Privacy Policy for isss.org.uk

Last Updated: 05-03-2026

1. Introduction

The International Security Students Society (“isss.org.uk“, “we”, “our”, “us”) is committed to protecting and respecting your privacy. This policy explains how we collect, use, and safeguard your personal data when you visit our website or use our training services.

Data Controller: isss.org.uk
Contact Email: [training@isss.org.uk]

2. What Information We Collect

We may collect and process the following data about you:

• Identity Data: Name, username or similar identifier.
• Contact Data: Email address, phone number, and postal address.
• Training Data: Course enrollment details, progress records, and certification history.
• Technical Data: IP address, browser type, and usage data collected via cookies.
• Marketing Data: Your preferences in receiving marketing from us.

3. How We Collect Your Data

We collect data through:

• Direct interactions: When you fill out forms on our website, register for a course, or contact us.
• Automated technology: As you navigate through our site (e.g., cookies).
• Third parties: If your employer enrolls you in one of our courses.

4. How We Use Your Data & Legal Basis

We will only use your personal data when the law allows us to. Most commonly, we will use it in the following circumstances :

5. Consent and Marketing

• Opt-in: We only send marketing emails (newsletters, new course alerts) if you have explicitly agreed to receive them. You will find a tick box on our web forms to confirm this consent .
• Opt-out: You have the right to withdraw your consent at any time by clicking the “unsubscribe” link in any marketing email or by contacting us directly.

6. Sharing Your Data

We will never sell your personal data. We may share your data with the following categories of third parties only when necessary :

• Service Providers: IT companies who host our website or manage our email system (e.g., [Name of CRM/LMS if applicable]).
• Professional Advisers: Including lawyers, bankers, auditors, and insurers.
• Governing Bodies: If your training leads to a professional certification that requires validation by an external body.

7. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way. We limit access to your personal data to those employees who have a business need to know .

8. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for. For training records, we typically retain data for a period of 5 years in order to re-issue or confirm past certifications .

9. Your Legal Rights

Under UK GDPR, you have the following rights :

• The right to access the personal data we hold about you.
• The right to rectification if your data is inaccurate or incomplete.
• The right to erasure (the “right to be forgotten”) to delete your data where it is no longer needed.
• The right to restrict processing of your data.
• The right to data portability to receive your data in a machine-readable format.
• The right to object to processing based on legitimate interests or direct marketing.

To exercise any of these rights, please contact us at training@isss.org.uk .

10. Cookies

Our website uses cookies to distinguish you from other users. This helps us to provide you with a good experience when you browse our website. You can set your browser to refuse all or some browser cookies .

11. Complaints

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance .