Privacy Policy

1 This Introduction

1.1 Lab Tots Learning System Limited (“LTLS”) is a controller within the meaning of the Data Protection 2018 and UK General Data Protection Regulation. Further details about us and how to contact us appear below

1.2 This notice describes how we collect, store, transfer and use personal data. It tells you about your privacy rights and how the law protects you.

1.3 This Privacy Policy applies to personal data from you when you contact us and provide us with your personal data and through our website at and through social media platforms.

1.4 Except as set out below, we do not share, or sell, or disclose to a third party, any information collected through our website, without your prior consent.

2 How we process your Personal Data

2.1 Personal data is information that identifies you, either directly or indirectly. This includes your contact details and any information about you that you provide us.

2.2 When we process your personal data, we

a. lawfully, fairly and in a transparent manner

b. collect it for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.

c. limit our collection to what is adequate and relevant to what is necessary in relation to the purposes for which they are processed

d. take reasonable steps to keep it accurate and up to date having regard to the purposes for which they are processed

e. kept in a form where we can identify you for no longer than is necessary, for the purposes for which it is processed

f. process it in a manner that ensures appropriate security of the personal data. this includes protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage. We use appropriate technical or organisational measures to do so.

3 Personal Data Collected

3.1 The types of personal data we may collect from you when you visit our website,contact us and/or create an account and login to our website.

3.2 The vast majority of the personal data we may is that you provide us. We may collect personal data arising from services we provide you, which may include

Contact Details

Name, email address(es), address(es), telephone number(s), fax numbers, instant messaging address(es), social media identifiers, nationality, photographs, marital status, emergency contact details, next of kin

Vocational Details

Employer, location(s) of workplace, contact address(es) for work purposes, date of birth, passport number, country of birth, nationality, professional qualifications, job role / position / title / rank, job description, photographs

General Professional Details

professional qualifications; job role / position / title; job description; photographs; current and historical employment and consultancies; duration of appointments

Academic Details

Educational institutions and places of learning attended; courses attended, completed; academic and levels of achievement obtained

Course Activity Data

Courses and activities selected; activity in courses; tasks performed during and/or related to courses; course creators and tutors; marks and rankings;  issues attended to; issues resolved; electronic devices used, live events viewed, booked, attended, missed and cancelled; date, time and duration of live events; 

Dietary Information

Known Allergies and any medications taken; safety data
 In Case of Emergency contact details as appropriate for live event bookings. 

Medical Information

Known diagnosis and any medications taken


User Account Data

login name, password recovery questions, password recovery answers, aliases, user preferences while using our services; languages spoken and/or written

System Usage Data

Type of device (handheld, desktop) used to access online services; pages visited including time and date of access, web browser signature, referrer URLs; data displayed or clicked, user interface elements interacted with; search terms used; offers made to you; actions taken; storage usage

Messaging Data

Types of messages sent: alert, forgotten password messages, time and date of messages, message sender addresses, message recipient addresses, subject of message; content of messages

Location Data

Approximate geographical location of data subjects; physical location of data subjects; expected dates and times at physical locations

Transaction Data

Items purchased, amounts paid; items returned and/or refunded; amounts of refunds

4 Special Categories of Personal Data

4.1 The special categories of personal data are personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation.

4.2 We do not deliberately collect any special categories of personal data from you.

4.3 We would prefer that you do not send it to us or make it known to us.

4.4 Should you choose to do so, we may delete the entire communication and ask you to send it again without that personal data. If for some reason we are not able to do so, we do not store it in any structured way and process it only:

a. Where we have your explicit consent

b. for employment purposes;

c. where the processing relates to personal data which you made public; and

d. processing is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity.

