Privacy Policy

  1. Privacy & Cookie Policy
  2. How we use your information
    1. What information do we ask for, and why?
    2. What personal data do we collect?
  3. How do we use your personal data?
    1. To whom might we disclose your personal data?
    2. Visitors to our websites
    3. Use of cookies by Firebrand
    4. Search engine
    5. E-newsletter
    6. Security and performance
    7. Blogs
    8. People who contact us via social media
    9. People who call Firebrand
    10. People who email us
    11. People who use our chat service
    12. Marketing messages
    13. Online Advertising
    14. Biometric Data
  4. Security
  5. Inaccuracies and corrections
  6. People who make a complaint to us
    1. Complaints or queries
    2. Access to personal information
    3. Disclosure of personal information
  7. Transfer of data
  8. Links to other websites
  9. How to contact us
  10. Changes to this privacy notice

Privacy & Cookie Policy

Firebrand takes the security and protection of personal data very seriously. We are committed to providing a compliant approach to data protection. We have always had a robust data protection program in place and we have reviewed this program to ensure that it meets the requirements of the General Data Protection Regulation (GDPR) which came into force on 25th May 2018. When we process any personal data, we will do so according to the data processing principles of the GDPR.

As part of the review of our program, we have carried out the following activities to ensure our GDPR compliance on 25 May 2018:

  • Information audit
  • Review and update of our policies and procedures, including information security, data retention, data breaches, international data transfers and subject access requests
  • Review and update of annual staff training and awareness to ensure our staff are familiar with the GDPR requirements
  • Review of our information systems to ensure that data subject rights, such as the right of erasure or rectification of data, can be exercised within the appropriate timescales
  • Development of a record of processing activities

How we use your information

This privacy notice tells you what to expect when Firebrand Training (Firebrand) collects personal information.

What information do we ask for, and why?

Firebrand respects your privacy and safeguards your data. We do not collect more information than we need to fulfil our stated purposes and will not retain it for longer than is necessary. The personal data we collect, process or use is treated securely and in accordance with Firebrand's privacy policy, described below. Whenever you give us personal data, you are consenting to its collection and use in accordance with this policy, including our use of cookies explained below.

What personal data do we collect?

You will be asked for personal data such as your name, address and email address when you register to attend a course, make an enquiry or ask about services from us.

How do we use your personal data?

Where appropriate, we use your personal data:

  • to provide services to you or your organisation
  • for basic profiling purposes
  • to let you know about other services in which you may be interested
  • to inform you about changes and improvements to this website

If you leave your details or register for a course you will receive email communications alerting you to news and offers. You may choose not to receive these by requesting to unsubscribe from email communications.

To whom might we disclose your personal data?

Firebrand does not sell, trade or rent your personal information to others. Your details will be added to Firebrand’s database in order to process your request, and so that you can be kept up to date with relevant details of our training services.

From time to time Firebrand holds joint events with selected partners. If you book to attend one of these events your details may be made available to the event partner. You will be advised of this at the time of booking, to opt-out of receiving any communications from Firebrand and/or the event partner, please notify us.

Your personal data may be required to be passed to a third party if they need it in order to fulfil your order(s) for our services, or to execute the communications we send to you. Except as set out above, we shall not disclose your personal information unless obliged to, or allowed to do so by law, or where we need to in order to run our business (e.g. where other people process data for us). In such circumstances, we ask those people to give us confidentiality or non-disclosure undertakings.

Visitors to our websites

When someone visits Firebrand Training websites we use third party services, e.g. Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site, who they were referred to the website by, geographically where they are based and, if provided, the company registered to the IP address the visitor browsed the site from.

When we collect personally identifiable information through our website we will be up front about this. We will use the information in the way described by this privacy policy or we will make it clear when we collect personal information what we intend to do with it.

Use of cookies by Firebrand

In order to provide you with the best, tailored experience our site will need to place small text files, or 'cookies', on your computer.

Most cookies that we use are 'session' cookies and only exist for the time that you are using our site. They perform functional tasks – such as remembering that you are logged in as you move from page to page, or to pre-load your personal details into forms to save you time.

We also track cookies anonymously to fuel our site analytics and learn how to improve your experience and hone the relevance of our products and services.

We also use cookies in our emails to track open rates and other performance indicators – again, so that we can continually improve the relevance and experience of our offering to you.

You can set your browser to reject all cookies. Please note that if you do this then certain areas of this website will not be able to function for you. Choose a browser setting that rejects third-party cookies but allows the benign, functional ones that make the good stuff work. We've worked hard to make our website intuitive to your needs – why would you want to miss out?!

We also use technology that uses Internet Protocol (IP) information exchanges during the course of normal web activity combined with data-enhancement technology to get detailed analytics information. This doesn't allow us to spy on you – it just allows us to see how well our site is working.

You can learn more about cookies here www.allaboutcookies.org

Search engine

Our website search is powered by a third party Microsoft’s Bing. Search queries and results are logged anonymously to help us improve our website and search functionality. No user-specific data is collected by either Firebrand or this third party unless disclosed by their privacy policy, for instance because you are logged into their service.

E-newsletter

We use third party providers to deliver our emails. We gather statistics around email opening and clicks using industry standard technologies including clear gifs to help us monitor and improve our emails.

Security and performance

Firebrand uses third party services to help maintain the security and performance of the Firebrand website. To deliver this service it processes the IP addresses of visitors to the Firebrand website, blocking potentially harmful traffic.

