Subscribe to our newsletter to receive the latest news and events from TWI:

Subscribe >
Skip to content
  • Privacy Statement

Privacy Policy

Introduction

TWI Ltd (“TWI”, “we,” “our”, “us”) respects your privacy and is committed to protecting your personal data.

This privacy policy tells you about your privacy rights and how the law protects you. It informs you as to how we look after your personal data, including when you visit the website for TWI Ltd at [https://www.twi-global.com/], TWI Certification Ltd, at [www.twicertification.com] or any other website provided by the TWI group of companies (together the “Websites”).

The Website is not intended for children and we do not knowingly collect data relating to children.

This privacy policy does not apply to any other third party websites that you may be able to access via the Websites and/or activities offered by third parties.  Please ensure that you review any relevant policies on any third party websites before proceeding. We are not responsible for the collection or use of your personal data from third party websites.

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

TOPICS COVERED

1. IMPORTANT INFORMATION AND WHO WE ARE

2. WHO DOES THIS POLICY APPLY TO?

3. THE DATA WE COLLECT ABOUT YOU

4. HOW IS YOUR PERSONAL DATA COLLECTED?

5. HOW WE USE YOUR PERSONAL DATA

6. DISCLOSURES OF YOUR PERSONAL DATA

7. INTERNATIONAL TRANSFERS

8. DATA SECURITY

9. DATA RETENTION

10. YOUR LEGAL RIGHTS

11. COMPLAINTS

1. Important information and who we are

Controller

TWI is the controller and responsible for processing your personal data.

This privacy policy is issued on behalf of the TWI group of companies (“TWI Group”). Details of the TWI Group can be found here. So when we mention "TWI", "we", "us" or "our" in this privacy policy, we are referring to all companies within the TWI Group responsible for processing your data. The TWI Group includes TWI Certification Ltd, the company that processes your information when you apply for and receive training from us, and in the delivery of any subsequent certificates.

We have appointed a Data Protection Manager who is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact the Data Protection Manager using the details set out below.

Contact details

If you have any questions about this privacy policy or our privacy practices, please contact our Data Protection Manager, by post to TWI Ltd, Bevan Braithwaite Building, Granta Park, Great Abington, Cambridge CB21 6AL, or by email to data.protection@twi.co.uk, or by telephone: 01223 899300.

Changes to the privacy policy and your duty to inform us of changes

We keep our privacy policy under regular review. This version was last updated in October 2021.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

2. Who Does this policy apply to?

Unless we say otherwise, this privacy policy applies to:

Candidates: an individual who has applied for and/or attended training, exams and/or inspections with TWI;

Members: an employee or director of a business customer, or other organisation, who registers the organisation as a member of TWI;

Customers: a customer of TWI, whether or not it is also a Member;

Contacts: all contacts of TWI, for example, business contacts, suppliers and potential customers; and

Visitor: visitors to our sites and Websites.

Some sections of this privacy policy only apply to users in the EU/UK. We make it clear where this is the case.

Where we refer to the “EU”, we mean the following countries: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain and Sweden.

3. The data we collect about you

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

  • Identity Data includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender;
  • Contact Data includes work/billing address, home address, email address and telephone numbers;
  • Member Data includes member reference number, member history, member representatives, member sector, contact details and address.
  • Candidate Data includes Candidate ID number, sponsorship status and sponsoring company name and address, professional memberships, details of any disability or specific requirements, events booked and/or attended, venues and booking references, inspections and/or examination type applied for and completed, pre-certification experience and examination records, verifier details (including name, telephone number, email address, company and role, and relationship to the Candidate);
  • Customer Data includes details of your orders for services, details of historical orders and payments to and from you;
  • Financial Data includes bank account and payment card details, details of payments to and from you;
  • Technical Data includes the internet protocol (IP) address used to connect your device, the type of device you are using, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access a Website;
  • Profile Data includes your username and password and any feedback you provide including feedback received following your receipt of any training;
  • Usage Data includes information about how you use our Websites and services; and
  • Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.

Special category (or sensitive) personal data

We request details of any disability or medical condition or specific medical requirement you may have when you apply to attend our training courses, exams and inspections. These are referred to as “special categories” of personal data. There are additional special categories of personal data but we do not collect these (for example, details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

If you fail to provide personal data

Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with services). In this case, we may have to cancel a service you have with us, but we will notify you if this is the case at the time.

