Privacy Notice

Lifetime Learning is the self-funded UK registered charity that provides opportunities for residents within and outside of the London Borough of Tower Hamlets and is dedicated to protecting all data provided.

This Privacy Notice has been designed to explain how and why we collect, use, store and delete data as well as how long it is kept for and if any third parties are involved. Your rights will also be clarified. This Privacy Policy applies to use of all our data processing and websites (and web-based services) on which a link to this policy appears (the “Sites”).

For the purpose of the Data Protection Legislation, the data controller is Lifetime Learning of 225 Marsh Wall, Angel House, Canary Wharf, London E14 9FW. The data subject is the individual whose data is being processed. The Data Protection Officer is the Assistant Manager of the company who can be contacted on 0207 183 8357, option 5 and

We are a registered company (no. 04890386).

We are committed to keeping your information secure and take the privacy of all data extremely seriously. Our offices are ISO 27001 Certified.

By providing us with any information about yourself (including via the Sites), you consent to our processing of your personal information in accordance with this Privacy Policy and our Cookies Policy.

This Privacy Policy covers

  1. How we collect your personal data
  2. What personal data we collect
  3. Our legal basis for processing
  4. How we use this personal data
  5. How we store it
  6. How long we keep it
  7. Who it is shared with
  8. Data Transfers
  9. How we delete it
  10. Your rights as a data subject
  11. Complaints
  12. Subject Access Request
  13. Links to other websites
  14. Changes to our Privacy Policy
  15. Contact Information

How we collect your personal data

We can collect your personal data through the following communication channels:

  • Booking Form, Contact Form, Online Chat, Surveys
    • The data collected through the Booking Form Contact Form, Online Chat, Surveys will be provided by the data subject with consent.
  • Telephone, Email, Social Media, Postal
    • The data collected through Telephone, Email, Social Media, Postal will be placed into our system through our booking form. The data subject will be informed upon processing data as well as sent an email or letter to identify the storing and processing of data as well as their rights.
  • Cookies;
    • The data collected through cookies is with consent. For more information, please see our Cookies Policy.
  • Through an external company i.e Recruitment websites
    • The data we collect through external companies will be stored with those companies or securely in our internal system, in one location as identified in our procedures.

What personal data we collect

Stat Solutions Ltd. may collect the following data:

  • Title
  • Name
  • Contact Telephone Number
  • Contact Email Address
  • Mailing Address
  • How you heard about us (for Marketing Analysis Purposes)
  • Preferred Course
  • Preferred Course Date and/or Time
  • other information relevant to customer surveys and/or offers
  • Recorded Phone Calls

Please note, personal data is defined as any data that can identify an individual. The personal data we may hold would include the data subject’s name, job title and/or email address.

Following the purchase of any products or the attendance of any training, demonstration, webinar, meeting or further service, we may request for feedback. The feedback is not anonymous so that we can contact you should you request for further support or if we would like to resolve any queries.

The data collected through our websites with the use of cookies includes demographic data and browsing patterns. We also automatically receive your IP address (which identifies the computer or device that you use to access the Sites); the time and date of your visit; browser; operating system; internet connection details, as well as a breakdown of your journey through our Sites.

When the data subject is an applicant or a vacant or not vacant role, the data we collect will include the information on your CV/Cover Letter including name, contact information and previous and/or current education and/or work experience. We may ask for additional information within a form of a survey. If CV’s are downloaded they are all stored in one place and dated the download date. Successful applicants will need to provide NI number, Tax code, Student Finance plan (if applicable), Bank details, full address and emergency contact information etc.

Our legal basis for processing

We will only process data for the purpose of providing an individual with the most relevant information, products or services. Our organisation’s legal basis for processing data is when it has been obtained voluntarily or through consent. Should our purpose for processing your data change, you will be notified.

All information collected and processed will be relevant to your interest/booking or to supply you with the right information regarding new products, services or documentation etc.

All calls are recorded for monitoring and training purposes. This is stated on our automated voice recording that each person will hear when they call the organisation. They may be produced to the data controller upon request or with regards to a query.

How we use this personal data

We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:

    • Internal record keeping
    • To improve our products and services
  • To ensure the you receive information regarding the most relevant products, services and special offers
  • To ensure delegates receive all information and reminders regarding their purchases and updates on our legal obligations when necessary
  • Contacting you from time to time for market research purposes. We may contact you by email, phone, fax or mail. We may use the information to customise our websites according to your interests.
  • To build up marketing profiles, to aid strategic development, to manage our relationship with advertisers and to audit usage of the Sites.
  • Additional information may be collected from your school website or by contacting the school or the Data Subject directly. The information includes the school phase, an alternative email address, reason for interest or booking, more information about your job role etc.
  • For the courses, we share (via email) name, school name, role, telephone number and email with consultants who deliver training so that they can prepare for the training course. These details are also printed and sent via post in the form of personalised training materials.
  • We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. We may use your personal information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen.

How we store it

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect.

Our office space is ISO 27001 certified and Cyber Essentials Certified, a few of our security measures in our UK based office includes but is not limited to;


  • CCTV
  • Outer Building fob key access and monitored concierge desk
  • Office Pin Code and fob key access
  • Separate designated and logged fob key access to our server rooms


  • BitLocker passcodes on all PC’s (Management or IT must log in each PC before use on a daily basis)
  • All users have individual password access and limited access to only suitable files
  • Group Policy determines and logs the use of IT equipment including 30 second lock
  • Firewall and Norton Antivirus across all PC’s
  • All ports are disabled for non-authorised personal (management)– meaning no external drives can be used
  • Only administrator account can enable updates, software downloads and more

All data is stored in UK Office, our server is backed up twice a day and a further back-up on a Naas Server and External UK Hosting.

