CPBBee, which is a trading name of Naedu Ltd, (“us”, “we”) takes data protection seriously. We are committed to safeguarding your privacy and all who access our Website or Services.

If you are CPDBee User, Client, Provider or just visiting our Website, this Privacy Policy applies to you. By using this Website and/or our services you consent to the Processing of your Personal Data described in this Privacy Policy.

Please read this Privacy Policy in full to ensure you are informed. If you have any questions, please contact us at buzz@cpdbee.com or contact us by post at Data Protection, CPDBee, 40 Davisville Road,  London, W12 9SJ.

Our responsibilities – If you are a CPDBee User, Client, Provider or Visitor we act at the Data Controller of your Personal Data. This means we determine how and why your data is processed. We are registered as a Data Controller at the UK Information and Commissioner’s Office under number ZA369694.

Your responsibilities – Read this Privacy Policy. If you provide us with personal information, or if others give us your information, we will only use that information for the specific reason for which it was provided to us. By submitting the information, you confirm that you have the right to authorise us to process it on your behalf in accordance with this Privacy Policy.

Definitions

Client – a User who makes Enquiry to a Provider through CPDBee and enters into an agreement with a Provider.

Enquiry – the act of making contact with a Provider to learn more about their services and the information contained within the Enquiry.

Personal Data – any information relating to an identified or identifiable natural person.
Processing – any operation or set of operations which is performed on Personal Data or on sets of Personal Data.


Provider – an organisation that delivers professional development services to schools.

Data subject – a natural person whose Personal Data is being Processed.


Child – a natural person under 16 years of age.


User – any person who uses CPDBee’s Website and/or Services

We/us (either capitalized or not) – CPDBee

Data Protection Principles

We promise to follow the following data protection principles:

  • Processing is lawful, fair, transparent. Our Processing activities have lawful grounds. We always consider your rights before Processing Personal Data. We will provide you information regarding Processing upon request.
  • Processing is limited to the purpose. Our Processing activities fit the purpose for which Personal Data was gathered.
  • Processing is done with minimal data. We only gather and Process the minimal amount of Personal Data required for any purpose.
  • Processing is limited with a time period. We will not store your personal data for longer than needed.
  • We will do our best to ensure the accuracy of data.
  • We will do our best to ensure the integrity and confidentiality of data.

Data Subject’s rights

You can exercise your rights by sending us an email at buzz@cpdbee.com

The Data Subject has the following rights:

  • Right to information – meaning you have to right to know whether your Personal Data is being processed; what data is gathered, from where it is obtained and why and by whom it is processed.
  • Right to access – meaning you have the right to access the data collected from/about you. This includes your right to request and obtain a copy of your Personal Data gathered. We will provide you with the information within one month of your request, unless doing so would adversely affect the rights and freedoms of other (e.g. another person’s confidentiality or intellectual property rights). We’ll tell you if we can’t meet your request for that reason.
  • Right to rectification – meaning you have the right to request rectification or erasure of your Personal Data that is inaccurate or incomplete.
  • Right to erasure – meaning in certain circumstances you can request for your Personal Data to be erased from our records.
  • Right to restrict processing – meaning where certain conditions apply, you have the right to restrict the Processing of your Personal Data.
  • Right to object to processing – meaning in certain cases you have the right to object to Processing of your Personal Data, for example in the case of direct marketing.
  • Right to object to automated Processing – meaning you have the right to object to automated Processing, including profiling; and not to be subject to a decision based solely on automated Processing. This right you can exercise whenever there is an outcome of the profiling that produces legal effects concerning or significantly affecting you.
  • Right to data portability – you have the right to obtain your Personal Data in a machine-readable format or if it is feasible, as a direct transfer from one Processor to another.
  • Right to lodge a complaint – in the event that we refuse your request under the Rights of Access, we will provide you with a reason as to why. If you are not satisfied with the way your request has been handled please tell us first, so we have a chance to address your concerns. If we fail in this, you can address any complaint to the UK Information Commissioner’s Office, either by calling their helpline or as directed on their website at www.ico.org.uk..
  • Right for the help of supervisory authority – meaning you have the right for the help of a supervisory authority and the right for other legal remedies such as claiming damages.
  • Right to withdraw consent – you have the right withdraw any given consent for Processing of your Personal Data. You can opt out of marketing communication we send you at any time by clicking “unsubscribe” in the marketing emails we send you. To opt out of other forms of marketing, please contact us by emailing buzz@cpdbee.com

