This Security Policy outlines the technical and organisational measures used to protect user data, systems, and digital services within our online training platform and associated services.
We implement appropriate technical, administrative, and organisational controls designed to protect data integrity, confidentiality, and availability. These controls are regularly reviewed and updated where necessary.
Access to systems and user data is strictly limited to authorised personnel only. Role-based access controls are applied to ensure that individuals can only access data required for their function.
User accounts are protected through secure authentication mechanisms. Users are responsible for maintaining the confidentiality of their login credentials.
We recommend strong passwords and do not permit unauthorised account sharing or misuse.
Data is protected using industry-standard security practices appropriate for online service environments. This includes secure transmission protocols and controlled storage environments.
We rely on third-party service providers to deliver key operational functions, including:
All third-party providers are selected based on their security standards and compliance frameworks. However, each provider operates under its own security and privacy policies, which are outside our direct control.
Where applicable, data is transmitted using secure protocols and stored within controlled environments designed to reduce risk of unauthorised access, alteration, or loss.
In the event of a suspected or confirmed security incident, we will take appropriate steps to:
Users are responsible for maintaining the security of their accounts and devices. This includes safeguarding login credentials and ensuring access is not shared with unauthorised individuals.
While we apply strong security controls, no digital system can guarantee absolute protection against all threats. Users acknowledge that use of online services carries inherent risk.
This Security Policy is designed to align with applicable data protection and cybersecurity principles, including reasonable industry standards for online service providers.