20:20 Innovation Training Limited (‘20:20’, ‘we’, ‘our’) take our responsibilities for looking after the privacy of your personal data very seriously. The General Data Protection Regulations (GDPR), the Data Protection Act 2018 and Privacy and Electronic Privacy Regulations (PECR), along with any other applicable legislation provide the framework for how we do this.
We act as a Data Controller for the personal data we process about our employees; our customers and suppliers (current and prospective); our visitors; enquirers and those who engage with our website and directly with us.
Where our website contains links to the websites of our partner networks, advertisers and any other third parties, please note that these websites will have their own privacy policies and that we do not accept any responsibility or liability for these policies.
The following are examples of types of personal data that we may collect. The specific kind of information collected by us will depend on the Services provided:
Customer / Marketing Contact / Website visitors:
How is the data collected?
We may collect data (which may include personal data about you) in a variety of ways:
Marketing Contact information will be shared with “partners” where a) we host a joint partner webinar and it will be made clear on the relevant web page if this is a Partner webinar and b) we host a roadshow where we specify your details will be passed to the partners exhibiting at that roadshow. The only other time we would share your data with a third party is when a telemarketing firm may do telephone follow-up on our behalf.
Visitors / Others:
All Cookies used by and on Our Site are used in accordance with current UK and EU Cookie Law. Before Cookies are placed on your computer or device you will be shown a pop-up message requesting your consent to set those Cookies. By giving your consent to the placing of Cookies you are enabling Us to provide the best possible experience and service to you. You may, if you wish, deny consent to the placing of Cookies; however certain features of Our Site may not function fully or as intended.
You can choose to enable or disable Cookies in your internet browser. Most internet browsers also enable you to choose whether you wish to disable all cookies or only third party cookies. By default, most internet browsers accept Cookies but this can be changed. For further details, please consult the help menu in your internet browser or the documentation that came with your device.
The cookies in use on this site are as follows:
|SPSI||Used by the WAF, Stackpath. Sets a unique ID for the session.
This allows the website to obtain data on visitor behaviour for statistical purposes.
|SPSE||Stackpath. Ensures visitor browsing-security by preventing cross-site request forgery. This cookie is essential for the security of the website and visitor.||Necessary||Session|
|spcsrf||Stackpath. Ensures visitor browsing-security by preventing cross-site request forgery. This cookie is essential for the security of the website and visitor.||Necessary||Session|
|sp_lit||Stackpath. Used in order to detect spam and improve the website's security. Does not store visitor specific data.||Necessary||Session|
|PRLST||Used in order to detect spam and improve the website's security. Does not store visitor specific data.||Fucntional||Session|
|UTGv2||Used in order to detect spam and improve the website's security. Does not store visitor specific data.||Functional||6 months|
|ad0tr||Stackpath. Used in order to detect spam and improve the website's security. Does not store visitor specific data.||Functional||Session|
|laravel_session||Cookie used to help prevent Cross-site request forgery.||Necessary||Session|
|CraftSession Id||Used to maintain sessions across web requests via the PHP session cookie||Necessary|
|euconsent||Used to remember cookie consent selection||Necessary||14 months|
|CRAFT_CSRF_TOKEN||Cookie used to help prevent Cross-site request forgery.||Necessary||Session|
|_ga||This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site’s analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.||2 years||Analytics|
|_gid||This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the wbsite is doing. The data collected including the number visitors, the source where they have come from, and the pages viisted in an anonymous form.||1 day||Analytics|
|_gat_gtag_UA_108249849_1||Google uses this cookie to distinguish users.||1 minute||Analytics|
Under the GDPR there are six lawful bases under which organisations can collect, use and store (called “processing”) personal data. We have identified four which we rely upon for our business activities: Consent, Contractual, Legitimate Interests and Legal Obligation.
Contractual: in many circumstances we rely on the lawful basis of “performance of a contract”. This enables us to process your personal data to provide the services you buy from us (or in preparation for the contract).
Consent: in some circumstances we rely on your specific consent, whereby you actively agree and “opt-in”. We will always make it clear how you can withdraw you consent, which you can do at any time.
Legal Obligation: there will be circumstances under which we are legally obliged to hold your personal data or are required to disclose it to a third party by law. This will apply for certain tax or other regulatory purposes.
Legitimate Interests: for some of our activities we rely on our legitimate business interests to collect and use your personal data. In such cases, we have been very careful to balance our interests with yours. We are confident that these activities will not have any negative impact on your privacy rights and freedoms.
We specifically rely on Legitimate Interests to:
You can always object to our marketing messages by opting out, either by contacting our Data Protection Manager or by clicking the subscription preferences link in the footer of every email we send.
