The data we collect
We collect the following information from you through use of our email data capture forms, submission links on our website, emails, phone and text.
Personal information: We collect your first and last name, email address, postal address, phone number, in order to respond sufficiently and appropriately to your enquiry to find a suitable course for you.
Billing information: We collect data necessary billing information to process your payment if you make a purchase. We do not store or retain any payment details once the purchase is complete.
Storing information: We also store personal information from you when you communicate with us regarding the provision of services, including by email, postal mail or telephone.
Cookies policy: We collect certain information about the visitors of our Website. Please refer to Cookies policy for more details.
Passing on information: We do not pass on training information to any other organisation, without the explicit consent of your employer, unless required by our examining institutes in the pursuit of service delivery (i.e when registering an exam).
Marketing emails: If you do not wish to be contacted for any marketing purposes your consent can be removed by clicking “unsubscribe” on our formal marketing emails.
Use of data
We collect your data mainly to enable us to provide our Services to you, however we may also use it for the following reasons:
To maintain the account you create or use on our Website
To provide you with information you request from us
To process your booking and purchase
To provide information on other products and Services which we feel may be of interest to you in line with your communications preferences
To meet our contractual commitments to you
To act on your behalf where third party funding is available and appropriate
To notify you about any changes to the Website and/or our Services that may have an impact on your actions
To notify you of similar products that may be of interest to you
To act on your behalf where the Service is delivered to you with the help of 3rd party suppliers
To process your examination, we may need to transfer your data to examination institutes including PeopleCert, APM, APMG, The Open Group, EC Council, and Microsoft
Data processing laws
Contractual agreement – if you purchase a product, either a book, exam or course, with Purlos, the Company shall process your data sufficiently and only where appropriate in servicing the prevailing agreement.
Legitimate Interests – relating to “direct marketing”
Consent – The definition of consent under the GDPR is:
Any freely given specific, informed and explicit indication of his or her wishes by which the data subject, either by a statement or by a clear affirmative action, signifies agreement to personal data relating to them being processed.
if you give us explicit consent to contact you regarding an enquiry or for direct marketing purposes, we shall contact you via only the mediums consented to. Please see our “Consent” term for further details.
Direct Sales & Marketing
Purlos will rely on the GDPR’s (i) legitimate interests clause and (ii) PECR’s Soft Opt-in clause to;
Send direct marketing communication, in the form of emails and telephone calls, or to market similar courses to customers that have purchased our services. Such advertisement within the direct marketing shall be similar to the product purchased, in accordance with the expectations of the customer. Our Company’s interest is to develop our business, whilst providing learning and career development opportunities to our customers. Given the nature of the service provision, we do not expect the rights or freedoms of the data subjects to be at risk to harm.
If you have any concerns regarding your personal information that we may hold please contact us via the contact us link at the bottom of the page.
Information We Share
We don’t sell data – We do not sell or disclose data except with exam institutes for the provision of your results and certifications. We shall only pass on data in its apparent context, for example, when you purchase a course from us we may pass on your details to book the associated examination board. If you submit an enquiry or sign up for our newsletter no such data shall be transferred to third parties.
3rd parties will be legally bound not to disclose our client data – We may share personal data with partners that perform services, in this case, where all service providers have entered into legally binding agreements require them to use or disclose personal data only as necessary to perform services on our behalf or comply with applicable legal requirements.
Summary – We may share personal data you provide to us or that we collect with other entities within Purlos to perform our contractual agreements.
Extenuating legal circumstances – In addition, we may disclose personal data about you if we are required or permitted to do so by law or legal process, for example, due to a court order or request from a law enforcement agency when we believe the disclosure is necessary or appropriate to prevent physical harm or financial loss.
Storing, handling and transferring data
Geographical storage of data – The personal information that we collect is stored centrally on secure servers within the EU.
Data with no business purpose is immediately erased – Purlos has a strict data retention policy, where it has a justifiable business or legitimate legal reason to store data. Data with no legal or business purpose to retain, is erased with immediate effect and is not stored.
Data sent over the internet is cannot be guaranteed as protected – The transmission of information via the internet (including email) is not completely secure and we cannot guarantee the security of data sent to us electronically and the transmission of such data is therefore entirely at your own risk.
Transferring data from foreign countries – The Company shall process data in accordance with the relevant provisions in your county, for example if you are located in the European Economic Area (EEA), the GDPR shall be adhered to and your data protected accordingly. If an international transfer of data must take place in order to provide the service agreed, data shall only be transferred where:
The relevant country meets the requirements and has therefore been granted a European Commission on Adequacy
A US-EU Privacy Shield Exists
Appropriate safeguards have been applied, such as a EU Model Contract
Exercising Your Data Rights
Accessing your data – Should you wish to access or update the personal information that we hold about you please contact us using the link at the bottom of the page and title your request “subject access request”..
Right to erasure or rectification – You can view, change or remove personal data you might have provided in prior communication with our Company, by exercising your Right to Erasure or Rectification. How you can access or control your personal data will depend on what the data relates to and where it is stored.
Data portability – Individuals have the right to data portability is one of eight rights enforced by EU GDPR. It allows data subjects to obtain data that a data controller holds on them and to reuse it for their own purposes. Individuals are free to either store the data for personal use or to transmit it to another data controller. If you would like data held about you please email the data controller,
You can always choose whether you wish to receive promotional emails or promotions through telephone calls. You can also unsubscribe from receiving interest-based advertising from us by clicking the ” Unsubscribe Me” link on our emails, or by emailing firstname.lastname@example.org
We may update this privacy statement periodically, in accordance with the updates to relevant data protection laws. Such updates will not be notified, so it is advised you check the statement every time you purchase a service or products from us.
Contractors and Suppliers
Any third-party suppliers or partners will be used to maintain the highest quality of service for clients. Any data processed in relation to them will be processed in accordance with the GDPR.
Encryption – The Company adheres to stringent data protection and encryption procedures that ensure that personal and sensitive data is protected – during both processing and the storage of data.