with Google or Apple unless explicitly required by law or necessary for compliance with platform policies.
Our app may integrate third-party Software Development Kits (SDKs) to enhance functionality, including payment processing, analytics, and social media interactions. The SDKs we currently use include, but are not limited to:
Each third-party provider processes user data in accordance with UK GDPR and has its own privacy policy detailing how they manage data. Users can find information on these providers’ data handling practices via their respective privacy policies. If users wish to limit data collection via these third parties, they can adjust permissions in their device settings or contact us to manage their data preferences.
Our privacy policy covers the use of cookies between your device and our servers. A cookie is a small piece of data that an app may store on your device, typically containing a unique identifier that allows the app servers to recognise your device when you use the app; information about your account, session and/or device; additional data that serves the purpose of the cookie; and any self-maintenance information about the cookie itself.
We use cookies to give your device access to core features of our app, to track app usage and performance on your device, to tailor your experience of our app based on your preferences, and to serve advertising to your device. Any communication of cookie data between your device and our servers occurs within a secure environment.
Please refer to our Cookie Policy for more information.
If we or our assets are acquired, or in the unlikely event that we go out of business or enter bankruptcy, we would include data, including your personal information, among the assets transferred to any parties who acquire us. You acknowledge that such transfers may occur, and that any parties who acquire us may, to the extent permitted by applicable law, continue to use your personal information according to this policy, which they will be required to assume as it is the basis for any ownership or use rights we have over such information.
Our app may link to external sites that are not operated by us. Please be aware that we have no control over the content and policies of those sites, and cannot accept responsibility or liability for their respective privacy practices.
At our discretion, we may change our privacy policy to reflect updates to our business processes, current acceptable practices, or legislative or regulatory changes. If we decide to change this privacy policy, we will post the changes here.
If the changes are significant, or if required by applicable law, we will contact you (based on your selected preferences for communications from us) and all our registered users with the new details and links to the updated or changed policy.
If required by law, we will get your permission or give you the opportunity to opt in to or opt out of, as applicable, any new uses of your personal information.
The GDPR distinguishes between organisations that process personal information for their own purposes (known as “data controllers”) and organizations that process personal information on behalf of other organizations (known as “data processors”). For the purposes covered by this Privacy Policy, we are a Data Controller with respect to the personal information you provide to us and remain compliant with our data controller obligations under GDPR.
We may indirectly collect personal information about you from third-parties who have your permission to share it. For example, if you purchase a product or service from a business working with us, and give your permission for us to use your details in order to complete the transaction.
We may also collect publicly available information about you, such as from any social media and messaging platforms you may use. The availability of this information will depend on both the privacy policies and your own privacy settings on such platforms.
In addition to the aforementioned purposes warranting the collection and use of personal information, we may also conduct marketing and market research activities, including how visitors use our site, website improvement opportunities and user experience.
If your personal information is no longer required for our stated purposes, or if you instruct us under your Data Subject Rights, we will delete it or make it anonymous by removing all details that identify you (“Anonymisation”). However, if necessary, we may retain your personal information for our compliance with a legal, accounting, or reporting obligation or for archiving purposes in the public interest, scientific, or historical research purposes or statistical purposes.
Data Protection and Privacy Laws permit us to collect and use your personal data on a limited number of grounds.. In which case, we will collect and use your personal information lawfully, fairly and in a transparent manner. We never directly market to any person(s) under 18 years of age.
Our lawful bases depend on the services you use and how you use them. This is a non-exhaustive list of the lawful bases we use:
Where you give us consent to collect and use your personal information for a specific purpose. You may withdraw your consent at any time using the facilities we provide; however this will not affect any use of your information that has already taken place. When you contact us, we assume your consent based on your positive action of contact, therefore you consent to your name and email address being used so we can respond to your enquiry.
Where you agree to receive marketing communications from us, we will do so based solely on your indication of consent or until you instruct us not to, which you can do at any time.