4. How is your personal data collected?

We use different methods to collect data from and about you including through:

  • Information we receive directly from you. You will provide us with your personal data when you fill in forms or correspond with us by post, phone, email or otherwise. This includes personal data you provide when you:

- purchase our services;

- apply for and receive our training, exams and inspections;

- when you access the training portal or attend training events and symposiums;

- subscribe to our publications;

- request marketing to be sent to you;

- respond to a survey; or

- give us feedback in any other way or when you contact us for any reason.

 

  • From your member organisation/employer. Your employer will provide us with information about you when registering you for a training course, exam or inspection. This will include, for example, your name and contact details, role and previous experience.
  • From another company in the TWI group of companies. Where you wish to receive training in a country outside the UK, we will share your Candidate Data with the local TWI Group company in order that you may receive the relevant training.
  • Automated technologies or interactions. As you interact with our Websites, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies. Please see our cookie policy here  for further details as to the types of cookies we use.
  • Information provided by other third parties. When you use our Websites, we may receive information about that use from other companies who provide us with services in connection with them.

5. How we use your personal data

We will only use your personal data when the law allows us to and to enable us to provide our services and operate our Websites effectively. Most commonly, we will use your personal data in the following circumstances:

  • Where we need to perform the contract we are about to enter into or have entered into with you;
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests; and
  • Where we need to comply with a legal obligation.

Generally, we do not rely on consent as a legal basis for processing your personal data although we will get your consent before sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.

Purposes for which we will use your personal data

We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Please note that we may process your personal data for more than one lawful basis, depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific lawful basis we are relying on to process your personal data where more than one is set out in the table below.

For Candidates

Purpose/Activity

Type of data

Lawful basis for processing including basis of legitimate interest

To register your training / exam / inspection application

To process your application

To deliver your training

Identity Data

Contact Data

Candidate Data

Financial Data

 

Performance of a contract with you

 

To enable us to pursue our legitimate interests to:

  • fulfil our contract with your employer;
  • to maintain accurate and up to date training records; and
  • to enable companies within the TWI Group to deliver your training

 

Appropriate processing condition: Your explicit consent is obtained for the processing of any health data provided when you apply for training or an exam or inspection

To collect payment from you where you are responsible for paying the fees

To collect and recover money owed to us

Financial Data

Identity Data

Contact Data

Performance of a contract with you

 

To enable us to pursue our legitimate interests to recover debts owed to us

To transfer your data to other jurisdictions in which companies within the TWI Group are located in order to deliver your training

Identity Data

Contact Data

Candidate Data

Performance of a contract with you

 

To enable us to pursue our legitimate interests to:

  • fulfil our contract with your employer; and
  • enable companies within the TWI Group to process your training application and deliver your training and to update your training records

 

Appropriate processing condition: Your explicit consent is obtained for the transfer of any health data provided by you in connection with your application for training, or an exam or inspection

To share your information with the relevant examining board to enable your training/exam/inspection certificate to be produced and sent to you/your employer

Identity Data

Contact Data

Candidate Data

Performance of a contract with you

 

To enable us to pursue our legitimate interests to fulfil our contract with your employer

To share the results of any exam or inspection, and your training record, with your employer, only where your employer has arranged such training, exam or inspection on your behalf

Identity Data

Contact Data

Candidate Data

To enable us to pursue our legitimate interests to fulfil our contract with your employer

To update your training, exam and/or inspection records

To send you your certificate following completion of your training/exam/inspection

To send your certificate to your employer

Identity Data

Contact Data

Candidate Data

Performance of a contract with you

 

To enable us to pursue our legitimate interests to:

  • fulfil our contract with your employer; and
  • maintain accurate and up to date training records

To make suggestions and recommendations to you about services that may be of interest to you

Identity Data

Contact Data

Technical Data

Usage Data

Profile Data

Candidate Data

Marketing and Communications Data

To enable us to pursue our legitimate interests to develop our services and grow our business

 

Your consent (where your training has been arranged through your employer)

To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you

Identity Data

Contact Data

Candidate Data

Profile Data

Usage Data

Marketing and Communications Data

Technical Data

To enable us to pursue our legitimate interests to:

  • study how Candidates use our services; and
  • to develop our services, to grow our business and to inform our marketing strategy

 

