Privacy Policy

Measured Collective refers to the company Measured Collective Ltd.

Measured Collective Limited is a company registered in England and Wales No 12351402. Our registered address is 71-75 Shelton Street, London, United Kingdom, WC2H 9JQ

Measured Collective respects your privacy and is committed to protecting your personal data. It is Measured Collective’s policy to respect your privacy regarding any personal information we may collect and process about you..

This Privacy Policy outlines:

  • what data we collect from you
  • what we do with that data
  • who we share that data with
  • what reasons we rely on to process your data
  • your rights in relation to our use of your data.

Personal information is any information relating to you which can be used to identify you. This includes, but is not limited to, information directly about you (for example your name, address, and date of birth), information about your devices, payment details and information about your interactions with our digital services such as our website, and your interactions with our products and services. 

Our website may contain links to third party websites/apps. We have no control over the privacy policies of these 3rd parties. This privacy policy does not extend to cover your use of those services. We advise you to read the privacy policy information of third party websites/apps when you interact with these websites/apps. 

Policy version: 4.1

Last updated: 10th September 2023

Data controller / Data processor

The UK GDPR & EU GDPR distinguishes between organisations that process personal information for their own purposes (“data controllers”) and organisations that process personal information on behalf of other organizations (“data processors”). We are a Data Controller with respect to the personal information you provide to us.

Data we collect

We currently collect and process the following information:

Personally identifiable data

Data that can directly identify you.

Examples:

  • Your name
  • Your email address
  • Your phone number
  • Your nationality
  • Social media profile urls

Recruitment & HR data

Data about your application to join our organisation and data required to facilitate your employment and assess your performance if you are an employee or contractor of Measured Collective or are applying to become an employee or contractor of Measured Collective .

Examples:

  • Your CV
  • Your answers to our application questions
  • Notes relating to your interview
  • Your payroll data
  • Notes about your job performance
  • The outcome of your application or interview with us

Education data

Data about your participation and progression through our education programmes.

Examples:

  • A record of the courses you participated in and completed.
  • Notes about your educational aspirations.
  • Certificate data
  • Your score in our tests.
  • Metadata relating to your access of our course materials including the date, time and time spent on each lesson.

Payment data

Data required to facilitate payments to us.

Examples:

  • Card or bank account numbers
  • Name and address related to payment methods.
  • Payment history.
  • Payment date, time and result.
  • Outstanding balance or money owed.

Device data

Data sent to us by the devices that you use to interact with: our website, the services and websites of our third party processors and other digital properties.

Examples:

  • Device Type
  • Operating System
  • Unique device identifiers
  • Device settings
  • Geo-location data

Preference data

Data about your preferences in relation to our products and services.

Examples:

  • Your cookie consent preferences
  • Your email marketing preferences
  • Your study preferences

Interaction data

Data about your interactions with our products and services or communications with our team or third party processors.

Examples:

  • Your account login date and time
  • Your account login location and device IP address
  • Timestamps of completing forms such as attendance records

Communications data

Data about communications we have sent to you or received from you. Including the metadata from these communications and the communications content.

Examples:

  • Your interactions with our communications, for example information about whether you clicked a link within, or opened an email from us.
  • The content of communications between you and Measured Collective.
  • The time, date and location of which you accessed communications from  Measured Collective.

How we get the personal information and why we have it

There is no statutory or contractual requirement for you to provide personal information to us, unless you decide to use our products or services. 

Most of the personal information we process is provided to us directly by you when you:

  • Contact us
  • Use our website and other digital properties
  • Register to use or apply for our products and services
  • Use our products and services

We also receive personal information indirectly, from the following sources in the following scenarios:

  • From your boss or line manager when they refer you as a student for our online training or sign you up for an account.

We use the information we collect for the following purposes:

  • for recruitment of employees and management of employee’s contracts, performance and HR records
  • to provide our training services
  • to enable website visitors to customise or personalise their experience of our website
  • to contact and communicate with employees, customers, prospective customers, partners, contributors and suppliers
  • for analytics and market research
  • for advertising and marketing
  • for business development
  • to operate and improve our website, applications and digital services
  • to enable people to access and use our website, associated applications, and associated social media platforms
  • for internal record keeping and administrative purposes
  • to comply with our legal obligations and resolve any disputes
  • for security and fraud prevention

We may share this information with:

our sub-processors that help us provide our website, products and services to you.

a parent, subsidiary or affiliate of our company

students, course leaders, account owners for example line-managers and accreditors for the purpose of facilitating team-work and collaboration and generally facilitating your education

our employees, contractors and agencies who help us manage parts of our business

credit agencies, courts, tribunals and regulatory authorities, in the event you fail to pay for goods or services we have provided to you

courts, tribunals, regulatory authorities, and law enforcement agencies, as required by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise, or defend our legal rights

third parties, including agents or subcontractors who assist us in providing information, products, services, or direct marketing to you

an entity that acquires our business, or to which we transfer all or substantially all of our assets and business

Under the UK GDPR and EU GDPR, the lawful bases we rely on for processing this information are:

(a) Your consent. 

When you give us consent to collect and use your personal information for a specific purpose. You are able to remove your consent at any time. You can do this by contacting [email protected]

(b) When we have a contractual obligation.

When you have entered or are about to enter into a contract or transaction with us. This allows us to deliver our products and services to you, or work with you to help us deliver our products and services.

(c) When we have a legal obligation.

When we may have a legal obligation to disclose or store your personal information. For example this may be the result of a court order, criminal investigation, government request or regulatory obligation.

(d) When there is a vital interest.

When in extremely rare circumstances we may be compelled to disclose some of your information for the preservation of life.

(e) When we have a legitimate interest.

