Privacy Notice & GDPR Compliance

This Privacy Notice explains how Crowd Risk Analysis Ltd (“CRA eLearning”) collects, uses, stores, and protects your personal data when you enrol, access our courses, or interact on this site.

Data We Collect

• Name, email address, and profile information
• Date of birth (for certificate validation)
• Course progress, quiz results, and assessment submissions
• Technical data such as login times, IP address, and device type

Why We Collect Your Data

• To provide access to learning content
• To track progress and issue certificates
• To comply with awarding-body requirements
• To maintain site security and performance

Legal Basis for Processing

Your data is processed under:

• Contractual necessity: to deliver purchased courses
• Legal obligation: to maintain training records
• Legitimate interest: platform security and site optimisation

Data Retention

Personal data linked to training records is retained for as long as required by awarding-body, auditing, or legal compliance. Non-essential data may be deleted sooner.

Your GDPR Rights

• Right to access your data
• Right to rectification
• Right to erasure (“right to be forgotten”)
• Right to data portability
• Right to restrict or object to processing

To request any of the above, email: privacy@gksed.com

Third-Party Services

We may use secure third-party processors for hosting, analytics, or certificate generation. All providers comply with UK GDPR.

Security

Your data is stored within GDPR-compliant infrastructure with encryption and secure access controls.

Contact

If you have any questions, contact our Data Protection lead:
privacy@gksed.com