Your consent (where your training has been arranged through your employer)

For Members

Purpose/Activity

Type of data

Lawful basis for processing including basis of legitimate interest

To process your application for membership

Identity Data

Contact Data

Member Data

Performance of a contract with you

 

To enable us to pursue our legitimate interests to:

  • fulfil our contract with your employer; and
    • maintain accurate and up to date training records

To process payment of the technology access fee

To collect and recover money owed to us

Financial Data

Identity Data

Contact Data

Member Data

Performance of a contract with you

 

To enable us to pursue our legitimate interests to recover debts owed to us

To contact you to administer your membership and/or to provide you with any updates or changes to your membership

Identity Data

Contact Data

Member Data

Performance of a contract with you

To make suggestions and recommendations to you about services that may be of interest to you

Identity Data

Contact Data

Member Data

Technical Data

Usage Data

Profile Data

Marketing and Communications Data

To enable us to pursue our legitimate interests to develop our services and grow our business

To transfer your data to other jurisdictions where companies within the TWI Group are located (only in certain circumstances, please see section 7 International Transfers below for further information)

Identity Data

Contact Data

Customer Data

To enable us to pursue our legitimate interests in assessing and developing our business and membership services

To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you

Identity Data

Contact Data

Member Data

Profile Data

Usage Data

Marketing and Communications Data

Technical Data

To enable us to pursue our legitimate interests to:

  • study how Members use our services;
  • to develop our services; and
  • to grow our business and to inform our marketing strategy

For Customers

Purpose/Activity

Type of data

Lawful basis for processing including basis of legitimate interest

To process and deliver your order for services

To manage payments of charges to and from us

To collect and recover money owed to us

Identity Data

Contact Data

Financial Data

Customer Data

Performance of a contract with you

 

To enable us to pursue our legitimate interests to recover debts owed to us

To transfer your data to other jurisdictions where companies within the TWI Group are located (only in certain circumstances, please see section 7 International Transfers below for further information)

Identity Data

Contact Data

Customer Data

To enable us to pursue our legitimate interests in developing and growing our business

To make suggestions and recommendations to you about services that may be of interest to you

Identity Data

Contact Data

Customer Data

Technical Data

Usage Data

Profile Data

Marketing and Communications Data

To enable us to pursue our legitimate interests to develop our services and grow our business

To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you

Identity Data

Contact Data

Customer Data

Profile Data

Usage Data

Marketing and Communications Data

Technical Data

To enable us to pursue our legitimate interests to:

  • study how Customers use our services; and
  • to develop them, to grow our business and to inform our marketing strategy

For All

Purpose/Activity

Type of data

Lawful basis for processing including basis of legitimate interest

To notify you about changes to our terms or privacy policy

 

To ask you to leave a review or take a survey and to enable you to complete a survey

Identity Data

Contact Data

Profile Data

Marketing and Communications Data

Performance of a contract with you

 

To comply with a legal obligation

 

To enable us to pursue our legitimate interests to:

  • keep our records updated;
  • study how you use our services; and
  • develop our services and grow our business

To administer and protect our business and our Websites (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

Identity Data

Contact Data

Technical Data

To enable us to pursue our legitimate interests for:

  • running our business;
  • the provision of administration and IT services;
  • network security;
  • fraud prevention;
  • business reorganisation or a restructuring exercise of the TWI Group

 

Necessary to comply with a legal obligation

To use data analytics to improve our Websites and our services, our marketing and our relationships with you

Technical Data

Usage Data

To enable us to pursue our legitimate interests to:

  • define types of Customers for our services and Candidates for our training;
  • keep our Websites updated and relevant;
  • develop our business and to inform our marketing strategy

Your consent to our use of non-essential cookies on our Websites

To make suggestions and recommendations to you about services that may be of interest to you

Identity Data

Contact Data

Technical Data

Usage Data

Profile Data

Marketing and Communications Data

To enable us to pursue our legitimate interests to develop our services and grow our business

 

Your consent where you have opted in to receive marketing information

To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you

Identity Data

Contact Data

Profile Data

Usage Data

Marketing and Communications Data

Technical Data

To enable us to pursue our legitimate interests to:

  • study how our Websites and services are used;
  • to develop our business and to inform our marketing strategy

 

Your consent to our use of non-essential cookies on our Websites

 

More about the information we use and why

Where we need consent to use your personal information, we will clearly ask you for this – and you can withdraw that consent at any time. For example, we may ask you to positively opt-in to us sending you marketing communications.

