Contact Us
Bars
Contact

Privacy Notice

This privacy notice tells you what to expect us to do with your personal information.

  • Contact details
  • What information we collect, use, and why
  • Lawful bases and data protection rights
  • Where we get personal information from
  • How long we keep information
  • Who we share information with
  • How to complain

Contact details

Telephone

+44 1189790030

Email

info@bamct.co.uk

What information we collect, use, and why

We collect or use the following information to provide services and goods, including delivery:

  • Names and contact details
  • Addresses
  • Date of birth
  • Purchase or account history
  • Payment details (including card or bank information for transfers and direct debits)
  • Account information
  • Website user information (including user journeys and cookie tracking)
  • Identification documents
  • NI Number, CPCS, and CITB number are used for the purpose of booking tests through the awarding bodies.

 

We collect or use the following information for the operation of customer accounts and guarantees:

  • Names and contact details
  • Addresses
  • Account information, including registration details
  • Information used for security purposes
  • Unique identifiers such as NI numbers, CPCS numbers, and CITB
    numbers, which are critical for validating eligibility for construction-related tests.

 

We collect or use the following information to prevent, detect, investigate or prosecute crimes:

  • Video and CCTV recordings of public areas (including indoor and outdoor spaces)
  • Audio recordings of public areas (including indoor and outdoor spaces)
  • Video and CCTV recordings of private or staff only areas

 

We collect or use the following information to comply with legal requirements:

  • Name
  • Contact information
  • Identification documents
  • Health and safety information
  • Retention of booking records or test outcomes to comply with industry regulations or audits

 

We collect or use the following information to coordinate and confirm bookings with third-party certification providers like CPCS and NPORS:

  • Names and contact details
  • Date of birth
  • Identification documents
  • Customer or client accounts and records
  • Booking details, such as the type of test, date, and time, which are critical for coordinating with third-party providers

 

Lawful bases and data protection rights

Under UK data protection law, we must have a “lawful basis” for collecting and using your personal information. There is a list of possible lawful bases in the UK GDPR. You can find out more about lawful bases on the ICO’s website. Which lawful basis we rely on may affect your data protection rights which are in brief set out below. You can find out more about your data protection rights and the exemptions which may apply on the ICO’s website:

  • Your right of access – You have the right to ask us for copies of your personal information. You can request other information such as details about where we get personal information from and who we share personal information with. There are some exemptions which means you may not receive all the information you ask for.
  • Your right to rectification – You have the right to ask us to correct or delete personal information you think is inaccurate or incomplete. 
  • Your right to erasure – You have the right to ask us to delete your personal information.
  • Your right to restriction of processing – You have the right to ask us to limit how we can use your personal information.
  • Your right to object to processing – You have the right to object to the processing of your personal data.
  • Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you.
  • Your right to withdraw consent – When we use consent as our lawful basis you have the right to withdraw your consent at any time.

 

If you make a request, we must respond to you without undue delay and in any event within one month.

To make a data protection rights request, please contact us using the contact details at the top of this privacy notice.


Our lawful bases for the collection and use of your data

Our lawful bases for collecting or using personal information to provide services and goods are:

