Privacy Policy

Introduction

This policy outlines the steps and measures Complete Tuition Ltd (‘the company’) takes to ensure data is handled in accordance with the Data Protection Act 2018 (DPA 2018) and the General Data Protection Regulation (GDPR) as it applies in the UK.

The policy is informed by guidance from the following sources, alongside our internal processes:

• ICO Guide to Data Protection

• ICO Data Sharing Code of Practice

Data Protection Principles

Complete Tuition Ltd is committed to processing personal data in accordance with its responsibilities under the GDPR.

As set out in Article 5 of the GDPR, personal data must be:

• Processed lawfully, fairly and transparently in relation to individuals.

• Collected for specified, explicit and legitimate purposes and not further processed in a way that is incompatible with those purposes. (Further processing for archiving in the public interest, scientific or historical research, or statistical purposes is not considered incompatible.)

• Adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.

• Accurate and kept up to date where necessary. Every reasonable step must be taken to ensure that inaccurate personal data is erased or corrected without delay.

• Kept in a form that permits identification of data subjects for no longer than necessary. Data may be stored for longer periods only for archiving in the public interest, research, or statistical purposes, provided appropriate technical and organisational safeguards are in place.

• Processed securely, ensuring protection against unauthorised or unlawful processing, and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

Data Policy

This policy applies to all personal data processed by the company.

The DPO and management shall take responsibility for the company’s ongoing compliance with this policy.

This policy shall be reviewed at least annually.

To ensure its processing of data is lawful, fair and transparent, the company shall maintain a Data Protection Actions and Timelines Policy.

Individuals have the right to access their personal data, and any such requests made to the company shall be dealt with in a timely manner.

All data processed by the company must be done on one of the following lawful bases: consent, contract, legal obligation, vital interests, public task, or legitimate interests (see ICO guidance for more information).

Where consent is relied upon as a lawful basis for processing data, evidence of opt-in consent shall be kept with the personal data.

Where communications are sent to individuals based on their consent, the option to revoke consent must be clearly available, and systems must ensure such revocation is properly reflected.

The company shall ensure that personal data are adequate, relevant, and limited to what is necessary for the purposes for which they are processed.

The company shall take reasonable steps to ensure personal data is accurate. Where necessary for the lawful basis, steps shall be taken to keep personal data up to date, as set out in the Data Protection Actions and Timelines Policy.

To ensure personal data is not kept longer than necessary, the company shall implement an archiving policy for each area in which personal data is processed and review this annually.

The archiving policy shall consider what data should be retained, for how long, and why. Checks to ensure data is deleted or archived in a timely manner are outlined in the Data Protection Actions and Timelines Policy.

The company shall ensure personal data is stored securely using modern, up-to-date software.

Access to personal data shall be limited to personnel who need it, with appropriate security measures in place to avoid unauthorised sharing.

When personal data is deleted, it shall be done securely to ensure it is irrecoverable.

Appropriate backup and disaster recovery solutions shall be in place.

In the event of a data breach involving unauthorised access, loss, or disclosure of personal data, the company shall promptly assess the risk to individuals and, if necessary, report the breach to the ICO (see ICO website for more information).

Privacy Commitment

Pass Numerical Reasoning values its learners and respects their privacy. Any information collected is held securely and used solely to process your requests, such as a sample request, order payment, or enquiry. We will never use your personal data for anything beyond servicing your request. If a previous interaction has taken place, we may occasionally contact you with updates or to see if we can support you further.

Data We Collect

Cookies

We may set cookies in your browser for:

1. Tracking your session – e.g. items in your cart, checkout progress, or reminders to complete a purchase.

2. Preventing repeat display of welcome messages.

3. Google Analytics (anonymous tracking of website usage)
   More info

4. Facebook cookies – if you visit via a Facebook or Instagram ad.

Personal Information

In limited cases, we may request personal data, such as:

• Full Name

• Email Address

• Telephone Number

• Billing & Shipping Address

• Date of Birth (for specific products)

• ULN (for exam bookings)

We will only request data necessary to process:

• eCommerce purchases

• Payments

• Enquiries submitted via forms

• Exam bookings

We may send occasional emails related to your request or product updates. You may opt out at any time by emailing:
[email protected]

Transfer of Data

To improve support, your data may be moved to our Customer Relationship Manager (CRM) system. This system is only accessed by Pass Numerical Reasoning staff. Your data will never be shared with other individuals or companies without consent, and will never be sold or rented for commercial purposes.

Your Rights

You have the right to view, amend, or delete the personal information we hold.
Please email [email protected] and we will respond within 30 days.

Changes to Our Privacy Policy

This policy may be updated to reflect changes in the law or our services. The most recent update was on 10th May 2021. We recommend reviewing this policy regularly. If you no longer consent to your data being processed as outlined, please contact us.

Registering with Us

If you register with us, we save the details you provide to personalise your experience. You can update your information anytime by contacting us.
We never store card details.

Who Has Access to Your Information?

We retain access to some personal information for a limited time.

We own the rights to all test and exam content, including completed papers and online recordings.

If a third party provides a service on our behalf, we may share relevant data with them to fulfil that service. By using this site, you consent to this.

We will never sell or distribute your information for marketing purposes.

For Functional Skills examinations, we share your information with Open Awards (the exam board) to process your exam entry.

Accessing, Changing, or Deleting Your Data

Registered users can update their information by logging into their Pass Numerical Reasoning account. Please keep your contact details up to date.

Policy Updates

We may revise this policy as new services are added or laws change. Updates will be posted on this site. Please check regularly to stay informed.