Privacy Policy


LAST UPDATED: 24/05/2018
Crucial Group Ltd are committed to protecting the privacy of our users and customers. This privacy policy explains how we use any personal information we collect about you when you use this website. It is also intended to assist you in making informed decisions when using our website and our products and services.

All your personal Information shall be held and used in accordance with the General Data Protection Regulation. If you want to know what information we collect and hold about you, please see our GDPR webpage on the website or write to us at: The Crucial Group, 2nd Floor, 19a Portland Street, Brighton, East Sussex, BN1 1RN

What Information Do We Collect?

Information is collected from you when you register with us, or when you contribute to or use some of the advanced features on the site. The information we collect is clearly set out on the web page on why we collect it. In addition, we may collect your IP address and use cookies unless you configure your web browser not to accept them. Similar to other commercial websites, our Website uses a technology called "cookies" (see explanation below, "What Are Cookies?") and web server logs to collect information about how our Website is used. Information gathered through cookies and web server logs may include the date and time of visits, the pages viewed, time spent at our Website, and the websites visited just before and just after our Website. If you configure your web browser not to accept them that some of the features in our website may not function as a result. In addition, we may collect your IP address when you use the website as a result of you browsing. This information will not be shared outside of The Crucial Group Ltd or the company/s within Crucial Group that you specify.

What Are Cookies?

A cookie is a very small text file, which often includes an anonymous unique identifier. When you visit a website, that site's computer asks your computer for permission to store this file in a part of your hard drive specifically designated for cookies. Each website can send its own cookie to your browser if your browser's preferences allow it, but (to protect your privacy) your browser only permits a website to access the cookies it has already sent to you, not the cookies sent to you by other sites. For more information on cookies please visit www.aboutcookies.org or www.allaboutcookies.org.

How Do We Use Information We Collect from Cookies?

As you browse on our web pages, the website uses cookies to differentiate you from other users to prevent you from seeing unnecessary advertisements or requiring you to log in more than is necessary for security or give us your details more than once. Cookies, in conjunction with our web server's log files, allow us to calculate the aggregate number of people visiting our website and which parts of the website are most popular. This helps us gather feedback so that we can improve our website and better serve our customers.

How Do We Use the Information That You Provide to Us?

We collect information about you to process your order, manage your account and if you agree, to email you about other products and services we think may be of interest to you.

We use your information collected from the website to personalise your repeat visits to our website.

The Crucial Group Ltd will not share your information for marketing purposes with companies outside The Crucial Group Ltd or with other companies under the Crucial Group umbrella unless specified by you.

In processing your order, we will only send your data outside of the organisation if required to so by UK law by fraud prevention agencies.

How Do We Protect Your Information?

We maintain the highest standards of security; however, the transmission of information via the internet is never completely secure. As a result, whilst we strive to protect your personal information, we cannot ensure or warrant the security of any information which you send to us, and you do so at your own risk. Once we have received your information we will use strict procedures and security features to prevent unauthorised access or loss.

Email is not recognised as a secure medium of communication. For this reason, we request that you do not send private information to us by email.

How Can You Access and Correct Your Information?

You may instruct us to provide you with details of all of your information that we collect and maintain in our database by submitting a Subject Access Request via post or via the website. The address to send a request is;

The Crucial Group, 2nd Floor, 19a Portland Street, Brighton, East Sussex, BN1 1RN

Any request for information is free of charge but Crucial can refuse or charge for requests that are manifestly unfounded or excessive.

Where We Store Your Personal Data and for How Long

Data and Information that we collect from you is stored in a secure database located in Ireland. We will take all steps reasonably necessary to ensure that your information is treated securely and in accordance with this Privacy Policy. We will not keep your data any longer than is necessary and once there are no longer any legitimate grounds for the data to be retained, the data will be deleted.

How to opt-out of Communication

If you would like to opt out of any communication please email academy@crucialgroup.co.uk with your name and email address and that you wish to opt out or use our GDPR page.

Your Rights in regard to your Personal Information

Under GDPR, individuals now have increased rights in regard to their personal data. Please see below an outline of the new rights and if you wish to contact us to discuss or amend the data we hold, please contact us by email (info@the-gdpr-experts.co.uk) or by writing to us at;
The Crucial Group, 2nd Floor, 19a Portland Street, Brighton, East Sussex, BN1 1RN

Right to be Informed

  • The right to be informed encompasses your obligation to provide ‘fair processing information’, typically through a privacy notice.
  • It emphasises the need for transparency over how you use personal data.