  • Contract – we have to collect or use the information so we can enter into or carry out a contract with you. All of your data protection rights may apply except the right to object.
  • Legal obligation – we have to collect or use your information so we can comply with the law. All of your data protection rights may apply, except the right to erasure, the right to object and the right to data portability.
  • Legitimate interests – we’re collecting or using your information because it benefits you, our organisation or someone else, without causing an undue risk of harm to anyone. All of your data protection rights may apply, except the right to portability. Our legitimate interests are:
    • We collect and use personal information to provide services and goods under our legitimate interest in ensuring efficient and secure operations that benefit both our clients and our organisation.
    • Specifically:
    • Benefits: Collecting and processing information such as contact
      details, identification documents, and booking details allows us
      to:
      1. Facilitate a seamless automated booking system for construction tests, ensuring clients can schedule and manage their tests efficiently.
      2. Enhance account security through measures such as OTP and 2FA, protecting client information from unauthorized access.
      3. Coordinate with third-party certification providers (e.g., CPCS and NPORS) to confirm and schedule tests effectively, ensuring the service is delivered without delays or errors.
    • Why Benefits Outweigh Risks:
    • The processing of personal data is conducted transparently and
      responsibly. While we recognize the potential risks of collecting
      sensitive information, such as contact details and identification
      numbers, we mitigate these through:
      1. Secure storage and encryption of data.
      2. Sharing minimal data with third parties only when necessary (e.g., phone numbers for OTP purposes).
      3. Retaining data only for the required period (2 years) to avoid unnecessary storage. Balancing Interests: We take care to ensure that client’ rights and expectations are respected.
    • The information we collect is only used for essential purposes, such as fulfilling bookings and providing secure account access, and we avoid any processing that could unfairly impact individuals.
    • We do not process data for marketing purposes without explicit consent; ensuring individuals are not subject to unwanted or intrusive communications. This balance ensures our legitimate interests do not override or unfairly compromise the rights, freedoms, or privacy of individuals.

 

Our lawful bases for collecting or using personal information for the operation of customer accounts and guarantees are:

