Purple Path (a trading name of Future Prospects Group Ltd) is committed to ensuring that your privacy is protected and we strictly adhere to the provisions of all relevant Data Protection Legislation including the EU General Data Protection Regulation (GDPR) and the Privacy and Electronic Communications (EC Directive) Regulations 2003.
In order for us to provide our products and services we need to process a certain amount of data, some of which is personally identifiable. All personal data is handled in line with the principles outlined in the GDPR that state personal data shall be:
- Processed lawfully, fairly and in a transparent manner in relation to the data subject
- Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes
- Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed
- Accurate and, where necessary, kept up to date
- Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed
- Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures
We process data on the following categories of individuals:
Learners / System Users (for Online/eLearning)
Purple Path is an official reseller for Virtual College and their online training portfolio.
In order to access Enable, (Virtual College’s Learning Management System (LMS)), and complete training and other associated activities, users require an LMS account. Having an account means that Virtual College is storing the personal data you provide, and we further process this to determine training outcomes and retain certification records as well as analyse content and system usage, improve our products and services and respond to support queries and evaluation comments. Where a learner has accessed or is allocated a Virtual College eLearning training course, Future Learning, along with Virtual College are joint data controllers.
If your login details or training has been provided by a 3rd party (e.g. your employer or another training organisation) then they will also be joint data controller, along with Virtual College where applicable, and also have access to and will be processing your personal data.
Should you require any further information you should contact them directly. If you are unsure who to contact then Future Learning may be able to assist, please email email@example.com
Virtual College retains learning records on an ongoing basis, under its commitment to lifelong learning, to enable them to provide factual information on what a learner has studied and achieved, i.e. name, courses studies, CPD gained, test results etc. This is in line with JISC best practice and Guidance on Managing Student Records.
Virtual College servers are provided by Node 4 and Amazon Web Services. Virtual College also work with a number of organisations who assist them in testing the LMS and related infrastructure – Pure Technology Group and Ten10.
Where learners complete one of our IOSH or City & Guilds accredited courses, personal data is shared with IOSH / City & Guilds to enable them to issue their certification.
Customers & Prospective Customers (Purchasing via our Sales Team)
Purple Path use Zoho CRM (you can see Zoho’s compliance statement here) to manage our business development and account management activity. All customers and prospective customers have a record with our CRM database. Along with details about the organisation and products purchased, we also store contact information for those people we know at the organisation. For customers we process this data in order for us to meet out contractual obligations, for prospective customers our condition for processing is legitimate interest.
Website Visitors & Online Customers
When you place an order with us on our website, we will ask you to provide certain personal information, for example:
- your name; and
- your email address.
Please note that we require this information to be able to process your order and fulfil our contractual obligations (our condition for processing under GDPR).
If you purchase services online, our third party payment provider (Braintree Ltd – you can view their privacy information here) will require additional personal information in order to process such payment (e.g. your home address). Please note that this information is not collected or stored by us.
Your personal information will then be used by us to provide you with the services you ordered and to communicate with you regarding the provision of those services.
We also monitor website usage and provide statistics to third parties for the purposes of improving and developing our website and the services we provide via our website. Please note that any such statistics and/or information provided to third parties will be made on a confidential basis and will not include information that can be used to identify any individual.
A cookie is a small piece of information which is automatically created by our website on your computer. Please note that cookies are harmless to your computer. Cookies are a useful way of remembering the choices you have previously made while visiting our website.
Please note that if you set your computer to not accept cookies, there may be certain features/areas on our website that you may not be able to use. It may be necessary to have cookies enabled in order to purchase or access online courses and materials.
Newsletter / Marketing Subscribers
When you fill out a webform to sign up to a newsletter, download a resource or enquire about a product, we may ask you to provide certain personal information, including your:
- Email address
- Job title & the organisation you work for
- Telephone number
By completing the form and ticking the relevant boxes you are providing your consent for Future Learning to process your personal data, and this is the legal basis we are relying on to do so.
We will use the information that you give us to send you relevant emails containing Purple Path and Future Prospects Group news & marketing communications.
In addition, if you have enquired about a product or service we will use the information you have given to update our customer relationship management system (CRM) so one of our consultants or advisors can contact you. This information will also be stored by another third party data processor, Zoho and you can see Zoho’s compliance statement here.
Some automation and profiling may be used to send emails based on your indicated preferences and your interactions with the emails we send to you. For example if you have enquired about a particular product we may send you a series of emails outlining features or benefits of that particular product. We regularly review your interactions with the emails we send you and remove any subscribers who have shown and extended period of inactivity. You can withdraw your consent and unsubscribe at any time by clicking the link at the bottom our email communications.
If you continue to interact with our emails or website, we will retain your data indefinitely so we can continue to send you emails.
We will not sell or rent your information to third parties.
Suppliers, Sub-Contractors & Freelancers
Personal data provided to suppliers, sub-contractors & freelancers (acting as ‘Training Associates’) is used only for purposes related to the supply of goods or services for which we have contracted.
For example, some of our Management & Leadership training is provided by our training partner Get the Edge UK Training and Consultancy Limited and therefore details such as your name and address(es) may be used for training packs and certificates following training workshops.
Sub-Processors and other 3rd Parties
We utilise a number of sub-processers and other 3rd parties to support and enhance the delivery of our services – these are listed below.
- Zoho – provide us with our CRM software
- Xero – provide us with our accountancy products (for the purposes of invoicing)
- Website Hosting – Webstraxt
Virtual College (Online/eLearning training courses)
- Microsoft – provide us with a number of software services including Dynamics 365, our CRM
- Campaign Monitor – our email marketing provider
- Braintree – our online payments provider
- Node4 – our datacentre
- Pure Technology Group – assist with LMS testing and other aspects of IT
- Ten10 – assist with LMS testing
- Amazon Web Services
How do we safeguard your personal data?
Protecting your security and privacy is extremely important to us and we make every effort to secure your information and maintain your confidentiality in accordance with all relevant Data Protection regulations including the EU General Data Protection Regulation (GDPR). Our systems are protected by various levels of security technology, which are designed to protect your information from any unauthorised or unlawful access, processing, accidental loss, destruction and damage.
Please note that we may need to disclose your personal information where we:
- are under a legal duty to comply with any legal obligation or in order to enforce or apply our terms and conditions; or
- need to disclose it to protect our rights, property or safety of our customers or others, including the exchange of information with other companies, organisations and/or governmental bodies for the purposes of fraud protection and credit risk reduction.
The GDPR provides the following rights for individuals:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling
You also have the right to raise concerns with the ICO on 0303 123 1113 or at https://ico.org.uk/concerns or any other relevant supervisory authority should your personal data be processed outside of the UK, if you believe that your data protection rights have not been adhered to.
If any of the information you provide to us changes, please let us know as soon as possible so that we can make the necessary changes to the information we hold for you on our database(s) so that your records are accurate and up to date.
If you wish to makes changes to, or see the information we hold on you, you can make a subject access request by emailing us on firstname.lastname@example.org and we will respond to your request within 30 days of the date we receive it.
Data Protection Lead
Future Prospects Group
For whatever reason, should you wish to lodge a complaint with the Information Commissioner’s Office, as is your right, you can do by contacting the ICO directly via one of the options on their website https://ico.org.uk/global/contact-us/
Finally, our website and other systems may contain links to other websites. Please be aware that we are not responsible for the privacy practices of such other websites or organisations and/or individual users utilising our systems.