1. Who We Are
Trusted CPD is a brand of Governance People Limited, a company incorporated in the Isle of Man (company number 132347C).
- Registered Office: 1 The Church View, Braddan, Isle of Man IM4 4TF
- Trading Address: Winchester Court, Second Avenue, Onchan, Isle of Man IM3 4LT
- Data Protection Registration: Isle of Man Information Commissioner, registration number R697807
We are the Data Controller of personal data processed in connection with our CPD accreditation services.
2. What Personal Data We Collect
We may collect and process the following categories of personal data:
- Contact Information: name, job title, organisation, email address, telephone number, postal address.
- Application Information: details provided when applying for accreditation, including professional qualifications and course information.
- Account Information: login credentials, user preferences, and communications with us.
- Financial Information: billing details and payment records.
- Technical Data: IP addresses, browser type, device information, and usage data when interacting with our website.
We do not routinely collect special category data (e.g., health information) unless explicitly required and lawful.
3. How We Use Personal Data
We process personal data for the following purposes:
- To manage applications for CPD accreditation and maintain our register of Approved Providers.
- To administer Accreditation Plans, including issuing certificates, logos and accreditation numbers.
- To provide customer support and respond to enquiries.
- To maintain compliance with legal and regulatory obligations.
- To issue invoices, process payments and manage accounts.
- To send communications relating to your accreditation, including renewal reminders, compliance checks and service updates.
- To improve our services, website functionality and user experience.
- To market our services, where you have consented or where we are permitted under applicable law.
4. Lawful Basis for Processing
We rely on one or more of the following lawful bases under GDPR:
- Contractual necessity – to perform our contract with you (e.g., accreditation services).
- Legal obligation – to comply with regulatory requirements (e.g., data retention, reporting obligations).
- Legitimate interests – to administer and improve our services, provided such interests are not overridden by your rights.
- Consent – for marketing communications and any processing requiring explicit permission.
5. How We Share Personal Data
We may share personal data with:
- Our staff, contractors and professional advisers who need access to perform their duties.
- Third-party service providers (e.g., IT hosting, payment processors, auditors) under contractual safeguards.
- Regulators, law enforcement or public authorities where required by law.
- The public, where publication of an Accredited Provider’s details is part of our register.
We do not sell personal data to third parties.
6. International Transfers
Where we transfer personal data outside the Isle of Man, UK or EEA, we ensure adequate safeguards are in place, such as:
- Adequacy decisions by the UK/EU;
- Standard Contractual Clauses; or
- Other lawful transfer mechanisms.
7. Data Retention
We retain personal data only for as long as necessary for the purposes described in this policy, including:
- Accreditation records: retained for the accreditation term plus 6 years.
- Financial records: retained for 7 years in line with statutory requirements.
- Contact and communications data: retained for the period necessary to manage the relationship.
When data is no longer required, it will be securely deleted or anonymised.
8. Data Security
We implement appropriate technical and organisational measures to protect personal data, including:
- Secure servers and encryption;
- Access controls and role-based permissions;
- Security monitoring;
- Staff training on data protection.
9. Your Rights
Under the Isle of Man Data Protection Act 2018, UK GDPR and EU GDPR (where applicable), you have the right to:
- Access your personal data (subject access request).
- Rectify inaccurate or incomplete data.
- Request erasure of data (“right to be forgotten”).
- Restrict processing of data.
- Object to processing based on legitimate interests or for direct marketing.
- Data portability (receive your data in a structured format).
- Withdraw consent at any time (where processing is based on consent).
Requests may be made in writing to: info@trustedcpd.com
10. Cookies and Website Tracking
Our website may use cookies or similar technologies to enhance functionality and analyse usage. A separate Cookie Policy explains how cookies are used and how you can manage preferences.
11. Complaints
If you have concerns about our use of your personal data, please contact us at info@trustedcpd.com.
You also have the right to lodge a complaint with the:
Isle of Man Information Commissioner
First Floor, Prospect House, Prospect Hill, Douglas, Isle of Man IM1 1ET
www.inforights.im
12. Updates to This Policy
We may update this Privacy Policy from time to time. The latest version will always be published on our website, and material changes will be notified to you directly where appropriate.
