Last Updated: 1 October, 2024

1. Introduction

Global Standards for Food Industries (GSFIN) is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, and protect your personal data when you use our website, online courses, examinations, certifications, and all related services (collectively, the “Services”). This policy is compliant with the UK Data Protection Act 2018 and the EU General Data Protection Regulation (GDPR).  

2. Information We Collect

2.1 Personal Data

We may collect the following types of personal data:

• Identity Data: Your name, username or similar identifier, title, date of birth, gender.
• Contact Data: Your email address, postal address, telephone number.
• Financial Data: Payment information, such as credit card details (processed securely by our third-party payment processors).
• Profile Data: Your username and password, purchases or orders made by you, your interests, preferences, feedback, and survey responses.
• Usage Data: Information about how you use our Services, including your IP address, browser type, operating system, device information, access times, pages viewed, and links clicked.  
• Marketing and Communications Data: Your preferences in receiving marketing from us and your communication preferences.

2.2 Special Category Data

We do not generally collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). However, we may collect information about dietary restrictions or allergies if you choose to provide it to us for event planning or other specific services.  

3. How We Collect Your Information

We collect information in the following ways:

• Directly from you: When you create an account, enroll in a course, make a purchase, provide feedback, or contact us.
• Automatically: Through cookies and similar tracking technologies when you use our website.
• From third parties: We may receive information about you from third-party service providers, such as payment processors and analytics providers.

4. How We Use Your Information

We use your personal data for the following purposes:

• To provide and improve our Services: To deliver the Services you have requested, to personalize your experience, and to improve our website and course offerings.
• To process transactions: To process your payments and orders.
• To communicate with you: To respond to your inquiries, provide customer support, and send you important information about your account or our Services.
• For marketing purposes: To send you promotional emails about new courses, special offers, or other information that may be of interest to you (with your consent, where required).
• To comply with legal obligations: To comply with applicable laws and regulations.

5. Legal Basis for Processing

Our legal basis for processing your personal data depends on the specific purpose for which we are processing it:

• Contract: To perform our contractual obligations to you (e.g., providing access to courses).
• Consent: Where you have given your consent (e.g., for marketing communications).
• Legitimate interests: To pursue our legitimate business interests (e.g., improving our Services, preventing fraud).
• Legal obligation: To comply with applicable laws and regulations.

6. Data Sharing

We may share your personal data with the following third parties:

• Service providers: We may share your information with third-party service providers who assist us in providing our Services, such as payment processors, IT service providers, and email marketing platforms.  
• Business partners: We may share your information with our business partners who offer products or services that may be of interest to you (with your consent, where required).  
• Legal authorities: We may disclose your information to legal authorities if required to do so by law or in the good faith belief that such action is necessary to comply with a legal obligation, protect and defend our rights or property, or protect the personal safety of users of the Services or the public.  

7. Data Security

We have implemented appropriate technical and organizational security measures to protect your personal data against unauthorized access, use, disclosure, alteration, or destruction.  

8. Data Retention

We will retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.  

9. Your Data Protection Rights

Under the UK Data Protection Act and the GDPR, you have the following rights:

• Right of access: You have the right to request access to your personal data.
• Right to rectification: You have the right to request correction of any inaccurate or incomplete personal data.  
• Right to erasure: You have the right to request deletion of your personal data in certain circumstances.  
• Right to restriction of processing: You have the right to request restriction of processing of your personal data in certain circumstances.
• Right to data portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format.  
• Right to object: You have the right to object to the processing of your personal data in certain circumstances.  
• Right to withdraw consent: You have the right to withdraw your consent to the processing of your personal data at any time.  

10. International Data Transfers

We may transfer your personal data to countries outside the UK and the European Economic Area (EEA). We will ensure that any such international data transfers are made in compliance with applicable data protection laws and regulations.

11. Cookies

Our website uses cookies and similar tracking technologies to enhance your browsing experience and collect information about how you use our site. You can manage your cookie preferences through your browser settings.  

12. Children’s Privacy

Our Services are not intended for children under the age of 18. We do not knowingly collect personal data from children.  

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on our website.  

14. Contact Us

If you have any questions about this Privacy Policy, please contact us at info@webeaz.in