While you may request that we delete your contact details at any time, we cannot recall any email we have already sent. If you have any further enquiries about how to withdraw your consent, please feel free to enquire using the details provided in the Contact Us section of this privacy policy.
Where you have entered into a contract or transaction with us, or in order to take preparatory steps prior to our entering into a contract or transaction with you. For example, if you contact us with an enquiry, we may require personal information such as your name and contact details in order to respond.
Where we assess it is necessary for our legitimate interests, such as for us to provide, operate, improve and communicate our services. We consider our legitimate interests to include research and development, understanding our audience, marketing and promoting our services, measures taken to operate our services efficiently, marketing analysis, and measures taken to protect our legal rights and interests.
In some cases, we may have a legal obligation to use or keep your personal information. Such cases may include (but are not limited to) court orders, criminal investigations, government requests, and regulatory obligations. For example, we are required to keep financial records for a period of 7 years. If you have any further enquiries about how we retain personal information in order to comply with the law, please feel free to enquire using the details provided in the Contact Us section of this privacy policy.
The personal information we collect is stored and/or processed in the United Kingdom by us. Following an adequacy decision by the EU Commission, the UK has been granted an essentially equivalent level of protection to that guaranteed under UK GDPR.
On some occasions, where we share your data with third parties, they may be based outside of the UK, or the European Economic Area (“EEA”). These countries to which we store, process, or transfer your personal information may not have the same data protection laws as the country in which you initially provided the information.
If we transfer your personal information to third parties in other countries:
Right to Restrict Processing: You have the right to request that we restrict the processing of your personal information if (i) you are concerned about the accuracy of your personal information; (ii) you believe your personal information has been unlawfully processed; (iii) you need us to maintain the personal information solely for the purpose of a legal claim; or (iv) we are in the process of considering your objection in relation to processing on the basis of legitimate interests.
Right to Object: You have the right to object to processing of your personal information that is based on our legitimate interests or public interest. If this is done, we must provide compelling legitimate grounds for the processing which overrides your interests, rights, and freedoms, in order to proceed with the processing of your personal information.
Right to be Informed: You have the right to be informed with how your data is collected, processed, shared and stored.
Right of Access: You may request a copy of the personal information that we hold about you at any time by submitting a Data Subject Access Request (DSAR). The statutory deadline for fulfilling a DSAR request is 30 calendar days from our receipt of your request.
Right to Erasure: In certain circumstances, you can ask for your personal data to be erased from the records held by organisations. However this is a qualified right; it is not absolute, and may only apply in certain circumstances.
When may the right to erasure apply?
Right to Portability: Individuals have the right to get some of their personal data from an organisation in a way that is accessible and machine-readable, for example as a csv file. Associated with this, individuals also have the right to ask an organisation to transfer their personal data to another organisation.
However, the right to portability:
Right to Rectification: If personal data is inaccurate, out of date, or incomplete, individuals have the right to correct, update or complete that data. Collectively this is referred to as the right to rectification. Rectification may involve filling the gaps i.e. to have to have incomplete personal data completed – although this will depend on the purposes for the processing. This may involve adding a supplementary statement to the incomplete data to highlight any inaccuracy or claim thereof.
This right only applies to an individual’s own personal data; a person cannot seek the rectification of another person’s information.
Notification of data breaches: Upon discovery of a data breach, we will investigate the incident and report it to the UK’s data protection regulator and yourself, if we deem it appropriate to do so.
Complaints: You have the right, at any time, to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance using the details below. Please provide us with as much information as you can about the alleged breach. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint.
To enquire about The digitaltrainingdiary Ltd's privacy policy, or to report violations of user privacy, you may contact our Data Protection Officer using the details in the Contact us section of this privacy policy.
If we fail to resolve your concern to your satisfaction, you may also contact the Information Commissioner’s Office (ICO), the UK Data Protection regulator:
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Tel: 0303 123 1113 (local rate)
Website: www.ico.org.uk
For any questions or concerns regarding your privacy, you may contact us at:
Toby Eager-Wright
Email: privacy@digitaltrainingdiary.com