Last updated: 19th November 2025
Your privacy matters. This policy explains what personal data we collect, why we collect it, and how we use it when you use the REACT Learning website and online training platform.
1. Who We Are
REACT Learning provides online training courses for the hospitality and construction sectors.
For data protection purposes, we act as the Data Controller for individual learners, and may act as a Data Processor when accounts are created by an employer on behalf of staff.
If you have questions, contact us via the contact page
2. What Data We Collect
We collect the following information:
Account Information
- Name
- Email address
- Password (encrypted)
- Employer details (if applicable)
Training Activity
- Courses assigned
- Completion status
- Assessment results
- Certificates issued
- Time spent on modules
Technical Data
- IP address
- Browser type
- Device information
- Cookies (see Cookie Policy for details)
Payment Information
Handled securely by our payment provider.
We do not store full card details.
3. How We Use Your Data
We use your information to:
- Create and manage your learning account
- Deliver online courses
- Track your progress and results
- Issue certificates
- Provide customer support
- Notify you about updates or important service information
- Comply with legal obligations
If you are part of an employer-managed account, your employer may access your training records.
We do not use your data for unrelated marketing unless you give clear consent.
4. Legal Basis for Processing
We process data under the following bases:
- Contract – to provide you with access to the platform
- Legitimate Interest – to improve our service and maintain security
- Legal Obligation – where record-keeping is required
- Consent – for optional communications
5. How Long We Keep Your Data
We keep data only as long as necessary:
- Training records and certificates: up to 7 years for compliance
- Account information: until your account is deleted
- Technical logs: usually 30–90 days
You may request deletion sooner, unless the data must be retained for legal reasons.
6. Sharing Your Data
We do not sell or trade personal data.
We may share data with:
- Your employer (if they created your account)
- Payment providers
- Email and hosting services
- Regulatory authorities if required by law
All third parties follow UK GDPR and only receive the minimum data needed.
7. International Transfers
Some service providers may store data outside the UK.
Where this happens, we ensure appropriate safeguards are in place, such as:
- Adequacy decisions
- Standard contractual clauses
We only use reputable providers.
8. Your Rights
Under UK GDPR, you have the right to:
- Access your data
- Correct inaccurate information
- Request deletion
- Restrict processing
- Object to certain processing
- Transfer your data to another provider
- Withdraw consent at any time
To exercise your rights, contact us at the email above.
9. Cookies
Our platform uses cookies to:
- Keep you logged in
- Improve performance
- Track course progress
- Analyse usage (anonymously)
Full details are available in our Cookie Policy.
10. Security Measures
We take security seriously. Measures include:
- Encrypted passwords
- Secure servers
- Regular security updates
- Limited access to training data
- Encrypted payment processing
However, no system is ever completely risk-free.
You are responsible for keeping your login details safe.
11. Children’s Data
Our platform is not intended for anyone under 16 unless authorised by an employer.
12. Changes to This Policy
We may update this Privacy Policy from time to time.
If the changes affect how your data is used, we will let you know.
13. Contact Us
Questions about privacy?
Contact Us via the contact page