5 Our obligations as an employer

5.1 We will use your particularly sensitive personal information in the following ways:

a. We will use information relating to leaves of absence, which may include sickness absence or family related leaves, to comply with employment and other laws.

b. We will use information about your physical or mental health, or disability status, to ensure your health and safety in the workplace and to assess your fitness to work, to provide appropriate workplace adjustments, to monitor and manage sickness absence and/or to administer benefits.

c. We will use information about your race or national or ethnic origin, religious, philosophical, or moral beliefs, or your sexual life or sexual orientation, to ensure meaningful equal opportunity monitoring and reporting to our regulators.

6 Use of our services by children

6.1 We do not sell products or provide services for purchase by children, nor do we market to children.

6.2 If you are under 18, you may use our website only with consent from a parent or guardian.

6.3 Certain areas of our website are designed for use by children over 3 years of age. These areas include access to their individual linked profile created by you their guardian and/or parents over the age of 18. Children will only be able to view and access content that has been pre-assigned to them by parents or guardians. The master adult learner profile remains in control of the parent or guardian at all times.

6.4 We collect data about all users of and visitors to these areas regardless of age, and we anticipate that some of those users and visitors will be children.

7 Not providing Personal Data

7.1 We need to know who we are communicating with. Should you choose not to provide us with your name, contact details or other details we may need, we will not be able to communicate with you.

7.2 This means that if:

a. If you have something to ask us, we will not be able to respond to you;

b. you are enquiring about job roles we might have available; we will not be able to assess you for suitability;

c. if you have a contract with us, we will not be able to perform the contract, and we may need to terminate it.

8 Keeping Personal Data up to Date

8.1 Please help us keep your personal data up to date and let us know when it changes

8.2 Please help us keep your personal data up to date and let us know when it changes.

8.3 At any time, you may review or update personally identifiable information that we hold about you, by signing into your account on our website.

8.4 To obtain a copy of any information that is not provided on our website you should contact us to make that request.

9 Where do we obtain your personal data

9.1 We primarily obtain personal data about you from you

9.2 We may also obtain information about you from publicly available sources, such as websites where you have made the information public, Companies House, background check agencies, our business partners, and business directories, tax authorities, criminal record, and UK Disclosure Barring Service (DBS) checks.

9.3 We may also confirm information you provide to us directly using data from other sources. We also add to the information we hold about you, sometimes to remove the need for you to provide it to us and sometimes in order to be able to assess the quality of the services you offer.

9.4 The additional information we collect may be categorised as follows:

a. information that confirms your identity;

b. business information, including your business trading name and address, your company number (if incorporated), and your VAT number (if registered);

c. information that confirms your contact information;

d. reviews and feedback about your business on other websites through which you sell your services; and

e. unsolicited complaints by other users.

9.5 We store information you provide us, and we reserve a right to use it in the future in any way we decide.

9.6 Also, we provide you with a public profile page. The information may be indexed by search engines or used by third parties. The information you provide on that profile page may be made available to the public. Once your information enters the public domain, we have no control over what any individual third party may do with it. We accept no responsibility for their actions at any time.

10 How we use your personal data

10.1 We process your personal data for the following purposes, where we have a legal basis to do so:

a. provide our services to you;

b. provide our services to you;

c. provide our services to you;

d. pay others for services they supplied to you;

e. improve our services and educators who provide courses delivered on our platform, using our services;

f. assess suitability of persons to work with and/or teach children;

g. assess vulnerabilities of Learners and Educators; and

h. assist others deliver their services to you.

Payment information

10.2 Payment information is never taken by us or transferred to us either through our website or otherwise. Our employees and contractors never have access to it. At the point of payment, you are transferred to a secure page on the website of Stripe or some other reputable payment service provider. That page may be branded to look like a page on our website, but it is not controlled byus. Referral Partners: This is information given to us by you in your capacity as an affiliate of us or as a referral partner. It allows us to recognise visitors that you have referred to us, and to credit to you commission due for such referrals. It also includes information that allows us to transfer commission to you. The information is not used for any other purpose. We undertake to preserve the confidentiality of the information and of the terms of our relationship. We expect any affiliate or partner to agree to reciprocate this policy.


