Privacy Policy

At TwinklPD ('we,' 'us,' 'our'), we are committed to protecting your privacy. This Privacy Policy outlines how we collect, store, use, and share ('process') your information when you use our website and engage with our services ('Services'). This may occur when you:
  • Visit our website at [https://twinklpd.com], or any other website that references this Privacy Policy;
  • Interact with us through various channels, including sales, marketing, or events.
By providing personal information, either your own or or someone else’s with their permission, you consent to its use as outlined in this Privacy Policy. Additionally, you may receive further notifications regarding how your data will be used.

We may update this Privacy Policy from time to time due to changes in our data practices, legal requirements, or advancements in technology. We encourage you to check our website regularly for the most current version.

Definitions and Interpretation

In this Policy the following terms shall have the following meanings:

"Account": means collectively the personal information, Payment Information and credentials used by Users to access Material and / or any communications System on the Web Site;
"Content": means any text, graphics, images, audio, video, software, data compilations and any other form of information capable of being stored in a computer that appears on or forms part of this Web Site;
"Cookie": means a small text file placed on your computer by Twinkl Ltd when you visit certain parts of this Web Site. This allows us to identify recurring visitors and to analyse their browsing habits within the Web Site.
"Data": means collectively all information that you submit to the Web Site. This includes, but is not limited to, Account details and information submitted using any of our Services or Systems;
"TwinklPD": means TwinklPD - Continuous Professional Development Platform
"Service": means collectively any online facilities, tools, services or information that Twinkl makes available through the Web Site either now or in the future;
"System": means any online communications infrastructure that Twinkl makes available through the Web Site either now or in the future. This includes, but is not limited to, web-based email, message boards, live chat facilities and email links;
"User" / "Users": means any third party that accesses the Web Site and is not employed by Twinkl and acting in the course of their employment; and
"Website": means the website that you are currently using (twinklpd.com) and any sub-domains of this site (e.g. subdomain.yourschool.com) unless expressly excluded by their own terms and conditions.

How We Collect Your Personal Information

We collect your personal information in various ways, including:

Directly from You: We gather information directly from you when you interact with us, such as:
  • When you register or update an account with us, providing details such as your name, email, and contact information.
  • When you make a purchase or complete a transaction through our website or service platforms.
  • When you participate in surveys, provide feedback, or respond to questionnaires we send.
  • When you contact us for support or enquiries, either through phone, email, or live chat.

These methods enable us to provide you with the necessary services and maintain compliance with relevant laws and regulations.

What Personal Information Do We Collect?

The type of personal information we collect depends on your interactions with us, the services you use, and the choices you make. This information may include:
Personal Information: We collect various types of personal data across our operations, including but not limited to:
  • Contact Data: such as name, surname, address, phone numbers.
  • Professional Life Data: such as CV, occupation, skills, diplomas.
  • Account Data: such as username and type of subscription.
  • Financial Data: such as bank account details and credit/debit card information.
  • Behavioural Data: such as spend behaviour, web browsing activity, and work-related behaviour.
  • Device Information: such as website activity, technical data, IP address, MAC ID, SSID, and operating software

We will not be collecting any sensitive personal information (Special Category Data and Criminal Conviction Data).

How We Use Your Personal Information

Below is an overview of how we use your information and the legal basis for doing so:

Main Uses of Your Personal Information:

Categories of personal data Purpose Legal basis
Contact Data (Name, Email, Country of Residence) - Account creation and management
- Communication with users
- Providing personalised recommendations
- Article 6(1)(b): Performance of a contract
- Article 6(1)(f): Legitimate interests (e.g., to improve user experience)
Financial Information (Payment details) - Processing payments for subscription or services
- Managing refunds and billing queries
- Article 6(1)(b): Performance of a contract
- Article 6(1)(c): Legal obligation (e.g., financial regulations)
Professional Life (Job role/ Occupation/ Skills/ Training Records/ Progress Reporting) - Tailoring training and resources to user needs
- Monitoring and reporting on user progress
- Providing certificates of completion
- Article 6(1)(b): Performance of a contract
- Article 6(1)(f): Legitimate interests (e.g., providing value-added services)

When and with Whom Do We Share Your Personal Information?

We may need to share your personal information in the following situations:
Internally
Your personal data will be accessed by our employees and contractors on a need-to-know basis, to ensure that the services you require are delivered effectively.
Disclosures Within Our Group
We may share your personal information with other companies within our group to support business administration and operational efficiency. Examples of when we may share data within our group include:
  • Business administration: Sharing information for internal administrative tasks.
  • Operational support: Collaborating across departments or offices to enhance service delivery.
  • Company restructuring: During mergers, acquisitions, or changes to our corporate structure, where your data may be shared to ensure business continuity.

Disclosures to Third Parties Outside Our Group

TwinklPD may, from time to time, employ the services of other parties for dealing with matters that may include, but are not limited to, payment handling, delivery of purchased courses, search engine facilities, advertising, and marketing. In certain situations, we may share your personal information with third parties outside of our group for specific purposes.

Any data used by such parties is used only to the extent required by them to perform the services that TwinklPD requests. Each disclosure will be conducted in accordance with applicable Data Protection Laws to ensure the confidentiality and security of your personal information.
We may share your personal data with the following categories of third-party processors:

  • Payment Processors - Stripe Inc
  • Analytics Providers - Google Analytics
  • Email Service Providers - Google Mail
  • Hosting Services - LearnWorld

We take appropriate measures to ensure that all third-party service providers are contractually obligated to protect your data in line with GDPR and other applicable data protection laws.

International Data Transfers

We may transfer and process your personal data outside of the United Kingdom (UK) and the European Union (EU) to countries where data protection laws may be less stringent than those in the UK/EU. When transferring personal data outside of these regions, we ensure that your information receives the same level of protection as required under UK and EU Data Protection Laws.

