Privacy Policy

Compliance. Security. Transparency.

Update Information

Last updated: 20/04/2025
Last revised: 20/04/2025

Owner and Data Controller

RedLibrary Consulting Limited
Registered in England and Wales.

Company number (CRN): 11095094
ICO Registration number: ZA923959
Address: Bartle House, Oxford Court,
M2 3WQ, Manchester, UK

Data Protection Officer email:
dpo@redlibrary.net

Definitions

We, Us: Refers to RedLibrary Consulting Limited, acting as the Owner, Data Controller, and Data Processor.

User: The individual using the website, considered the Data Subject unless otherwise stated.

Data Subject: The natural person to whom the Personal Data relates.

Data Processor: The entity processing Personal Data on behalf of the Controller.

Data Controller: The entity determining the purposes and methods of processing Personal Data, including security measures.

Website: https://redlibrary.net, https://redlibrary.co.uk

Service: Services provided through the Website.

European Union and European Economic Area (EU/EEA): Includes all current EU member states and EEA countries.

Privacy Statement

This Privacy Policy explains how we collect, process, store, and protect your personal data when you:

  • Visit and use our website
  • Show interest in or utilize our services
  • Engage with us through our website forms, direct contact (email, phone), newsletter subscriptions, training course registrations, or participation in service delivery.
It is essential to read this policy to understand how we safeguard your data. This policy complies with EU Regulation 2016/679 (GDPR) and the UK Data Protection Act 2018.

We apply strict access controls, encrypted storage, secure system configurations, and regular vulnerability assessments in line with ISO/IEC 27001:2022 standards. Access is limited to authorized personnel only, and all employees receive data handling training.

Personal Data We Collect

Internet/network activity: Includes interactions with our website and systems via cookies and IP-related technologies.

Identity, contact, and payment data: Includes name, email, phone number, IP address, account data, and bank details. We do not store credit/debit card data.

Professional information: Personal and / or business contact details collected for service delivery purposes.

How We Collect Personal Data

Automatically: IP address, device, browser, and geolocation details for analytics and security.

Provided by the Data Subject: Through email, phone, online forms, or in-person interactions.

Third parties: We may receive limited personal data from public sources, partners, or marketing affiliates to offer relevant services.

Lawful Basis of Processing Data

Contractual: To fulfill obligations such as communications, invoicing, and support.

Legitimate Interests: To respond to inquiries, monitor website usage, or communicate relevant offers. You can unsubscribe at any time.

Legal Obligation: We may disclose data to meet financial, accounting, or statutory requirements.

Automated and Artifical Intelligence based Decision-Making & Profiling

We do not use any form of automated decision-making, including Artificial Intelligence (AI)-based profiling, that affects or produces legal effects for users.

Data Retention

We retain personal data only for as long as necessary to fulfill the purpose for which it was collected, or as required by applicable laws.

  • Data subject to legal or regulatory obligations (e.g. invoicing, transaction records) is retained for a minimum of 5 years and reviewed monthly.
  • Certification records (e.g. issued data destruction or training certificates) do not have a predefined retention period, as they may be required by users for long-term verification. These records will be deleted upon explicit request by the user.
  • All other personal data is reviewed and deleted on a case-by-case basis when no longer necessary.
  • When deletion is performed, data is anonymized wherever possible, retaining only the minimum identifiers required to comply with legal or audit obligations.

Sharing Personal Data

We only share your data when legally or contractually required. We never share your personal data for profiling, marketing, or automated decision-making.

Cookies

We only use functional cookies to maintain language preferences, security sessions, and consent tracking:

  • language – stores your language choice (1 year)
  • session_id – identifies your session (1 day)
  • uid – enhances session security (1 day)
  • consent – stores cookie consent via Cookiebot (1 year)
No tracking or marketing cookies are used. Cookies are not used to collect personal data.
In accordance with privacy regulations, our Cookiebot implementation actively prevents non-essential cookies from being set unless you have provided explicit consent. However, as we only use functional cookies, no personal tracking or analytics cookies are placed regardless of your consent settings.

Use of 3rd Party Providers

We use the following providers, fully compliant with GDPR and ISO:27001:

  • Fasthosts Internet Limited (UK): Website hosting, encrypted storage. No unencrypted data access. ISO27001 certified, externally audited. Privacy Notice
  • Cookiebot (Denmark): Consent validator tool. ISO27001 certified, externally audited. Privacy Policy
  • Wise Payments Limited (UK): Used for financial transactions (SEPA, cards). ISO27001 certified, externally audited. Privacy Policy
All personal data is stored and processed within the United Kingdom or European Economic Area (EEA). We do not transfer personal data outside of these regions. In the event that future data transfers are required, we will ensure that appropriate safeguards, such as Standard Contractual Clauses (SCCs), are in place to maintain GDPR compliance.

Minors

Our services are not directed at individuals under the age of 18 years. If you are under the age of 18, please refrain from submitting any personal information. Parents or legal guardians may contact us at dpo@redlibrary.net to exercise their rights on behalf of the child.

Your Rights

You have the right to:

  • Be informed about how we use your data
  • Access your personal data
  • Rectify inaccurate data
  • Erase data (with limitations)
  • Object to certain uses of your data
  • Withdraw consent at any time
  • Request portability of your data
To exercise your rights, email dpo@redlibrary.net. ID verification may be required. Deleted data cannot be recovered and may include your training history, if applicable.

Supervisory Authority: If you are dissatisfied, you may contact the Information Commissioner's Office (ICO):
Website: https://ico.org.uk
Phone: 0303 123 1113
Address: ICO, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Changes to This Policy

We may revise this Privacy Policy at any time to ensure compliance. Please refer to the "Last updated" section at the top for version tracking.

In compliance with:

 
National CyberSecurity Centre Information Commissioner`s Office UK GDPR EU GDPR NIS2 DoD 5220.22-M ISO:27001