10.3 Re-marketing involves placing a ‘tracking technology’ such as a cookie, a ‘web beacon’ (also known as an ‘action tag’ or a ‘single-pixel GIF’) to track which pages you visit and to serve you relevant adverts for our services when you visit some other website..

10.4 The benefit of re-marketing technology is that we can provide you with more useful and relevant adverts, and not show you ones repeatedly that you may have already seen.f the information and of the terms of our relationship. We expect any affiliate or partner to agree to reciprocate this policy.

10.5 We may use a third-party advertising service to provide us with re-marketing services from time to time. If you have consented to our use of such tracking technologies, you may see advertisements for our products and services on other websites.

10.6 We do not provide your personal data to advertisers or to third-party re-marketing service providers. However, if you are already a member of a website whose affiliated business provides such services, that affiliated business may learn of your preferences in relation to your use of our website


10.7 We use your personal data for the following reasons:

a. You have given us your consent in writing for the purposes for which you provided your personal data;

b. We need to take steps to form a contract with you and perform a contract with you;

c. We need to comply with a legal obligation other than with you;

d. We need to comply with a legal obligation other than with you;

10.8 We believe we have legitimate interests to process your personal data to:

a. improving our services

b. record-keeping for the proper and necessary administration of our business;

c. responding to unsolicited communication from you to which we believe you would expect a response.

d. insuring against or obtaining professional advice that is required to manage legal, business and/or organisational risk;

e. protecting your interests where we believe we have a duty to do so

h. conduct and operate our business in the digital age in an online environment;

i. understand the needs, requirements and preferences of potential customers, and those that use our services;

j. comply with health and safety obligations and monitor our performance against equal opportunities legislation; and

k. ensure network and information security, including preventing unauthorised access to our computer and electronic communications systems and preventing malicious software distribution.

10.9 We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

10.10 Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

11 Data Sharing

11.1 We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.

11.2 We limit access to your personal information to those employees, agents, contractors and other third parties who need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality

11.3 We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

11.4 We may have cause to share your personal information with our service providers,such as:

a. those responsible for delivering courses you order;

b. to contact appropriate persons in the event of an emergency;

c. telecommunications providers, including telephone, instant messaging, post and couriers;

d. accountants;

e. computer systems service providers, including IT security personnel;

f. solicitors;

g. advertisers;

h. regulatory authorities, such as the Information Commissioner and taxation authorities.

11.5 We only permit them to process your personal data for specified purposes and in accordance with our instructions and where we have a legitimate interest in doing so.


11.6 We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. We have established the following personal data control mechanisms:

a. You are able to opt out at any time;

b. Depersonalise advertising on our site which is presented to you; Promotional Offers from Us

11.7 We may use your Contact Details, Technical and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).

11.8 You will receive marketing communications from us if you have requested information from us or purchased products or services from us or if you provided us with your details when you entered a competition or registered for a promotion and, in each case, you have not opted out of receiving that marketing.

Third Party Marketin

11.9 We will get your express opt-in consent before we share your personal data with any company for marketing purposes.

Opting Out

11.10 You can ask us to stop sending you marketing messages at any time by emailing us AND/OR logging into our website checking or unchecking relevant boxes to adjust your marketing preferences or by following the opt-out links on any marketing message sent to you or by contacting us at any time.

11.11 Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a product/service purchase, warranty registration, product/service experience or other transactions.

12 Automated Decision Making

12.1 Automated decision-making takes place when an electronic system uses personal information to make a decision without human intervention.

12.2 We do not automate decision making in a way that effects your legal rights.

12.3 We are allowed to use automated decision-making in the following circumstances:

12.4 Where we have notified you of the decision and given you 21 days to request a reconsideration.

12.5 Where it is necessary to perform the contract with you and appropriate measures are in place to safeguard your rights.

12.6 In limited circumstances, with your explicit written consent and where appropriate measures are in place to safeguard your rights.

12.7 You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making, unless we have a lawful basis for doing so and we have notified you.

