PRIVACY POLICY OF CEREBRAL CERTIFIED SOLUTIONS

1. Data Controller

Any processing of personal data is carried out under the responsibility of SKILL WAGON, a limited liability company incorporated under English law, registered in the United Kingdom under number 15627219. The registered office is located at 7 Bell Yard, London, WC2A 2JR, United Kingdom (hereinafter referred to as "Cerebral Certified Solutions"). You can contact us via email at contact@cerebral-certified-solutions.com.

When transferring data to partners, we ensure that such processing complies with applicable confidentiality standards, and your consent is obtained prior to any data Transfer.

2. Type of Data Collected

Cerebral Certified Solutions may collect and process various categories of personal data, including but not limited to:

  • Personal Account Data: Collected when creating and managing your account, and/or placing an order (e.g., title, name, date of birth, email address, telephone number, billing address, credit card details, responses to tests, test results).
  • Contact Form Data: Provided when contacting us through the Site (e.g., name, email address, subject, and message content).
  • Connection and Browsing Data: Collected via cookies, including IP address, device identifiers (e.g., Apple or Android), operating system and browser type, timestamps of site connections, and browsing activity.

Sensitive data, such as information revealing racial or ethnic origin, political opinions, or health-related information, is strictly avoided in our collection processes. In the unlikely event that such data is submitted to us, you can request its deletion by contacting contact@cerebral-certified-solutions.com.

3. Purpose and Legal Basis of Processing

Your personal data is collected for the following purposes:

Legal Basis Purpose
Performance of Contract Creating and managing accounts, enabling Site usage, processing payments, and fulfilling orders.
Consent Sending marketing communications and managing cookies as described below.
Legitimate Interests Conducting satisfaction surveys, fraud prevention, and service improvement activities.
Legal Obligations Retaining data to meet evidential or compliance requirements.

We ensure that all processing activities are fully aligned with applicable legal standards.

4. Data Retention

Retention periods for personal data depend on the type and purpose of processing:

  • Payment Data: Retained by our payment processor for evidential purposes up to 15 months.
  • Usage Data: Stored for up to 5 years following account closure, with inactive accounts deleted after 3 years.
  • Contract and Order Data: Retained for 5 years for evidential purposes. Dispute-related data may be stored until resolution.
  • Marketing Data: Retained until you opt-out or after 3 years from the last Interaction.
  • Tax and Accounting Data: Kept for 10 years in accordance with legal Requirements.
  • Cookies: Retained for a maximum of 13 months, while cookie preferences are stored for 6 months.

Specific retention periods may vary based on legal obligations and operational requirements. Accordingly, the time periods referred to above are guidelines only and may change from time to time.

5. Recipients of Personal Data

Access to your personal data is strictly limited to the following:

  • Internal Teams: Processing data within the scope of their roles.
  • Subcontractors: Hosting, payment processing, and technical service providers (e.g., AWS AMAZON).
  • Authorised Authorities: Administrative or judicial entities as required by law.
  • With Consent: Third-party data sharing occurs only when explicitly authorised by you.

6. Transfer of Data Outside the EU

Where data is transferred outside the EU, Cerebral Certified Solutions ensures compliance with GDPR standards through:

  • Adequacy Decisions: Evaluating the protective measures in the recipient Country.
  • Standard Contractual Clauses: Establishing binding data protection Obligations.

Countries where data may be transferred include, but are not limited to, the United States.

7. Data Subject Rights

You are entitled to exercise your rights under the UK GDPR, including:

  • Right of Access: To obtain confirmation and details regarding processing activities.
  • Right to Rectification: To amend inaccurate or incomplete data.
  • Right to Deletion: To request data removal, subject to legal obligations.
  • Right to Restriction: To limit processing under specific circumstances.
  • Right to Object: To decline processing for commercial purposes or legitimate Interests.
  • Right to Portability: To receive data in a structured and machine-readable Format.

Requests should be submitted via email or post along with a copy of an identity Document.

8. Minors

The Site is not intended for minors under the age of 18. Personal data from minors is neither knowingly collected nor processed.

9. Technical and Organisational Security Measures

We employ stringent safeguards to ensure data security:

  • Encryption: Secure storage of sensitive information.
  • Access Controls: Managing internal and external data access securely.
  • Audits: Regular reviews to maintain compliance and identify vulnerabilities.
  • Employee Awareness: Training staff in confidentiality practices.

We also evaluate subcontractors' compliance with high protection standards.

10. Cookies and Tracking Technologies

Cookies are used for site functionality, performance monitoring, and audience measurement. You can manage cookie preferences through:

  • Browser Settings: Customising consent options for all browsing activity.
  • Site Tool: Configuring preferences directly on our Site.

Deactivating cookies may affect certain functionalities or user experiences.

11. Changes to the Policy

Cerebral Certified Solutions reserves the right to update this Privacy Policy as necessary. Any significant amendments will be clearly communicated on our Site.