More information about your rights and how we can respond can you be found here:

Data we gather

  • Newsletter sign ups. When you sign up to our newsletter we may collect information such as your name, information about role and school and your email address to keep you updated.
  • Provider applications. When you apply to become a Provider listed on CPDBee we may ask you for your contact information, including items such as your name, orgainsation name, email and telephone number. We may collect information about your experiences and qualifications. We may also ask you to supply (with their permission) the contact details of your references.
  • Provider references. When you supply a reference for a Provider during the application process we may ask you for your name, your school, your role and some information about your experience of the Provider.
  • User Enquiry. When you make an Enquiry to a Provider about their services we may ask you to supply information which will help Providers meet your requirements such your name, your school name, your email address, location and professional development requirements.
  • Reviews and Feedback. When you provide us with Feedback about your experience of our Service and your Review of a Provider, we may ask you for information such as your name, role, school and opinions.
  • Communications. If you contact us directly we may receive additional information about you such as your name, email address, phone number, the contents of the message and/or attachments you may send us, and any other information you may choose to provide. We may also receive a confirmation when you open an email from us.

The personal information that you are asked to provide is mainly for the purpose of delivering the Service and to enhance your customer experience. The reasons why you are asked to provide it, will be made clear to you at the point we ask you to provide your personal information.

Information automatically collected about you

  • Cookies and Other Tracking Technologies. As is true of most websites, we gather certain information automatically and store it in log files. In addition, when you use our Services, we may collect certain information automatically from your device.  This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, clickstream data, landing page, and referring URL. To collect this information, a cookie may be set on your computer or device when you visit our Services. Cookies contain a small amount of information that allows our web servers to recognize you. We store information that we collect through cookies, log files, and/or clear gifs to record your preferences. We may also automatically collect information about your use of features of our Services, about the functionality of our Services, frequency of visits, and other information related to your interactions with the Services. We may track your use across different websites and services. In some countries, including countries in the European Economic Area (“EEA”), the information referenced above in this paragraph may be considered personal information under applicable data protection laws.
  • Usage of our Services. When you use our Services, we may collect information about your engagement with and utilization of our Services, such as processor and memory usage, storage capacity, navigation of our Services, and system-level metrics. We use this data to operate the Services, maintain and improve the performance and utilization of the Services, develop new features, protect the security and safety of our Services and our customers, and provide customer support. We also use this data to develop aggregate analysis and business intelligence that enable us to operate, protect, make informed decisions, and report on the performance of our business.

Information from our partners

We gather information from our trusted partners with confirmation that they have legal grounds to share that information with us. This is either information you have provided them directly with or that they have gathered about you on other legal grounds. See the list of our partners on our Website.

  • Sales information. So that we can develop analysis and report on our performance, we may collect information from partner Providers. We may collect data such as your name, role, email address, school, the services you buy from them, their volume and cost and their start and end dates.
  • Provider Evaluation Data. So that we can understand and monitor how effective Providers services are we may collect information supplied to them by you about the quality and impact of their services, which may include your name, school, role and opinions

Publicly available information

We might gather information about you that is publicly available.

How we use your Personal Data

We use your Personal Data in order to:

  • Provide, operate, and maintain our Services;
  • Improve, personalise, and expand our Services;
  • Understand and analyse how you use our Services;
  • Develop new products, services, features, and functionality;
  • Communicate with you, either directly or through one of our partners, including for customer service, to provide you with updates and other information relating to the Service, and for marketing and promotional purposes;
  • Process your Enquiries;
  • Find and prevent fraud; and
  • For compliance purposes, including enforcing our Terms of Service, or other legal rights, or as may be required by applicable laws and regulations or requested by any judicial process or governmental agency.

We use your Personal Data on legitimate grounds and/or with your Consent.

