Privacy Policy

1. Purpose of this Policy

This Privacy Policy explains how Deptico collects, uses, discloses and safeguards your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. It applies to visitors, account holders and learners who access the Deptico website, mobile apps and related services (collectively, the "Platform").

​

2. Who We Are

Deptico is the "controller" of your personal data. Our contact details and the Data‑Protection Contact are listed above.

 

3. The Data We Collect

Categories of personal data we collect

Account Data – name, email, password, date of birth, country (legal basis: Contract – Art 6(1)(b))

Course Data – enrolments, progress, quiz scores, certificates (legal basis: Contract / Legitimate Interest)

Payment Data – billing address, last four digits of card, transaction ID (processed via secure payment processor) (legal basis: Contract / Legal Obligation)

Marketing Preferences – opt‑in status, topics of interest (legal basis: Consent – Art 6(1)(a))

Support Data – communications with our support team (legal basis: Legitimate Interest)

Cookies & Tracking – IP address, device type, browser, pages visited (essential, analytics & advertising cookies) (legal basis: Consent / Legitimate Interest)

Where multiple bases are listed, the primary basis applies; secondary bases may apply where required to comply with law or protect legal rights.

Special Category Data

We do not intentionally collect special category data (e.g., health, ethnicity) unless you voluntarily provide it (e.g., accessibility requirements). Such data is processed only with your explicit consent or where legally permitted.

​

4. How We Use Your Data

To create and manage your Deptico account;

To deliver and administer Courses;

To process payments and issue certificates;

To provide customer support and respond to enquiries;

To send service emails (e.g., enrolment confirmations, progress reminders);

To send marketing communications only where you have opted‑in;

To analyse Platform usage and improve our services (anonymised/aggregated reports);

To comply with legal obligations (e.g., accounting, fraud prevention).

 

5. Marketing Communications

You choose whether to receive promotional emails/SMS via an opt‑in checkbox during sign‑up and an in‑account toggle at any time. You may unsubscribe at any time by clicking the link in an email or adjusting your account settings.

 

6. Children’s Privacy

Users under 16 must obtain parental/guardian consent before creating an account. We may request verification but do not knowingly collect personal data from children without such consent.

 

7. Cookies & Tracking Technologies

We use:

Essential cookies – necessary for login, security and core features;

Analytics cookies – to understand site performance (e.g., Google Analytics);

Advertising pixels – to deliver relevant ads and track campaign performance.
Upon first visit, you will see a cookie banner allowing you to accept or manage preferences. You can change settings at any time via the Cookie Settings link.

 

8. Sharing Your Data

We do not sell or share personal data with third‑party marketers. We share data only with trusted "processors" who perform services on our behalf under data‑processing agreements, such as:

Payment processors (e.g., Stripe, PayPal);

Cloud hosting and IT providers;

Analytics providers (aggregated/anonymous form);

Certification exam partners where required to deliver a Course.

​

9. International Transfers

All data is stored on UK‑based or UK‑approved servers. We do not transfer personal data outside the UK/EU. If future transfers become necessary, we will implement UK‑approved safeguard mechanisms and update this Policy.

 

10. Data Retention

Accounting & transaction records: kept for 6 years to meet statutory obligations.

Inactive accounts: deleted or anonymised after 2 years of no activity.

Back‑ups: securely deleted in line with retention schedules.

 

11. Security

We employ industry‑standard safeguards, including encryption in transit (TLS), hashed passwords, access controls and regular penetration testing. No method of transmission is 100% secure; we strive to protect your data but cannot guarantee absolute security.

​

12. Automated Decision‑Making & Profiling

Deptico does not use automated decisions that produce legal or similarly significant effects. Progress recommendations and course suggestions are generated using simple rules and do not have material impact on rights or obligations.

 

13. Your Rights

Under UK GDPR you have the right to:

Access – Request a copy of your personal data;

Rectification – Correct inaccuracies;

Erasure – Request deletion where no longer needed;

Restriction – Limit processing in certain cases;

Data Portability – Receive data in a machine‑readable format;

Objection – Object to processing based on legitimate interests or direct marketing;

Withdraw Consent – Where processing relies on consent.
To exercise these rights, email privacy@deptico.co.uk. We will respond within one month.

Complaints

If you believe we have not handled your data properly, please contact us first. You may also lodge a complaint with the Information Commissioner’s Office (ICO): ico.org.uk | +44 303 123 1113.

​

14. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified via email or prominent notice on the Platform. Continued use of the Platform after changes indicates acceptance.

​

15. Contact Us

For questions about this Privacy Policy or data protection at Deptico, contact:Stephan Macaully Email: privacy@deptico.co.uk Deptico, 24‑26 Regent Place, Birmingham, B1 3NJ, United Kingdom