General Data Protection Regulation – Article 13 Fair Processing Notice
At Athene Training Ltd we respect our duty to protect your personal data. In this situation, we are the data controller and you can contact us on firstname.lastname@example.org.
Athene Training is a company registered in England with company number: 11116181
Athene Training is registered at: Athene Training Ltd, Izabella House, 24-26 Regents Place, Birmingham B1 3NJ, UNITED KINGDOM
We don’t have a Data Protection Officer because we don’t process data in a way that requires one under the regulation. We wish we did, because that would mean we were training thousands of people and helping them to get on in their careers.
We record as little data as possible in order to help you to book onto a course and begin your training.
Your name is collected because we like to know who we’re talking to and we collect your contact details (name, address, telephone number) in order to help you to book a course.
This is part of the contract between you and Athene Training Ltd and if we didn’t have that personal data we wouldn’t be able to book you onto the course (our email server can’t deliver to “someone with an email address” as their, ahem, email address and the postal service won’t deliver if we send any snail mail to “Our nice new customer from yesterday” so we really do need this data).
For payment for the courses (hey – we can’t do this for free…) we need the following additional information;
- unique customer identifier – your not just a number to us, but – payment processors..?
- order ID – this is so that the payment can be tracked back to you
- bank account details – for payment
- payment card details – also for payment
- card expiration date – we need this in order to process payment
- CVC code – and we need this to process payment, too.
- date/time/amount of transaction – for our payment, refunds, dispute resolution
- merchant name/ID – that’ll be us
- location – most probably “the internet” but probably includes where your card is registered
We hold onto that information for as long as HMRC and the tax laws require (to cover you, as well as us) if you buy a course.
If you decide to book elsewhere we would be mortified(!) we would delete your data within three months.
We do the same for any emails from people who decide not to use our services because we know that having your email address on a huge cc: list is as welcome as a wasp in a jam jar. It’s also a breach, so if we don’t store your email address, guess what? Yes – it can’t be breached.
Processors (companies we use to process your booking)
The software we use for bookings, Bookeo, is from an Australian supplier, but all of their processing and storage happens in the EU, so there’s very little reason to be concerned that it is being backed up and stored in a kangaroo’s pouch (not very secure). If it was stored in Australia, can you imagine the queue of highly deadly snakes, spiders, insects, plants (seriously – look at this if you don’t believe us!) and all manner of sharks, crocodiles and rabbits armed with machine guns to make sure that no one can get to your data?
We can dream…
The software is developed in Australia, but your data will sit in the EU. Their position on General Data Protection Regulation can be found here.
We use Stripe to process payment as a payment gateway.
Stripe has servers in Ireland for EU processing and any data sent to the parent company in the USA is protected under the EU-US Privacy Shield.
Under the General Data Protection Regulation you have eight rights and we will move mountains to try to respect them.
We’re people, too, and we’d hate anyone to tell us that we can’t do something with our own data.
If you think that we aren’t following the rules, you can report us to the Information Commissioner’s Office at any time, but we’d rather you contacted us in the first instance to sort it out.
We’re not saying that you can’t contact them, of course, but as our customer – or a potential customer – we want to deal with any problems for you which concern our use of your personal data.