Details from a form or website are downloaded, they are all stored in one place in our system and dated the download date. Otherwise, they will remain in the website.

Any call recordings are recorded and stored in an external supplier, you can click here to view their Privacy Policy

Email Addresses

All emails, both those who have consented to receive emails and those who have not (or those who have unsubscribed) are stored in an external mailing software and our internal system. Click here to view our mailing software providers Privacy Policy

Email addresses are kept on our email marketing database so that we can keep a track of the status of the email as well as send emails to those who have consented to receive emails i.e. by subscribing to our mailing list. If you no longer wish to receive our emails, your email address will be kept in our systems in the form of a blacklist so that we do not contacted in the future.

How long we keep it

We will keep your personal data on our records for an ongoing period for the reasons mentioned above, as long as you (the data subject) give consent for us to do so. If you no longer want us to keep your personal data, it is your right to request for its removal at any time, providing you have a legitimate reason

CV’s are kept ongoing. Successful applicants will provide further details which are disposed of after 5 years excluding information needed for referencing purposes.

Who it is shared with

Your personal data will never be shared with any third parties or internationally, nor will it be accessible to any unauthorised persons as we have secure encryption and password controls in place to limit access to personal records.

For the courses, we share (via email) name, school name, role, telephone number and email with consultants who deliver training so that they can prepare for the training course. These details are also printed and sent via post in the form of personalised training materials. All consultants have signed contracts and NDA’s which specifically indicate the importance of data security.

Data Transfers

All of our data is only process and stored in the UK and no transfers to further countries will occur. Should this change, you will be updated immediately.

How we delete it

In certain circumstances, you have the right to have your data deleted or ‘forgotten’. In order to delete your personal data from our records, you must request either verbally or in writing. Once we have received this, we will confirm that the request is to be put forward to the DPO for Approval. The DPO will consider the deletion and ensure it will not affect any other data subject. If it is, the request will be rejected. Should the data not affect a further data subject, it is confirmed for deletion. All data will be deleted within this request excluding the email address. This will be place in a blacklist for our records.

Data is deleted manually from all databases at the stated time. Our back-up servers are updated automatically daily and this is when the back-up servers will too have the data deleted.

Your rights as a data subject

The GDPR provides the following rights for individuals.

  1. The right to be informed
  2. The right of access
  3. The right to rectification
  4. The right to erasure (the right to be forgotten)
  5. The right to restrict processing
  6. The right to data portability
  7. The right to object
  8. Rights in relation to automated decision making and profiling.

1.      The right to be informed

You have the right to be given information on how and why your personal data is being processed, such as this Privacy Notice. You are entitled to request this information both before and after providing consent to us, free of charge.

2.      The right of access

You have the right to access your personal data at any time (this is called a Subject Access Request). You are entitled to receive confirmation that your data is being processed, have access to your personal data and information on how and why your data is processed. This right allows you to be aware of and confirm that we are processing your data legitimately.

3.      The right to rectification

You have the right to have your personal data amended if it is inaccurate or incomplete. It is your right to have your request for rectification responded to within a month.

4.      The right to erasure (the right to be forgotten)

You have the right to request the deletion or removal of your personal data, but only where there is no persuasive reason for its continued processing. For example, you may request to have your data deleted/removed if your personal data is no longer necessary for the purpose it was originally collected/processed.

5.      The right to restrict processing

You have the right to stop your personal data from being processed any further. This mean that we are able to store your personal data, but not process it. We shall keep just enough information about you to make sure we can keep your restriction in place from this point on. (See Emails as an example of this scenario).

6.      The right to data portability

This right only applies to personal data you give to a controller (anyone who determines the reasons and ways of processing personal data), where your personal data is being processed because you have given consent or for the performance of a contract and when processing is carried out automatically.

7.      The right to object

You have the right to object to processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling), direct marketing (including profiling) and processing for purposes of scientific/historical research and statistics. You have the right to withdraw consent at any time.

8.      Rights in relation to automated decision making and profiling

You have the right to request for reconsideration of your applications or request should a decision be made through an automated process.

The information above has been sourced from the Information Commissioner’s Office (ICO). For their full guide to rights for individuals under the GDPR, please visit:


If you have a complaint about the way your personal data is being processed or for any other reason relating to your personal data, you have the right to lodge a complaint with a supervisory authority.

Subject Access Requests

As per your right of access, you are entitled to request to see your personal data that is stored in our records. In order to do this, you must send us your request in writing, so that we may be able to tell you whether any of your personal data is being processed, provide you with a description of your personal data, the reasons for which it is being processed and whether it will be shared with any other party. You will also be given a copy of this information and the details of where it is available.

If you wish to use our Subject Access Request Form to make your request, please contact us at or call our office at 0207 183 8357.

Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this Privacy Notice. You should exercise caution and look at the privacy statement applicable to the website in question.

Changes to our Privacy Policy

If there are any changes to this Privacy Policy, we will notify you via email and it will be updated here.

How to contact us

We are happy to assist you with any request you may have.

225 Marsh Wall

Angel House

Canary Wharf


E14 9FW


Telephone: 0207 183 8357