  • Contract – we have to collect or use the information so we can enter into or carry out a contract with you. All of your data protection rights may apply except the right to object.
  • Legal obligation – we have to collect or use your information so we can comply with the law. All of your data protection rights may apply, except the right to erasure, the right to object and the right to data portability.
  • Legitimate interests – we’re collecting or using your information because it benefits you, our organisation or someone else, without causing an undue risk of harm to anyone. All of your data protection rights may apply, except the right to portability. Our legitimate interests are:
    • Legitimate Interest Explanation:
    • We collect and use personal information for the operation of
      customer accounts and guarantees under our legitimate interest
      to provide a secure, efficient, and user-friendly service that
      benefits both our clients and our organization.
    • Specifically: Benefits:
      1. Collecting account details, such as names, contact information, and identification numbers, allows us to create and maintain customer accounts, ensuring bookings and test coordination are structured and streamlined.
      2. Implementing security measures, such as OTP and 2FA, enhances the safety of customer accounts by preventing unauthorised access and protecting sensitive data.
      3. Retaining account information enables us to address potential issues or queries that may arise during or after service delivery, improving the overall customer experience.
    • Why Benefits Outweigh Risks: While processing personal information has inherent risks, these are minimized through robust security measures, including encryption, secure servers, and limited data access.
    • Additionally, we are transparent about data collection, ensuring clients understand how their information is used and stored.
    • Balancing Interests: We prioritise the rights and privacy of our clients. The information collected is strictly limited to what is necessary for account operation and security, and it is not used for purposes unrelated to the service provided.
    • Our practices are designed to benefit clients by enhancing their experience while protecting their data, ensuring our legitimate interests do not override their rights or freedoms. Our lawful bases for collecting or using personal information to prevent, detect, investigate or prosecute crimes are:
      • Legal obligation – we have to collect or use your information so we can comply with the law. All of your data protection rights may apply, except the right to erasure, the right to object and the right to data portability.
      • Legitimate interests – we’re collecting or using your information because it benefits you, our organisation or someone else, without causing an undue risk of harm to anyone. All of your data protection rights may apply, except the right to portability.
    • Our legitimate interests are:
    • Legitimate Interest Explanation: We collect and use personal
      information for the purposes of preventing, detecting,
      investigating, and prosecuting crimes under our legitimate
      interest to maintain the safety and security of our operations,
      clients, and staff. Specifically:
      1. Using CCTV recordings allows us to monitor both public and
        restricted areas to deter and identify unauthorized access, theft,
        or malicious activity.
      2. Sharing phone numbers for OTP and 2FA ensures secure
        access to accounts, protecting sensitive client information from
        fraud and unauthorized use.
      3. Retaining security-related records (e.g., logs or surveillance
        footage) aids in investigating potential incidents and
        collaborating with law enforcement, if necessary.
    • Why Benefits Outweigh Risks:
    • Personal data collected for security purposes is limited to what is
      essential for protecting individuals and operations. Risks to
      privacy are minimized by:
      1. Ensuring CCTV surveillance is clearly communicated through
        signage.
      2. Restricting access to data, such as recordings and OTP logs,
        to authorized personnel only.
      3. Implementing robust data security measures, such as
        encryption and controlled access systems, to prevent misuse or
        accidental exposure.
    • Balancing Interests:
    • We carefully consider the rights and expectations of individuals,
      ensuring that our security practices do not intrude unnecessarily
      on their privacy.
    • Our CCTV system operates solely in areas where monitoring is
      required for safety and security, and recorded data is retained
      only for a specific period, after which it is securely deleted
      unless required for an ongoing investigation.
    • Similarly, OTP and 2FA processes are designed to enhance
      security for clients without causing disruption or undue burden.
    • By aligning our security measures with industry standards and
      ensuring transparency, we maintain a fair balance between
      protecting our organization and respecting the rights of
      individuals.
    • Vital interests – collecting or using the information is needed when
      someone’s physical or mental health or wellbeing is at urgent or
      serious risk. This includes an urgent need for life sustaining food,
      water, clothing or shelter. All of your data protection rights may apply,
      except the right to object and the right to portability.
      Our lawful bases for collecting or using personal information for legal
      requirements are:
    • Legal obligation – we have to collect or use your information so we can
      comply with the law. All of your data protection rights may apply,
      except the right to erasure, the right to object and the right to data
      portability.
      Our lawful bases for collecting or using personal information for to
      coordinate and confirm bookings with third-party certification providers like
      CPCS and NPORS. are:
    • Contract – we have to collect or use the information so we can enter
      into or carry out a contract with you. All of your data protection rights
      may apply except the right to object.
    • Legitimate interests – we’re collecting or using your information
      because it benefits you, our organisation or someone else, without
      causing an undue risk of harm to anyone. All of your data protection
      rights may apply, except the right to portability. Our legitimate
      interests are:
    • Legitimate Interest Explanation:
    • We collect and use personal information for the purpose of
      coordinating and confirming bookings with third-party providers
      like CPCS and NPORS under our legitimate interest to ensure
      efficient service delivery and a seamless experience for our
      clients.
    • Specifically:
      1. Sharing essential details, such as names, identification
        numbers (e.g., CPCS, CITB, NI numbers), and contact
        information, allows us to coordinate directly with certification
        bodies, ensuring bookings are confirmed without delays.
      2. Retaining booking information enables us to maintain
        accurate records for audits, inquiries, or updates related to tests
        or certifications.
      3. Streamlining this process benefits our clients by reducing the
        administrative burden and ensuring their bookings are handled
        promptly and accurately.
    • Why Benefits Outweigh Risks:
    • While processing personal data involves inherent risks, such as
      unauthorized access or misuse, these risks are mitigated
      through strong security measures:
      1. Data is shared only with trusted third-party providers directly
        involved in test booking and administration.
      2. Access to sensitive information is restricted to authorized
        personnel, and robust encryption methods are used to protect
        data during transmission.
      3. Data is retained only for the necessary period (currently 2
        years) and securely deleted thereafter unless legally required to
        retain further.
    • Balancing Interests: We are committed to protecting our clients’ rights and privacy while ensuring operational efficiency.
    • The personal information collected is strictly limited to what is essential for completing bookings and no data is shared for unrelated purposes such as marketing.
    • We remain transparent about our practices and take steps to ensure minimal privacy impact on individuals. Through this approach, we maintain a fair balance between achieving our operational goals and respecting our clients’ expectations and rights.

