Privacy Policy

Last Updated: 26/02/2025


FosteringTraining is committed to protecting your privacy and ensuring transparency in how we process your data. This policy explains what data we collect, why we collect it, how we store it, and your rights regarding your personal information.


1. Who We Are

FosteringTraining provides online learning services to clients and their learners. We process personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.


If you have any questions about this policy, you can contact us at:

Company: The Foster Carer Training Company Ltd.

Address: 35 Ballards Lane, London, England, N3 1XW, UK United Kingdom

Email: [email protected]

We are registered with the Information Commissioner’s Office, certificate number ZA751311.


2. What Data We Collect and Why

We process data from three key groups: learners, clients, and prospects.


A. Clients

We collect and process data from clients to provide access to training and provide clients with monitoring capabilities over their learners’ progress.

• Data Collected:

        o Organisation name, primary contact details

        o Names and email addresses of selected staff who administer training

        o Names and email addresses of learners provided training (see below for more details)

        o Learners’ training records completed with FosteringTraining

• Lawful Basis:

        o Performance of a contract: Providing agreed-upon training services

• Data Retention:

        o Client data is retained for the duration of the contract and up to 1 year for record-keeping


B. Learners

We collect and process personal data to provide online training, track progress, and issue certifications.

• Data Collected:

        o Name, email address, username (often the same as email)

        o Name of fostering service, supervising social worker’s name and email (if provided by fostering service)

        o Learners’ training records completed with FosteringTraining

• Lawful Basis:

        o Consent: When learners provide their own data themselves

        o Performance of a contract: When data is provided by the fostering service to facilitate required training

• Data Retention:

        o Training records are retained for the duration of our contract with the client and up to 1 year for record-keeping

        o Support requests are retained for up to 1 year after resolution


C. Prospects (Potential Clients)

We collect limited data from individuals who inquire about our services.

• Data Collected:

        o Name, email address, organisation name, role

        o Inquiry details and communications

• Lawful Basis:

        o Consent: When you contact us directly via our website or other means

        o Legitimate interest: Following up on business inquiries

• Data Retention:

        o We retain prospect data for up to 2 years unless a business relationship is established

3. How and Where We Store Your Data
We work with third-party providers to ensure secure data storage and service delivery.

Who

Provider

Purpose

Data Shared

Storage Location

Learners, Clients

Microsoft Corporation (O365)

Nightly training completion backup, email communication with learners and clients

Name, email, username, fostering service name, supervising social worker’s name and email, course completion

Azure, United Kingdom

Learners, Clients, Prospects

Zendesk, Inc.

Customer support

Only if contacted via website chat

Location, device type, browser type, IP address, name, email

AWS, Germany

Learners, Prospects

Jotform, Inc.

Certificate issuance for support network courses, business enquiries, post-website chat customer support

Only if inputted by learner:

Name, email, course completed, completion date, fostering service name, foster carer’s name (if relevant)

Google Cloud & AWS, Germany

Learners, Clients

Epignosis UK Ltd (TalentLMS)

Hosting the Learning Management System

Name, email, username, fostering service name, supervising social worker’s name and email (optional), training records

AWS, USA

When personal data is transferred to the EU/EEA, we ensure compliance with UK GDPR, which recognises the EU/EEA as having an adequate level of data protection. For the USA, transfers comply with The Data Protection (Adequacy) (United States of America) Regulations 2023, which recognises certain US organisations as having an adequate level of data protection under the UK-US Data Bridge. We only work with US organisations certified under these frameworks.


4. How We Protect Your Data
We implement appropriate technical and organisational security measures, including:
Encryption of data in transit and at rest
Access controls restricting data to authorised personnel only


5. Your Rights
Under the UK GDPR, you have rights regarding your personal data:

• Inform: Be informed about how your data is collected and used

Access: Request a copy of your personal data
Rectification: Correct inaccuracies in your data
Erasure: Request deletion of your data (subject to legal requirements)
Restriction: Limit how we process your data
Objection: Object to data processing in certain circumstances
Data Portability: Request your data in a structured format

• Automated decision making: Challenge decisions made solely by automated means, including profiling, that significantly affect you

To exercise these rights, contact us at [email protected] 


6. Cookies and Tracking
Our website may use cookies for analytics and functionality. You can manage your cookie preferences through your browser settings.


7. Updates to This Policy
We may update this policy from time to time. The latest version will always be available on our website.