Privacy Policy

1. Introduction

Project Skills Solutions (“PSS”, “we”, “our”, “us”) is committed to protecting your privacy and handling your personal information in a fair, lawful and transparent manner.
This Privacy Policy explains how we collect, use, share and protect personal data under:

• The UK General Data Protection Regulation (UK GDPR)
• The Data Protection Act 2018
• The Data (Use and Access) Act 2025 (DUAA) reforms now in force

This policy applies to all websites, services and training platforms operated by PSS, including projss.co.uk and pssinstallations.co.uk.

2. Data Controller

Project Skills Solutions
17 Wollaston Crescent, Basildon, Essex, SS13 1QD
Email: [email protected] / [email protected]
Phone: 0800 0213 264
If applicable, enquiries relating to data protection may be directed to our internal Privacy Lead.

3. Personal Data We Collect

We may collect the following categories of data:

a. Information you provide directly

Examples include:

• Name, job title, employer
• Contact details
• Course booking information
• Payment information
• Identification documents (where required)
• Profile photo (optional for training certificates)

b. Information collected automatically

When you visit our websites, we may collect:

•  IP address
• Browser type and version
• Time zone
• Device information
• Website interactions, clickstream data, page performance

c. Information from third parties

We may receive your data from:

• Payment processors
• Training partners
• Employers booking courses
• Subcontractors providing installations

4. Purposes & Lawful Bases for Processing

In compliance with UK GDPR, we must explain why we use your data and our lawful basis for doing so.

5. Cookies & Tracking Technologies

Our websites use cookies in compliance with PECR and UK GDPR.
We use:

• Essential cookies (strictly necessary)
• Analytics cookies (consent required)
• Marketing cookies (consent required)

You can manage your preferences at any time via our cookie banner or your browser settings. [virtueuk.com]
A full list of cookies is available in our Cookie Policy.

6. Sharing Your Information

We may share your data with:

• Awarding bodies (e.g., IOSH, CITB) for certification
•  Payment providers
•  Training venues
•  External trainers under contract
•  Installations subcontractors
•  IT and analytics providers

We do not sell your personal information.

7. International Data Transfers

If we transfer data outside the UK, we use one of the following safeguards:

•  UK Adequacy Regulations
• UK International Data Transfer Agreement (IDTA)
• UK Addendum to EU SCCs

We only transfer data where protection is equivalent to UK standards.

8. Data Security

We implement appropriate technical and organisational measures to secure your data, including:

• Encryption
• Access controls
• Secure servers
• Multi-factor authentication

However, transmission over the internet cannot be guaranteed to be completely secure.

9. Data Retention

We retain your personal data only as long as necessary, including:

• Training records: typically 3–7 years (depending on qualification rules)
• Installation project records: 6–10 years (for compliance & warranties)
• Financial information: 6 years (legal obligation)

Where retention periods differ, we apply the ICO’s criteria.

10. Your Rights Under UK Law

You have the following rights under the UK GDPR and DPA 2018:

• Right to be informed
• Right of access (no fee applies)
• Right to rectification
• Right to erasure
• Right to restrict processing
• Right to data portability
• Right to object (including to marketing)
• Rights relating to automated decision-making and profiling

To exercise any rights, email [email protected].

11. Right to Complain to the ICO

You can lodge a complaint with the UK regulator:

Information Commissioner’s Office
Wycliffe House, Water Lane, Wilmslow, SK9 5AF
www.ico.org.uk

12. Changes to This Policy

We review and update this policy regularly. Updates will be posted on this page, and significant changes may be communicated by email.