If you wish to object to our reliance on Legitimate Interests for any other purpose please contact the Data Protection Manager at firstname.lastname@example.org.
We may contact you to tell you about our products, services and offerings (or updates to them) using information that you have provided to us, or that we have collected through third parties (e.g. external marketing companies).
We will only send you direct marketing communications:
You can stop receiving direct marketing communications from us at any time. We provide a clear and easy way for you to do this for by including a subscription preferences link in the footer of every email we send.
For electronic marketing communications we adhere to the rules of the Privacy and Electronic Communications Regulations (PECR).
The data we collect is only used for internal review and to contact you for marketing purposes. It is not shared with other organizations for commercial purposes.
"We partner with Microsoft Clarity and Microsoft Advertising to capture how you use and interact with our website through behavioral metrics, heatmaps, and session replay to improve and market our products/services. Website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products/services and online activity. Additionally, we use this information for site optimization, fraud/security purposes, and advertising. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement."
Your personal data may be processed in any of the following ways:
You have the right to OPT-OUT at any time by contacting us by the below listed details.
We may collect information about your computer (or other device) that does not, by itself, identify you by name. This may include (where available) your IP address, operating system and browser type. This helps with our system administration and allows us to report aggregate information – statistical data about our users’ browsing actions and patterns. The purpose of the data is to improve effectiveness of the site, to help diagnose problems and to administer the sites.
Cookies and information gathering tools
You can learn more about Cookies and how they are used here:
20:20 Innovation may collect data (which may include personal data about you) in a variety of ways:
Contractual: in many circumstances we rely on the lawful basis of “performance of a contract” – it is necessary for us to process your information to fulfil the requirements of your employment contract.
Consent: in some circumstances we rely on your specific consent, whereby you actively agree and “opt-in”. We will always make it clear how you can withdraw you consent at any time.
Legal Obligation: there will be circumstances under which we are legally obliged to hold your personal data or required to disclose it to a third party by law. This will apply to many aspects of the data we may process if you are an employee of 20:20 Innovation.
Legitimate Interests: for some of our activities we rely on our legitimate business interests to collect and use your personal data. In such cases, we have balanced our interests with yours and do not believe these activities will have an overriding negative impact on your privacy rights and freedoms.
20:20 Innovation is headquartered in the United Kingdom. The data that we collect may be processed, transferred to, and stored at our various service (including home working) and data centre locations. Where possible we ensure this processing is conducted within the European Economic Area (‘EEA’), but on occasion processing may happen outside of the EEA. Where this is the case, we ensure we have suitable legal and contractual protection in place in our data transfer/processing agreements.
20:20 Innovation will take all reasonable steps necessary to ensure that your data is treated securely, with appropriate technical and organizational measures, and in accordance with this privacy notice.
If you would prefer us not to:
…then please contact us at: email@example.com.
Under data protection law, you have rights we need to make you aware of. The rights available to you depend on our reason for processing your information.
a) Your right of access
You have the right to ask us for copies of your personal information. This right always applies. There are some exemptions, which means you may not always receive all the information we process.
b) Your right to rectification
You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. This right always applies.
c) Your right to erasure
You have the right to ask us to erase your personal information in certain circumstances.
d) Your right to restriction of processing
You have the right to ask us to restrict the processing of your information in certain circumstances.
e) Your right to object to processing
You have the right to object to processing if we are processing your information under the legitimate interests lawful basis.
f) Your right to data portability
This only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organisation to another, or give it to you. The right only applies if we are processing information based on your consent, or under/in talks about entering into a contract and the processing is automated.
You are not required to pay any charge for exercising your rights. We have one month to respond to you.
Please contact us at firstname.lastname@example.org if you wish to make a request.
If you have queries or concerns, please contact us at email@example.com and we’ll respond.
If we fail to address your concerns, you can make a complaint about the way we process your personal information to the Information Commissioner’s Office (the ICO) as the UK supervisory authority. Please follow this link to see how to do that https://ico.org.uk/make-a-comp....
In accordance with 20:20 Innovation policies, we are committed to protect any personal data divulged to us. 20:20 Innovation have implemented appropriate security measures, technologies and procedures in order to protect your personal data from loss, misuse, alteration or destruction. Our management team, employees and partners are required to keep personal data confidential.
Unfortunately, the transmission of information via the internet (by way of an email or other) is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site – any transmission is at your own risk. Once we have received your information, we will use internal procedures and security features in an attempt to prevent unauthorised access.
20:20 Innovation retains information for legitimate business or legal purposes. We will not hold information for any longer than is reasonably necessary to fulfil the purposes for which it was collected.