A legitimate interest is when we have a legitimate business or commercial reason to use your information. But even then, it must not unfairly go against what is right and best for you. 

Our legitimate interests are:

  • Improving the quality of our products and services
  • Providing good service and support to our customers
  • Developing the range of products and services that our business offers
  • Measuring and evaluating the effectiveness of our programmes and campaigns
  • Keeping our customers, our employees, our partners, our contributors and other stakeholders up to date about our products and services
  • Developing and improving how we deal with fraud, as well as doing our legal duties in this respect
  • Complying with regulations that apply to us
  • Being efficient about how we fulfil our legal and contractual duties
  • Keeping our services available online
  • Protecting our data and our customers data from unauthorised access

Keeping your information secure

We have put policies, mechanisms and procedures in place to protect the personal data that we process. 

Although we try our best to protect the personal information we collect, we cannot guarantee that any transmission method, storage solutions or protocol is 100% secure. No approach can guarantee absolute data security.

If you hold an account with us, we advise you to keep your access details secure.

How long we keep your personal data for

Our policy is to keep your personal data only for as long as we need it to fulfil our processing tasks. When we no longer require your information we will schedule it for deletion. We may require a short period of administrative time up to 3 months in order to process the deletion of your data.

We may hold onto your personal data after you have completed your training or recruitment process with us so that we can support you in your future training or to contact you about future recruitment opportunities. 

We may also continue to hold on to personal data to allow us to measure the effectiveness of our programmes and the impact they have had on people’s careers in the future, for example we may wish to contact you to ask if the training you participated in has helped you develop your career.. In this case we will remove data which is no longer relevant from our systems, and retain what we need to facilitate communication with you.

Similarly we may keep personal data relating to our suppliers and partners in our systems following the end of our projects so that we can contact you in the future to work on new projects.

If necessary, we may keep your personal information even after the need to fulfil our main processing tasks has expired, in order to comply with our legal, accounting or reporting requirements.

We may also retain anonymised information relating to your interaction with Measured Collective for research or statistical purposes.

Children’s privacy

We do not provide services directly to children or proactively collect their personal information. 

Changes to this policy

We keep our privacy notice under regular review to make sure it is up to date and accurate. We advise you to check this policy regularly.

If we update our policy and determine that consent is required for a new or updated processing activity we will seek your permission and give you the opportunity to opt in or opt out of the processing.

International transfers of personal information

The personal information we collect is stored and/or processed in:

Covered by adequacy:

  • United Kingdom
  • EU

Requires additional safeguards:

  • United States

The countries to which we transfer your personal information may not have the same standard of data protection laws as the country in which you initially provided the information. 

If we transfer your personal information to countries that do not have a valid adequacy agreement under the UK GDPR then we will put in place additional safeguards with the organisations that are processing personal data for us in those locations. Typically these safeguards will include SCCs (Standard Contractual Clauses). These are a set of clauses, added to data processing agreements or the policies of our sub-processors that outline how data will be protected. 

You may request a copy of the safeguards we use to protect your data when transferring it outside of the UK by contacting [email protected]

These safeguards will aim to protect your data to an equivalent level as would be applied within the UK.

Our subprocessors

This list covers our main subprocessors. It is not exhaustive.

Service Service purpose Server location
Google Workplace Email account management, document creation and storage. US & EU
Plutio Maintains customers records. US 
Revolut Online payment processor. EU & US
Qwary Forms and feedback system used for registrations and customer feedback/surveys. US

Your data protection rights

Under data protection law, you have rights including:

Your right of access

You have the right to ask us for copies of your personal information. 

Your right to rectification

You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. 

Your right to erasure

You have the right to ask us to erase your personal information in certain circumstances. 

Your right to restriction of processing

You have the right to ask us to restrict the processing of your personal information in certain circumstances. 

Your right to object to processing

You have the right to object to the processing of your personal information in certain circumstances.

Your right to data portability

You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Please contact us at [email protected] if you wish to exercise any of your rights.

Further disclosures

Log Data

When you visit our website or other digital properties, our servers may log the data provided by your browser. This may include your device’s Internet Protocol (IP) address, browser type and version, the webpage you have visited, the visit metadata which includes the time and date of your visit, how long you interacted with the page and how long your device took to download all the required content on the page.

Additionally, any technical errors you may experience when browsing our website or other digital properties may trigger additional data collection from our servers. This data may include details about your device and browser, metadata including the time and date of the error, what you were trying to do when the error happened, and other technical information relating to the error.

This information may not be personally identified on it’s own, however it is possible that if the information was combined with other information gathered by Measured Collective, or information gathered by third parties that you could be personally identified.

Our servers collect this information to help us deliver a performant and secure online service.

User-generated content

User-generated content is content provided to us by our users and customers for the purpose of publication on our website and other digital properties, for example a testimonial for use on our course page.

Any content you submit for the purpose of publication will be public after posting. After publishing, it may be accessible by third parties not covered under this privacy policy.

Information from third parties

Information that we receive indirectly about you, from third parties, will be protected as set out within this privacy policy. If you are a third party providing information to us about individuals you represent and warrant that you have such individuals consent to provide us with that information and that you have made them aware of the purposes for which their data will be processed.

Managing your marketing permissions

You can manage your personal marketing communications preferences by:

  • Clicking the unsubscribe or manage preferences links included in the footer of our email messages.
  • Contacting our team via email at [email protected]

We may need to request information from you to help us confirm your identity. If you opt-out from specific marketing communications, we may retain some parts of your personal information to maintain our do not contact lists.

Our use of cookies and similar technologies

We use some ‘cookies’ on this website. You can find detailed information about the types of cookies we use and how you can manage them in our cookie policy.

Making a complaint

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

Contact us about your data

For any questions or concerns regarding your data privacy, you may contact us using the following details:

[email protected]