Privacy Policy

The Full-time Training in London (“FTTL”) strives to protect your personal information and use it in a manner consistent with UK laws. Part of these laws is that you have a right to privacy information in a way that is easy to access, read, and understand.

Please read this Policy to understand which types of information we collect from you, for which purposes, and which choices you have regarding our collection of your information. By visiting https://fttl.org or any of its related websites (collectively, the “Website”), you accept the practices described in this Policy.

Who we are

FTTL is overseen by Amana Trust (registered in England and Wales, Company Number 4366897, and Charity Number 1093401). For more information, see https://www.amanatrust.org.uk/about-us. Amana Trust is a registered data controller with the Information Commissioner’s Office in the UK.

Please contact us if you have any questions about our privacy policy or information we hold about you:

FTTL, Amana Trust 
Bower House 
Orange Tree Hill 
Romford, Essex 
RM4 1PB 
United Kingdom 
+44 (0) 1708 380 300 
[email protected]

What personal data we collect and why we collect it

Applicants to the Full-time Training

• If you have applied, or are intending to apply, to join the Training or Short-Term Training, we collect the data shown in the application form as well as any supporting information submitted that we need in order to enrol you. Please see our Privacy Notice for Applicants

Current and Past Trainees

• If you are a current or past trainee, we also collect data during your time in the Training. Please see our Privacy Notice for FTTL Trainees

Event registration forms

• If you apply to attend the Year-End Student (YES) Training, we collect the data shown in the application form as well as any supporting information submitted that we need in order to enrol you. Please see our Privacy Notice for Event Participants and our Privacy Notice for Applicants

Children’s Personal Information

You must be at least 18 years of age in order to request materials or participate in any activity that requires the submission of personal information. We do not knowingly market to or solicit information from children under the age of 18 years.

We cannot distinguish the age of visitors to our Website. If a child has provided us with personal information without parental or guardian consent, the parent or guardian should contact us ([email protected]), and we will remove the minor’s personal information.

Cookies

A cookie is a small text file that websites create and store on your computer containing data about websites that you visit. They are widely used to make websites work or work more efficiently, as well as to provide information to the owners of the site. The below table describes the cookies we use and why. Amana Trust does not disclose to third parties any cookie information created by our Website, except as needed to satisfy any law, regulation, or legal request.

Cookie	Name	Purpose
Google analytics	__ga __gat __gid gadwp_wg_default_dimension gadwp_wg_default_metric gadwp_wg_default_swmetric	These cookies are used to collect information about how visitors use our Website. We use the information to compile reports and to help us improve the Website. The cookies collect information in an anonymous form, including the number of visitors to the Website, where visitors have come to the Website from, and the pages they visited. You may opt out of Google Analytics for Display Advertising through Google’s Ads Settings or via the Google Analytics opt-out browser add-on. To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout.
PHP session cookie	PHPSESSID	This session cookie is set when a visitor first loads a page. The cookie is required by the underlying technology to power the Website. It will last as long as the visitor is on our Website and is removed when the visitor closes their browser. It does not store any user information; it is used to maintain a unique link between the browser and the Website for the purposes of information requests and session data used by the Website to manage user logins. This cookie is set without confirmation as it is crucial to the basic operation of the Website.
Cloudflare	_cfuid	Used for security and threat detection purposes. For more information on CloudFlare’s cookie policy please visit: https://www.cloudflare.com/cookie-policy/
WordPress Platform	wp-settings-[UID], wp-settings-time-[UID]	WordPress uses cookies to customize the registered user’s view of admin interface, and possibly also the main site interface.

Embedded content from other websites

Pages on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with

We use third party service providers who may process information and provide support services on our behalf. Where your personal information is shared, agreements are in place that restrict the use of your information to the purpose for which it is provided and ensure it is stored securely and in accordance with applicable data protection and privacy laws.

More information on our third-party service providers

• Demographic and interest data gathered through Google Analytics Demographic and Interest Reporting is for analysing trends in aggregate and is never combined with personally identifiable information
• We use a variety of airline, coach and hotel booking companies to book your travel when we arrange your transport to an event as part of your Training.
• We use a food safety training provider, All Safe. They will receive your name and user login details for online training. You can review their privacy statement here: https://www.allsafe.org.uk/privacy-statement/
• We use G Suite for Business by Google Cloud in operating the forms on our website. Google adheres to the EU-U.S. Privacy Shield Framework and has entered into a data processing agreement and model contract clause with us to ensure that your data is treated and stored securely. You can review Google’s privacy policy for information on how they manage your personal data: policies.google.com/privacy
• We use PayPal to process card payments. PayPal is a data controller for the information it accesses when you make a payment. Please review PayPal’s privacy policy for more information on how they manage user data: paypal.com/uk/webapps/mpp/ua/privacy-prev
• We use Amazon Web Services (AWS) for hosting the Website. AWS adheres to the EU-U.S. Privacy Shield Framework and has entered into a data processing agreement with us. AWS is compliant with the CISPE Code of Conduct. You can review AWS’s privacy policy here: http://aws.amazon.com/privacy/
• We use Microsoft Azure online services (Azure). Azure service is governed by terms and conditions, which provide a common set of customer commitments, detailed Data Protection Terms and EU Standard Contractual Clauses across their enterprise online services, including Azure, Office 365 and Intune. You can review Microsoft’s privacy policy here: https://privacy.microsoft.com/en-gb/privacystatement (Microsoft Azure is one of the Enterprise and Developer Products)
• We use Samsung’s MagicInfo service to display notices to you on the Training premises. Samsung uses Standard Contractual Clauses to protect your information when it is transferred outside of the EEA. You can view their privacy policy here: https://www.samsung.com/uk/info/privacy/

We may also share your data with third parties as part of a company sale or restructure, or for other reasons to comply with a legal obligation upon us. We have a data processing agreement in place with such third parties to ensure data is not compromised. Third parties must implement appropriate technical and organisational measures to ensure the security of your data.

We do not share your data with external organisations for marketing their products or services. We do not sell your personal data to third parties under any circumstances, or permit third parties to sell on the data we have shared with them.

How we protect your data

We do our utmost to protect your privacy. The European Union General Data Protection Regulation and corresponding data protection legislation obliges us to follow security procedures regarding the storage and disclosure of information which you have given us in order to avoid unauthorised loss or access. As such we and our data processors have implemented industry-standard security systems and procedures to protect information from unauthorised disclosure, misuse, or destruction. We store your information on secure servers at our offices, off-site, and in the Cloud. We may also store certain information on paper at our office.

How long we retain your data

Your information will be kept for no longer than is necessary for the purposes of its use and for as long as it is required in accordance with the law. Where your information is kept in backups, we will take measures to ensure that those backups are encrypted and secure, and eventually destroyed or securely archived.

What rights you have over your data

You have the following rights in relation to the personal data we hold on you:

• the right to be informed about the data we hold on you and what we do with it;
• the right of access to the data we hold on you. We operate a separate Subject Access Request policy and all such requests will be dealt with accordingly;
• the right for any inaccuracies in the data we hold on you, however they come to light, to be corrected. This is also known as ‘rectification’;
• the right to have data deleted in certain circumstances. This is also known as ‘erasure’;
• the right to restrict the processing of the data;
• the right to transfer the data we hold on you to another party. This is also known as ‘portability’;
• the right to object to the inclusion of any information;
• the right to regulate any automated decision-making and profiling of personal data.

Where you have provided your consent, you have the right to withdraw your consent at any time by contacting us using the details provided below. To find out more about the use of your information or to exercise your above rights, please contact [email protected] or call us at 01708 380 300.