On the grounds of entering into a contract or fulfilling contractual obligations, we Process your Personal Data for the following purposes:

  • to identify you;
  • to provide you a service or to send/offer you a product;
  • to communicate either for sales or invoicing;
  • to collect participant evaluation data,

On the grounds of legitimate interest, we Process your Personal Data for the following purposes:

  • to send you personalised offers* (from us and/or our carefully selected partners);
  • to administer and analyse our client base (purchasing behaviour and history) in order to improve the quality, variety, and availability of products/ services offered/provided;
  • to conduct questionnaires concerning client satisfaction;
  • to collect Reviews of Providers

As long as you have not informed us otherwise, we consider offering you products/services that are similar or same to your purchasing history/browsing behaviour to be our legitimate interest.

With your consent we Process your Personal Data for the following purposes:

  • to send you newsletters and campaign offers (from us and/or our carefully selected partners);
  • for other purposes we have asked your consent for

We Process your Personal Data in order to fulfil obligations rising from law and/or use your Personal Data for options provided by law. We reserve the right to anonymise Personal Data gathered and to use any such data. We will use data outside the scope of this Policy only when it is anonymised. We save your billing information and other information gathered about you for as long as needed for accounting purposes or other obligations deriving from law, but not longer than 5 years.

We might process your Personal Data for additional purposes that are not mentioned here, but are compatible with the original purpose for which the data was gathered. To do this, we will ensure that:

  • the link between purposes, context and nature of Personal Data is suitable for further Processing;
  • the further Processing would not harm your interests and
  • there would be appropriate safeguard for Processing.

We will inform you of any further Processing and purposes.

Who else can access your Personal Data

We neither rent of sell your Persona Data in personally identifiable form to anyone. We do not share your Personal Data with strangers. Personal Data about you is in some cases provided to our trusted partners in order to either make providing the service to you possible or to enhance your customer experience. We share your data with:

  • Our partner Providers. We work with range of learning Providers listed on our Website and have agreements and procedures in place to ensure your personal data is protected through the service you receive from us. Your personal data will only be shared with learning Providers you have chosen to engage with via our websites. For example, when you make an Enquiry, your details relating to that enquiry will be provided to them so that they may answer your enquiry directly. We also provide anonymised site usage data to providers to enable them to monitor enrolment from users who use our websites.
  • Information you make Available. Any information that you voluntarily choose to include in a public area of the Service, such as a public profile page, will be available to any Visitor or User who has access to that content.
  • Advertising. We work with third-party advertising partners to show you ads that we think may interest you. These advertising partners may set and access their own cookies, pixel tags, and similar technologies on our Services, and they may otherwise collect or have access to information about you which they may collect over time and across different online services. Some of our advertising partners are members of the Network Advertising Initiative or the Digital Advertising Alliance. To learn more about these programs, or opt-out of personalized ads, visit the Digital Advertising Alliance’s Self-Regulatory program for Online Behavioral Advertising at www.aboutads.info, or the Network Advertising Initiative at www.networkadvertising.org.
  • Aggregate Information. Where legally permissible, we may use and share information about users with our partners in aggregated or de-identified form that can’t reasonably be used to identify you. 
  • Business Transfers. We may choose to buy or sell assets. In these types of transactions, customer information is typically one of the business assets that is transferred. Also, if we (or substantially all of our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Information would be one of the assets transferred to or acquired by a third party.
  • Protection of Company and Others. We reserve the right to access, read, preserve, and disclose any information that we reasonably believe is necessary to comply with law or court order; enforce or apply our conditions of use and other agreements; or protect the rights, property, or safety of Company, our employees, our users, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction.
  • With Your Consent. Except as set forth above, you will be notified when your Personal Information may be shared with third parties, and will be able to prevent the sharing of this information.
  • Third Parties who process your data. Tech businesses often use third parties to help them host their application, communicate with customers, power their emails etc. We partner with third parties who we believe are the best in their field at what they do. When we do this, sometimes it is necessary for us to share your data with them in order to get these services to work well. Your data is shared only when strictly necessary and according to the safeguards and good practices detailed in this Privacy Policy. Here are the details of our main third-party service providers, and what data they collect or we share with them, where they store the data and why they need it:

Supplier/Service

Details

Location

Supplier Security and Privacy Information

Google Suite

Email, document management, collaboration tools

Worldwide

Security and Trust

Microsoft Office 365

Email, document management, collaboration tools

Europe

Trust and Privacy information

Digital Ocean

Web hosting service

Worldwide

Privacy

Airtable

Webforms

USA

Privacy Security

MailChimp

Email marketing

USA

Privacy 

Google Analytics

Web tracking activity

Worldwide

Data Privacy and Security

Xero

Accounting Software

USA

Security / Privacy

We only work with Processing partners who are able to ensure adequate level of protection to your Personal Data. We disclose your Personal Data to third parties or public officials when we are legally obliged to do so. We might disclose your Personal Data to third parties if you have consented to it or if there are other legal grounds for it.