 

Where we get personal information from

  • Directly from you
  • Suppliers and service providers
  • Third parties:
  • Test Providers (e.g., CPCS, NPORS) These organizations receive
    relevant information, such as identification documents and booking details, to confirm and schedule tests for clients.
  • Security Providers Third-party services managing OTP and 2FA
    processes for account security. They handle phone numbers for
    authentication purposes.
  • Brokers or Partner Organizations Companies or brokers book clients in
    with you, sharing personal details like names, contact information, and
    identification numbers necessary for bookings.
  • Data Processors Any technical providers (e.g., hosting or software
    services) that assist in processing client information securely to deliver
    your service.

How long we keep information

We retain information on your account for a maximum of two years after which we may delete all your personal information stored on our system.

Who we share information with

Data processors

Twillio

This data processor does the following activities for us: Category:
Technology and Security Services. Sector\/Sub-sector: Authentication and Cybersecurity.

CPCS

This data processor does the following activities for us: Category:
Certification and Testing Services. Sector\/Sub-sector: Construction
Certification and Training.

Others we share personal information with

  • Professional or legal advisors
  • Relevant regulatory authorities
  • Organisations we’re legally obliged to share personal information with
  • Suppliers and service providers
  • Other relevant third parties:
    • CPCS and NPORS Certification Providers, Purpose of Sharing: To confirm and coordinate test bookings, Type of Information Shared: Names, contact details, identification documents (e.g., CPCS or CITB numbers), and booking details. Location: Based in the United Kingdom.
    • OTP and 2FA Security Providers, Purpose of Sharing: To enhance account security through authentication measures., Type of Information Shared: Phone numbers for generating and sending OTPs.
    • Data Hosting and IT Service Providers, Purpose of Sharing: For secure storage and maintenance of personal information., Type of Information Shared: Account details, booking records, and identification documents

How to complain

If you have any concerns about our use of your personal data, you can make a complaint to us using the contact details at the top of this privacy notice. If you remain unhappy with how we’ve used your data after raising a complaint with us, you can also complain to the ICO.

The ICO’s address:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Helpline number: 0303 123 1113

Website: https://ico.org.uk/make-a-complaint/

Our Testimonials

Hear from our clients. Check out our testimonials here!

The facilities were excellent and training was top quality. I was made to feel comfortable and everything was explained very well. Many thanks.
I really enjoyed the whole experience from start to finish. I had plenty of seat time on the excavator. Trainer and tester were great couldn't ask for anything more from them.
Fantastic course. Matt and Danny both had great knowledge and fantastic communication skills with us. All the guys left BAM with a high level of skill and knowledge and more importantly very safe working practices on the machines.
Enjoyed the course. Trainers were helpful, instructive and patient. There's a lot to take in but they go at a steady pace without overwhelming you with information. Equipment was in very good condition.
Found the course challenging but enjoyable. Nick had plenty of experience to guide us in the right direction. Great use of models and tools to make it understandable. Facilities were spot on and everyone was friendly and welcoming.
I have done a lot of CPCS training over years and BAM Construction Training are by far the best! Everything from the trainers, office personnel and facilities is first class. I would highly recommend them.
I found the course to be interesting and well delivered. The instructor gave everyone on the course the best opportunity to pass the exam. I would definitely recommend the course and the trainer.
CSCS, CPCS, NPORS, NVQs & more. Speak to a member of our team today.
Enquire
Wokingham - Head Office

Unit 4 Warren Farm, Forest Road, Wokingham, Berkshire, RG40 5QY

Bracknell

Ashley Farm, Bottle Lane, Bracknell, Berkshire, RG42 5RY

Youtube Instagram Facebook Linkedin X-twitter

Courses

Company

Clients

Resources

© BAM Construction Training Ltd 2022 • Company No: 08605885 • Privacy Policy • T&Cs • Website by e-innovate

Enquire using the form below. Please keep in mind that the more available dates you provide us with, the more likely we are able to fit you onto a course. We do not run courses on Sunday.

Enquire Now