Aggregated and Anonymised Data

We may share aggregated and anonymised data with third parties for various purposes. This data does not personally identify you and may be shared for purposes such as statistical analysis, research, analytics, marketing, or other lawful uses. Examples include sharing usage patterns or demographic information to help improve our services, inform business decisions, or support partnerships. Since this data is anonymised, it cannot be traced back to any individual and is processed in compliance with applicable data protection regulations.

Cookies and other tracking technologies

Our website uses cookies—small files stored on your device—to collect personal information and enhance your browsing experience. You have the option to refuse cookies, but doing so may affect the functionality of certain parts of the website. For more details on how we use cookies and how you can manage them, please refer to our Cookies Policy.

How Long Do We Keep Your Information?

We only keep your personal information for as long as it is necessary to fulfil the purposes outlined in this Privacy Policy. Any personal data you provide to TwinklPD will be retained for the duration of your use of our services and systems on the website. If you cease to be a member, your data will be retained for a period of three years, after which it will be securely deleted. Data submitted through any communication systems we provide may be retained for up to one year beyond this period, in line with our data retention policies.

We regularly review our data retention schedules to ensure information is kept only as long as necessary. If you have questions about our data retention or wish to request the deletion of your personal information, please contact us. In some cases, legal or regulatory requirements may oblige us to retain your information for a longer period, but we will ensure it remains protected during that time.

How Do We Keep Your Information Safe?

Data security is of great importance to TwinklPD and to protect your data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure data collected online. While we strive to secure your information, no online transmission or storage system can be 100% secure. We cannot guarantee that unauthorised parties will not access your data. Therefore, please ensure that you access our services within a secure environment (e.g., using trusted networks, secure Wi-Fi, and up-to-date devices), and be aware that using the internet carries some risk.

In the event of a data breach, we have a response plan to address incidents promptly, including notifying affected individuals and authorities as required by law, and taking action to prevent further unauthorised access.

Your role in protecting your personal information is crucial. Please keep your account credentials secure and notify us immediately if you suspect any unauthorised access to your account.

What Are Your Privacy Rights?

Under data protection laws, you have several rights regarding your personal data. Please note that some of these rights may not be absolute and may depend on specific circumstances.
  • Request access to your personal data: You have the right to request a copy of the personal data we hold about you (known as a "data subject access request").
  • Request correction of your personal data: You can ask us to correct any incomplete or inaccurate information we hold about you.
  • Request erasure of your personal data: You can request that we delete or remove your personal data if there is no valid reason for us to keep processing it. However, there may be legal reasons why we cannot comply with your request, which we will explain at the time.
  • Object to processing of your personal data: If we process your data based on legitimate interests, you may object to this. However, we may be entitled to continue processing your information if we have a valid legal basis, such as for legal claims.
  • Request restriction of processing: You can ask us to suspend the processing of your personal data in certain cases, such as if you are contesting the accuracy of the data or if you need the data for legal reasons.
  • Request transfer of your data ("data portability"): In some circumstances, you can ask us to provide your personal data to you or a third party in a structured, machine-readable format.
  • Automated decision making: We do not carry out automated decision-making that has a legal or significant impact on you.

You won’t have to pay to access your data or exercise your rights, but we may charge a reasonable fee if your request is unfounded, repetitive, or excessive. We may also ask for specific information to verify your identity to ensure that your data is not disclosed to anyone who has no right to access it. If necessary, we may ask for additional information to speed up our response.

We aim to respond to all legitimate requests within one month, though complex or multiple requests may take longer. In such cases, we will keep you informed.

Withdrawing Your Consent

Under the GDPR, you have the right to withdraw your consent for the processing of your personal data at any time. This means you can stop us from processing your data based on your consent. Please note that withdrawing consent will not affect the lawfulness of any processing carried out before your withdrawal. Additionally, withdrawing consent may prevent us from providing certain personalised services, such as tailored training recommendations or access to specific features. If you choose to withdraw consent, we will inform you about the specific impact on your use of our services.

You can withdraw your consent for data processing by contacting us through any of the following methods:

Email: dpo@twinkl.co.uk
Phone: +44 (0) 114 303 2974
Postal Address: Wards Exchange, 197 Ecclesall Road. Sheffield, S11 8HW, UK

Once we receive your request, we will cease processing your personal data for the purposes you previously consented to and update our records to reflect your withdrawal of consent.

In some cases, we may still process your data if we have a legitimate legal basis to do so (e.g., compliance with legal obligations, contractual necessity), even after you have withdrawn consent. We will inform you if this is the case.

Right to Complain

You have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe we have not complied with data protection laws. Before contacting the ICO, we encourage you to give us the opportunity to address your concerns directly. More information about how to file a complaint can be found on the ICO's website: https://ico.org.uk.

Marketing

You control whether we use your personal information for marketing. If you're an existing customer, we’ll only contact you with your permission and may share your details within our group with your consent.

You can unsubscribe from our marketing and promotional communications at any time bye by editing the privacy settings from their profile on our website (https://twinklpd.com/profile)

Once you opt out, we will remove you from our marketing lists. However, we may still contact you for non-marketing purposes, such as service-related messages, account administration, or responding to service requests.

Changes to This Policy

We may update this Privacy Policy as we may deem necessary from time to time or as may be required by law. If we make significant changes, we may notify you by prominently posting a notice or sending a direct notification. We encourage you to review this Privacy Policy regularly to stay informed about how we process your information. You are deemed to have accepted the terms of the Policy on your first use of the Web Site following the alterations.

Contact Us

If there are any questions regarding this privacy policy you may contact us at support@twinklpd.com