13 Data Storage

13.1 We process your data in EEA, we also process data in

Country Basis for Transfer
EEA Adequacy Decision
United States IDTA

13.2 We will transfer the personal information we collect about you to these countries (in the sense that the system servers are located in the countries named above) in order to perform our contract with you. There is an adequacy decision by the European Commission in respect of the named countries. This means that the country to which we transfer your data is deemed to provide an adequate level of protection for your personal information.

14 Data Security

14.1 We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.

14.2 We store all information that you provide to us on secure servers.

14.3 We train employees regarding our data privacy policies and procedures, and permit authorized employees to access information on a need to know basis, as required for their role. We use SSL protection as provided by our hosting We use firewalls designed to protect against intruders and test for network vulnerabilities. However, no method of transmission over the internet or method of electronic storage is completely secure.

14.4 Where you have a password, which enables you to use our services, you are responsible for keeping this password complex, secure, and confidential. If you would like to update or change your password, you may select the [“Forgot your password?”] link on the login page. You will be sent an email that allows you to reset your password.

14.5 We have internal procedures and those with our third party hosting provider to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

15 Retention of your Data

15.1 We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for,including for the purposes of satisfying any legal, accounting, or reporting requirements.

15.2 To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

15.3 By law we have to keep basic information about our customers (including your contact, identity, financial and transaction data) for a minimum of six years after they cease being customers for tax purposes.

15.4 We keep your personal data only for as long as required by us

a. to provide you with the services you have requested;

b. to comply with other law, including for the period demanded by our tax authorities;

c. to support a claim or defence in court.

15.5 In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you. We will retain and securely destroy your personal information in accordance with applicable laws and regulations

15.6 In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you. Once you are no longer an employee, worker or contractor of the company we will retain and securely destroy your personal information in accordance with our data retention policy.

16 Rights of access, correction, erasure, and restriction

16.1 You have a series of rights under the UK General Data Protection Regulation.

16.2 Not all apply in all circumstances. Under certain circumstances, you have the right to:

a. Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.

b. Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.

c. Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).

d. Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.

e. Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.

f. Request the transfer of your personal information to another part.

16.3 If you would like to exercise any of these rights, please contact us using the details below. We will need to verify your identity before we are able to release any personal data to you. This is important to safeguard your information.

16.4 Please be aware that we are not obliged by law to provide you with all personal data we hold about you, and that if we do provide you with information, the law allows us to charge for such provision if doing so incurs costs for us. After receiving your request, we will tell you when we expect to provide you with the information, and whether we require any fee for providing it to you.

16.5 If you wish us to remove personally identifiable information from our website, you should contact us to make your reques

16.6 This may limit the service we can provide to you.

16.7 We remind you that we are not obliged by law to delete your personal data or to stop processing it simply because you do not consent to us doing so. While having your consent is an important consideration as to whether to process it, if there is another legitimate basis on which we may process it, we may do so on that basis.

18 Withdrawal of Consent

18.1 Where you may have provided your consent for us to process your personal data and/or transfer your personal data for a specific purpose, you can withdraw it at any time.

18.2 To withdraw your consent, please contact us using the details below. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.

19 Changes to this Privacy Statement

19.1 We may need to change this privacy policy from time to time. [You are able to identify when the privacy statement was changed by the date which appears at the bottom of it.]

19.2 Amendments are updated on this page, to the email address stated in your account and/or through a notice on our home page. Your continued use of this site and the resources enabled by our services signifies your consent to such processing and of the conditions set out in the Privacy Policy.

20 About Us

20.1 LTLS is a trading name of Lab Tots Learning System Limited, company number 13446866, incorporated in England and Wales, with registered office address situated at Arbor House, Broadway North, Walsall, West Midlands, England, WS1 2AN.

20.2 We have appointed a data protection officer who is responsible for ensuring that our privacy policy is followed. If you have any questions about how we process your personal data, including any requests to exercise your legal rights, please contact our DPO. Our DPO at LTLS is Mrs Sophia Mitchell.