Right of Access

  • Individuals have the right to access their personal data and supplementary information.
  • The right of access allows individuals to be aware of and verify the lawfulness of the processing.
  • GDPR will allow individual’s confirmation that their data is being processed;
  • GDPR will allow individual’s access to their personal data.
  • GDPR will allow individual’s other supplementary information – this largely corresponds to the information that should be provided in a privacy notice

Right to Rectification

  • The GDPR gives individuals the right to have their personal data rectified.
  • Personal data can be rectified if it is inaccurate or incomplete.
  • The timeline to comply is one month or two if the rectification is complex.

Right to Erasure

  • The right to erasure is also known as ‘the right to be forgotten’.
  • This right is to enable an individual to request the deletion or removal of personal data where there is no compelling reason for its continued processing.
  • The right to eraser applies when:
    • Where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed.
    • When the individual withdraws consent.
    • When the individual objects to the processing and there is no overriding legitimate interest for continuing the processing.
    • The personal data was unlawfully processed (i.e. otherwise in breach of the GDPR).
    • The personal data has to be erased in order to comply with a legal obligation.
    • The personal data is processed in relation to the offer of information society services to a child.
  • The right to eraser applies when:
    • To exercise the right of freedom of expression and information;
    • To comply with a legal obligation for the performance of a public interest task or exercise of official authority.
    • For public health purposes in the public interest;
    • Archiving purposes in the public interest, scientific research historical research or statistical purposes; or
    • The exercise or defence of legal claims.

Right to Restrict Processing

  • Individuals have a right to ‘block’ or suppress processing of personal data.
  • When processing is restricted, The Crucial Group Ltd are permitted to store the personal data, but not further process it.
  • Processing will be restricted when:
    • An individual contests the accuracy of the personal data.
    • When an individual has objected to the processing (where it was necessary for the performance of a public interest task or purpose of legitimate interests), and you are considering whether your organisation’s legitimate grounds override those of the individual.
    • When processing is unlawful, and the individual opposes erasure and requests restriction instead.
    • If you no longer need the personal data but the individual requires the data to establish, exercise or defend a legal claim.

Right to Data Portability

Only applies:

  • To personal data an individual has provided to a controller.
  • Where the processing is based on the individual’s consent or for the performance of a contract.
  • When processing is carried out by automated means.
  • Personal information requested will be provided in a structured, commonly used, machine readable form and provided free of charge unless considered manifestly unfounded or excessive.

Right to Object

Individuals have the right to object to:

  • Processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);
  • Direct marketing (including profiling); and
  • Processing for purposes of scientific/historical research and statistics.

If Individuals object, it must be on “grounds relating to his or her particular situation”. And The Crucial Group Ltd will stop processing the personal data unless:

  • The Crucial Group Ltd can demonstrate compelling legitimate grounds for the processing, which override the interests, rights and freedoms of the individual.
  • The processing is for the establishment, exercise or defence of legal claims.

The Right not to be Subject to Automated Decision-Making Including Profiling

The Crucial Group Ltd can only carry out this type of decision-making where the decision is:

  • Necessary for the entry into or performance of a contract; or
  • Authorised by Union or Member state law applicable to the controller; or
  • Based on the individual’s explicit consent.
  • Crucial Group must identify whether any of their processing falls under Article 22 and, if so, make sure that they:
    • Give individuals information about the processing;
    • Introduce simple ways for them to request human intervention or challenge a decision;
    • Carry out regular checks to make sure that our systems are working as intended.

In the Event of a Data Breach

If the Crucial Group were to experience a data breach they would within 72hrs upon realising a breach had occurred and where feasible, report certain types of personal data breach to the relevant supervisory authorities. If the breach is likely to result in a high risk of adversely affecting our customer’s individual rights and freedoms, we will also inform those individuals without undue delay.

Your Consent

By using our website, you consent to our collection and use of your information as described in this Privacy Policy. If we change our privacy policies and procedures, we will post those changes on our website to keep you aware of what information we collect, how we use it and under what circumstances we may disclose it.

If you wish to withdraw your consent at any time, please use the GDPR page that is part of this website and explain that you wish to withdraw your consent.

academy@crucialgroup.co.uk

Accredited partners