GDPR Statement

Our GDPR commitment

Ivy Training & Consulting UK Limited is committed to protecting personal data and respecting privacy. This statement summarises key GDPR principles and how we apply them alongside our Privacy Policy.

Data controller and contact

Controller: Ivy Training & Consulting UK Limited.
Contact: support@ivytrainingconsulting.com.

Principles we follow

• Lawfulness, fairness, transparency: we explain what we collect and why.
• Purpose limitation: we use data only for stated, legitimate purposes.
• Data minimisation: we collect only what we need.
• Accuracy: we keep information up to date where appropriate.
• Storage limitation: we keep data only as long as necessary.
• Integrity and confidentiality: we use security measures to protect data.
• Accountability: we document decisions and vendor safeguards.

Lawful bases (typical)

• Contract: delivering training/services you request.
• Legitimate interests: running a secure site, responding to enquiries, improving delivery.
• Consent: where required (e.g., non-essential cookies/marketing).
• Legal obligation: accounting and regulatory requirements.

Security measures

We use appropriate controls such as access limitation, least-privilege handling, and reasonable safeguards for data in transit and at rest where applicable. We also review suppliers that process data on our behalf.

Data subject rights

You may have rights including access, rectification, erasure, restriction, objection, and portability. To exercise rights, contact support@ivytrainingconsulting.com.

International transfers

Where personal data is transferred outside the UK, we use appropriate safeguards such as adequacy decisions or standard contractual clauses where required.

Complaints

If you have concerns, contact us first so we can help. UK residents may also complain to the Information Commissioner’s Office (ICO).