How we secure your data

We do our best to keep your Personal Data safe.  We use safe protocols for communication and transferring data (such as HTTPS). We use anonymising and pseudonymising where suitable. We monitor our systems for possible vulnerabilities and attacks

The personal data you provide is stored in a secure hosting environment based in the UK. We employ a range of technology and procedures to ensure that this data is secure, including encryption, anti-virus and anti-malware software, intrusion detection, company-wide data usage policies, and mandatory security and privacy staff training.

We have physical, electronic, and managerial procedures to safeguard and secure the information we collect.

But please remember:

  • You provide personal data at your own risk: unfortunately, no data transmission is guaranteed to be 100% secure
  • However, we promise to notify suitable authorities of data breaches. We will also notify you if there is a threat to your rights or interests. We will do everything we reasonably can to prevent security breaches and to assist authorities should any breaches occur.
  • If you believe your privacy has been breached, please contact us immediately on buzz@cpdbee.com

The personal data we collect is processed at our offices in London and in any data processing facilities operated by the third parties identified above.

By submitting your personal data, you agree to this transfer, storing or processing by us. If we transfer or store your information outside the EEA in this way, we will take steps to ensure that your privacy rights continue to be protected as outlined in this Privacy Policy.

If you have an account with us, note that you have to keep your username and password secret.

Children

We do not intend to collect or knowingly collect information from children. We do not target children with our services.

Sensitive data

We do not collect any “sensitive data” about you (like racial or ethnic origin, political opinions, religious/philosophical beliefs, genetic data, biometric data, health data, data about your sexual life or orientation, and offences or alleged offences) except when we have your specific consent, or when we have to to comply with the law.

Cookies and other technologies we use

We use cookies and/or similar technologies to analyse customer behaviour, administer the website, track users’ movements, and to collect information about users. This is done in order to personalise and enhance your experience with us.

A cookie is a tiny text file stored on your computer. Cookies store information that is used to help make sites work. Only we can access the cookies created by our website. You can control your cookies at the browser level. Choosing to disable cookies may hinder your use of certain functions.

We use cookies for the following purposes:

  • Necessary cookies – these cookies are required for you to be able to use some important features on our website, such as logging in. These cookies don’t collect any personal information.
  • Functionality cookies – these cookies provide functionality that makes using our service more convenient and makes providing more personalised features possible. For example, they might remember your name and e-mail in comment forms so you don’t have to re-enter this information next time when commenting.
  • Analytics cookies – these cookies are used to track the use and performance of our website and services
  • Advertising cookies – these cookies are used to deliver advertisements that are relevant to you and to your interests. In addition, they are used to limit the number of times you see an advertisement. They are usually placed to the website by advertising networks with the website operator’s permission. These cookies remember that you have visited a website and this information is shared with other organisations such as advertisers. Often targeting or advertising cookies will be linked to site functionality provided by the other organisation.

You can remove cookies stored in your computer via your browser settings. Alternatively, you can control some 3rd party cookies by using a privacy enhancement platform such as optout.aboutads.info or youronlinechoices.com. For more information about cookies, visit allaboutcookies.org.

We use Google Analytics to measure traffic on our website. Google has their own Privacy Policy which you can review here. If you’d like to opt out of tracking by Google Analytics, visit the Google Analytics opt-out page.

Contact Information

If you have any question regarding your personal data, please contact the Privacy Manager at the address below:

Privacy Manager
CPDBee
40 Davisville Road
London
W12 9SJ

buzz@cpdbee.com

If you feel we have been intrusive to your privacy or misused your data you have the right to complain to the ICO https://ico.org.uk/for-the-public/raising-concerns/

Changes to this Privacy Policy

We reserve the right to make change to this Privacy Policy at any time. so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.

Last modification was made 18/05/18