Blogs

We use third party services, e.g. Blogger or Wordpress, to publish blogs. These sites are hosted at by the provider. We use standard services provider by these platforms to collect anonymous information about users' activity on the site, for example the number of users viewing pages on the site, to monitor and report on the effectiveness of the site and help us improve it. Blogs requires visitors that want to post a comment to enter a name and email address. For more information about how they processes data, please see their privacy notices.

People who contact us via social media

We use third party providers to manage our social media interactions.

If you send us a private or direct message via social media the message will be stored by these platforms. It will not be shared with any other organisations.

People who call Firebrand

When you call Firebrand we collect Calling Line Identification (CLI) information. We use this information to help improve its efficiency and effectiveness.

People who email us

We use Transport Layer Security (TLS) to encrypt and protect email traffic in transit to us. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected all the way to us.

We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.

People who use our chat service

We use third party providers to supply and support our chat service, which we use to handle customer enquiries in real time.

If you use the chat service we will collect your name, email address (optional) and the contents of your chat session. This information will be retained and will not be shared with any other organisations.

You can request a transcript of your chat session if you provide your email address at the start of your session or when prompted at the end.

Marketing messages

You can opt out of any marketing messages we send you at any time using the unsubscribe link in our emails.

Online Advertising

We use services such as Google AdWords Remarketing to advertise Firebrand across the Internet. Remarketing will display relevant ads tailored to you based on what parts of the Firebrand website you have viewed by placing a cookie on your internet browser. Remarketing allows us to tailor our marketing to better suit your needs and only display ads that are relevant to you.

How to Opt Out of Remarketing and Advertising - If you do not wish to participate in Remarketing, you can opt out by visiting the remarketing services preferences manager which is normally presented as a link on the advert.

You can also opt out of any third-party vendor's use of cookies by visiting www.networkadvertising.org/choices

Biometric Data

To offer (ISC)2 exams we must comply with Pearson VUE Select Status requirements which include, where permitted by law, the use of biometric palm recognition. This is used to authenticate all delegates taking (ISC)2 exams. Neither Firebrand Training Ltd nor (ISC)2 collect or retain the raw biometric data. However, for a period of five years following the person's last contact with (ISC)2, data based upon an algorithm of the palm scan received when accessing an examination site is stored. This assists (ISC)2 in assuring the identify of those taking its exams but cannot be used to identify delegates outside of the (ISC)2 database. This data is destroyed after the five-year period and is used for no other purpose.

For more information on (ISC)2 and Firebrand Training's use of palm vein pattern recognition please see our blog post.

Security

Unfortunately, no data transmission over the Internet is guaranteed 100% secure, but we do take appropriate steps to protect the security of your personal data, before it arrives, and certainly once we have it.

Inaccuracies and corrections

We endeavour to keep your personal data accurate and up to date. If you become aware of errors or inaccuracies, please email privacy@firebrand.training

People who make a complaint to us

When we receive a complaint from a person we make up a file containing the details of the complaint. This normally contains the identity of the complainant and any other individuals involved in the complaint.

We will only use the personal information we collect to process the complaint and to check on the level of service we provide. We do compile and publish statistics showing information like the number of complaints we receive, but not in a form which identifies anyone.

We usually have to disclose the complainant’s identity to whoever the complaint is about. This is inevitable where, for example, the accuracy of a person’s record is in dispute. If a complainant doesn’t want information identifying him or her to be disclosed, we will try to respect that. However, it may not be possible to handle a complaint on an anonymous basis.

We will keep personal information contained in complaint files in line with our retention policy. It will be retained in a secure environment and access to it will be restricted according to the ‘need to know’ principle.

Similarly, where enquiries are submitted to us we will only use the information supplied to us to deal with the enquiry and any subsequent issues and to check on the level of service we provide.

Complaints or queries

Firebrand tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures.

This privacy notice was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of Firebrand’s collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address below.

If you want to make a complaint about the way we have processed your personal information, you can contact us via privacy@firebrand.training. Alternatively you can contact the Information Commissioner - the statutory body which oversees data protection law – at www.ico.org.uk/concerns.

Access to personal information

Firebrand tries to be as open as it can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a ‘subject access request’ under the GDPR Act 2018. If we do hold information about you we will:

  • give you a description of it;
  • tell you why we are holding it;
  • tell you who it could be disclosed to; and
  • let you have a copy of the information in an intelligible form.

To make a request to the Firebrand for any personal information we may hold you need to put the request in writing addressing it to privacy@firebrand.training.

If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone.

If we do hold information about you, you can ask us to correct any mistakes by, once again, contacting us in writing at privacy@firebrand.training.

Disclosure of personal information

In many circumstances we will not disclose personal data without consent. However when we investigate a complaint, for example, we will need to share personal information with the organisation concerned and with other relevant bodies.

You can also get further information on:

  • agreements we have with other organisations for sharing information;
  • our instructions to staff on how to collect, use and delete personal data; and
  • how we check that the information we hold is accurate and up to date.

Transfer of data

By the nature of the Internet, the personal data you supply through this website may be sent electronically to servers anywhere in the world. It may be used, stored and processed anywhere in the world, including countries outside the European Economic Area. If Firebrand transfers the data outside the EEA it will ensure that all reasonable security measures are taken and that any third party processers will be required to process the data in accordance with Firebrand’s instructions.

Links to other websites

This privacy notice does not cover the links within this site to other websites or the services they provide. We encourage you to read the privacy statements on the other websites you visit.

How to contact us

If you want to request further more detailed information about our privacy policy you can email privacy@firebrand.training

Changes to this privacy notice

We keep our privacy notice under regular review. This privacy notice was last updated on 25 May 2018.