Last updated: 21 February 2026

Evolution Consultancy Ltd (“we”, “us”, “our”) is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains what personal data we collect, how we use it, who we share it with, and your rights under the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018.

Our privacy promise

We aim to:

  • Keep your personal data safe and secure

  • Use your data fairly and transparently

  • Only use your data for clear purposes (such as managing training, bookings, and support)

  • Never sell your personal data

1) Who we are

For data protection purposes, Evolution Consultancy is the Data Controller (meaning we decide how and why your personal data is used).

Contact details (data protection enquiries):
Email: info@evolutionconsultancy.co.uk
Telephone: 020 3488 2272 / 07378 218 521
Address: 11 Courtenay Road, East Lane Business Park, Wembley, United Kingdom, HA9 7ND

2) What this policy covers

This policy applies when you:

  • Visit our website

  • Enquire via forms, email, phone, or WhatsApp

  • Book or purchase a course

  • Create a learner account and use our student login/e-learning portal

  • Attend training or assessments (where applicable)

It does not cover third-party websites we link to. Always check their privacy notices.

3) What personal data do we collect

A) Data you give to us

Depending on what you do on our site/services, this may include:

  • Identity & contact data: name, email, phone number, address

  • Account data: username/email, password (stored in encrypted/hashed form by the platform)

  • Course/enrolment data: course chosen, booking details, attendance arrangements

  • Employer/company data (if applicable): company name, role, billing details, delegate details

  • Communications: messages sent via forms, email, phone notes, WhatsApp chat, support queries

  • Payments: transaction references and billing details (we do not store full card details; payments are handled securely by payment providers)

B) Data created by your involvement (learning records)

If you study with us (including online/blended learning), we may generate:

  • enrolment status, course progress, completion status

  • assessment/exam results (where applicable)

  • certificates issued (where applicable)

C) Data collected automatically (website usage)

When you browse our site, we may collect:

  • IP address, device type, browser type

  • pages visited, time on page, referral source

  • cookie identifiers and similar tracking technologies (see Cookies section)

D) Data from other sources

We may receive limited data from:

  • employers booking training for staff

  • partners/suppliers helping deliver training or platform services

  • public sources (e.g., where you publicly interact with our social pages)

4) Special category data (sensitive data)

Sometimes we may need information such as accessibility requirements or health-related details (e.g., to provide reasonable adjustments or to keep learners safe). We only collect this where necessary and we apply extra safeguards.

5) How we use your personal data (and our lawful basis)

UK GDPR requires us to have a lawful basis for processing. Common lawful bases include contract, legal obligation, legitimate interests, and consent.

Typical uses

PurposeExamplesLawful basis
Respond to enquiriesreply to messages, give course infoLegitimate interests/steps before contract
Course booking & deliveryregister you, manage attendance, provide learning access, support youContract
Learner recordstrack progress, issue certificates (where applicable)Contract / Legal obligation (where applicable)
Payments & accountingprocess payments, refunds, invoices, fraud preventionContract / Legal obligation
Service improvementunderstand how the website and courses are usedLegitimate interests
Marketing (optional)newsletters, course updates, offersConsent (opt-in) / Legitimate interests (where permitted)

6) Marketing preferences

If you opt in, we may send you course updates, news, or offers. You can unsubscribe at any time by:

We will always respect your choices.

7) Who do we share your data with

We may share personal data with trusted third parties who help us run our business, for example:

  • website hosting and IT support providers

  • learning management/e-learning platform providers

  • payment providers (so you can pay securely)

  • email/SMS providers for transactional messages

  • analytics providers (to understand website performance)

  • professional advisers (accountants, insurers, legal advisers)

  • regulators, law enforcement, or courts (when required by law)

These providers must keep your data secure and only use it under our instructions.

8) International transfers

Some suppliers may process data outside the UK. If we transfer personal data internationally, we ensure appropriate safeguards are used (such as UK-approved contract clauses and risk assessments).

9) How we protect personal data

We use appropriate technical and organisational measures, such as:

  • access controls and least-privilege permissions

  • secure hosting and software updates

  • encryption where appropriate

  • staff confidentiality and security procedures

No method of transmission is 100% secure, but we work hard to protect your data.

10) How long do we keep your data (retention)

We keep personal data only as long as needed for the purposes described above, including:

  • to deliver training and provide support

  • to meet legal, accounting, or tax obligations

  • to handle complaints or disputes

If you ask us to stop marketing, we’ll stop using your details for marketing (but may keep a minimal record of your preference).

11) Children and young people

Our training is generally intended for adults and working-age learners. If we offer an online service likely to be accessed by children, we follow UK GDPR rules on children’s data. If we rely on consent for an online service, in the UK generally children under 13 cannot consent themselves and parental responsibility is required.

12) Your rights

You have rights under UK GDPR, including:

  • Right to be informed

  • Right of access (get a copy of your data)

  • Right to rectification (correct inaccurate data)

  • Right to erasure (in certain circumstances)

  • Right to restrict processing

  • Right to data portability (in certain cases)

  • Right to object (including to direct marketing)

  • Right to withdraw consent (where consent is used)

You can read more about these rights from the UK regulator (ICO).

To exercise your rights, contact us at info@evolutionconsultancy.co.uk.

13) Complaints

If you’re unhappy with how we’ve handled your data, please contact us first and we’ll try to resolve it.

You also have the right to complain to the Information Commissioner’s Office (ICO) (the UK data protection regulator).

14) Cookies and similar technologies

We use cookies and similar technologies to:

  • make the website work properly

  • remember preferences

  • understand website traffic and performance

  • (where enabled) support marketing/advertising measurement

You can control cookies via your browser settings and (where implemented) our cookie banner/preferences tool. For more details, see our Cookies Policy.

15) Third-party content and social media

Some pages may include third-party features (for example, embedded reviews or social media widgets). These third parties may collect data (such as cookies and usage information) under their own policies.

16) Changes to this policy

We may update this Privacy Policy from time to time. The latest version will always be posted on our website with the “Last updated” date at the top.