top of page

Privacy Policy

This privacy notice explains how DTMK Training Services uses and protects your personal information.

CONTENTS

  • Contact details

  • What information we collect, use, and why

  • Lawful bases and your data protection rights

  • Where we get personal information from

  • How long we keep information

  • Who we share information with

  • How to complain

  • Policy review

CONTACT DETAILS

Email: christopher@dtmk.co.uk

WHAT INFORMATION WE COLLECT, USE, AND WHY

We may collect or use the following information to provide our services and goods:

  • Names and contact details

  • Addresses

  • Date of birth

  • Purchase or account history

  • Payment details (including card/bank information for transfers or direct debits)

  • Health information (e.g. dietary needs, allergies, health conditions)

  • Photographs or video recordings

  • Records of meetings and decisions

  • Identification documents

  • Information relating to compliments or complaints

We also collect information for:

  • Operation of accounts and guarantees: names, addresses, payment details, purchase history, account information.

  • Service updates or marketing: names, addresses, marketing preferences, recorded images, consent records.

  • Legal compliance: name, contact details, identification documents.

  • Queries, complaints, or claims: names, addresses, account information, purchase/service history, dashcam footage, witness statements, investigation records, financial transactions, correspondence.

LAWFUL BASES AND DATA PROTECTION RIGHTS

Under UK data protection law, we must have a lawful basis for processing personal data. Depending on the activity, the basis is:

  • Providing services and goods: consent or legal obligation

  • Customer accounts and guarantees: consent or contract

  • Service updates or marketing: consent

  • Legal requirements: legal obligation

  • Complaints or claims: legitimate interest, legal obligation, or consent

You have the right to:

  • Access your data

  • Rectification (correction)

  • Erasure (deletion)

  • Restriction of processing

  • Object to processing

  • Data portability

  • Withdraw consent at any time

Requests will be acknowledged within five working days and completed within one month.

WHERE WE GET PERSONAL INFORMATION FROM

  • Directly from you

  • CCTV or dashcam footage

  • Insurance companies

  • Third parties such as parents or guardians

HOW LONG WE KEEP INFORMATION

We only keep data as long as necessary. Retention periods follow our Data Retention Schedule (Appendix A). As a guide:

  • Learner registration: 6 years

  • Assessment & IQA: 5 years (or longer if required by Awarding Organisation)

  • Complaints, appeals, malpractice: 5 years

  • Certification: 6 years

  • Safeguarding: until age 25 (or longer if case remains active)

  • Employment: 6 years after leaving

  • Financial & contractual: 6 years

  • Health & safety: 3 years (longer if linked to serious incident)

  • Marketing data: until consent withdrawn, or 2 years from last contact

Where different retention periods are specified, the longest period will apply.

Data is stored securely on internal systems, encrypted storage, and via the Total Drive App (see Total Drive Privacy Policy).

WHO WE SHARE INFORMATION WITH

  • Insurance companies

  • Professional or legal advisors

  • Organisations we are legally obliged to share with

  • The Awarding Organisation (for registration, assessment, or certification)

HOW TO COMPLAIN

Concerns can be raised by contacting us at christopher@dtmk.co.uk.

If unresolved, you can escalate your complaint to the Information Commissioner’s Office (ICO):

Information Commissioner’s Office
Wycliffe House, Water Lane
Wilmslow, Cheshire, SK9 5AF

Helpline: 0303 123 1113
Website: www.ico.org.uk/make-a-complaint

POLICY REVIEW

  • Last reviewed: September 2025

  • Next review due: 30th June 2026

  • Responsible person: Christopher Cook, Director

  • Email: christopher@dtmk.co.uk

bottom of page