If you have any questions or you need any further information regarding how we use your information, please contact us.

Marketing

We may use your personal information to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you.

You will receive marketing communications from us if you have requested information from us or purchased services from us and you have not opted out of receiving that marketing.

We will not provide your personal information to any other third party businesses outside the TWI Group for marketing purposes unless we have your express permission to do so.

Should you wish to opt-out of receiving marketing messages at any time, you can follow the opt-out links on any marketing message sent to you or contact us at any time.

Privacy Notice for TWI Website Users

TWI Ltd is committed to protecting the privacy and security of your personal information.

This privacy notice describes how we collect and use personal information about you, in accordance with the General Data Protection Regulation (GDPR).

TWI Ltd is a ‘data controller’ This means that we are responsible for deciding how we hold and use personal information about you. We are required under data protection legislation to notify you of the information contained in this privacy notice.

Our principal activities are:

  • Engineering consultancy
  • Engineering research
  • Engineering training
  • Professional engineering society
  • Events

Our privacy policy covers TWI Ltd’s websites:

 Organisation name:  TWI Ltd
 Address:  Granta Park, Great Abington
 City:  Cambridge, CB21 6AL
 Country:  UK
 Controller:  The Data Controller
 ICO Registration:  Z5611956
 Websites:

www.twi-global.com
www.twijapan.jp
www.twisoftware.com
www.twitraining.com
www.aemri.co.uk
www.theweldinginstitute.com
www.twicertification.com

 

This privacy and cookie use policy explains how we use any personal information we collect about you when you use these websites.

Anonymous Access
You can access our websites' home pages and browse much of our site without disclosing your personal information.

Other websites
Our websites include links to external websites and a link to:

  • Barclays Bank secure payment system

  • RBS WorldPay secure payment system

Such third party web service providers may collect personal information about our visitors. This privacy and cookie use policy only applies to these websites so when you link to other websites you should read their own privacy and cookie use policies. 

Cookies

For more information about the cookies we use, please see our cookie policy.

Change of purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. However, we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

6. Disclosures of your personal data

We share your personal data with:

  • carefully selected companies to operate the Websites, to provide our services to you and to support our business (for example, IT database, and services and marketing support);
  • in some circumstances, to a data protection regulator or in order to comply with the law or a legal process or where we have another legitimate interest that is not outweighed by your interests and fundamental rights (for example, to maintain the security of our computer systems).
  • if you are a Candidate, to:

- other companies within the TWI Group for the purposes of delivering your training;

- your employer, if your employer is organising your training, exam and/or inspection; and

- external examining bodies for the provision of certificates;

  • if you are a Customer or a Member, your information will be available to other companies within the TWI Group. This is so that we can assess the services we provide and identify further opportunities for us to develop these and to grow the business.
  • third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy policy.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

7. International transfers

If you are a Contact or Visitor and you are based in the UK or the European Economic Area (“EEA”), your information will only be processed in the UK or the EEA, as applicable. (The EEA includes all the countries in the EU (listed here) and also Iceland, Liechtenstein and Norway).

We may need to share your personal data within the TWI Group, this may involve transferring your data outside the UK and the EEA.

If you are a Candidate and you receive training outside the UK and the EEA, your information will be accessed by TWI staff in the relevant location. Details of your training will then be transferred back to the UK where our systems will be updated.

If you are a Customer or a Member, your information is stored on our CRM database, some of which can be accessed from any company within the TWI Group.

We take reasonable precautions to ensure that your information will be adequately protected whenever it is transferred outside the UK and the EEA, and that it will be treated in a way which is consistent with UK and European data protection laws.

We will only transfer your personal data either:

  • to countries that have been deemed to provide an adequate level of protection for personal data; or
  • where we have specific contracts in place, approved for use in the UK and the EU, which give personal data a similar level of protection it has in the UK and the EU.

Please contact the Data Protection Manager using the contact details here  if you want further information on how and when we transfer your personal data out of the UK and the EEA.

8. Data security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Details of these are available from our Data Protection Manager.

In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

9. Data retention

How long will you use my personal data for?

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you or your employer.

To determine the appropriate retention period for personal data, we consider the nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

If you would like further information as to how long we retain your information, please contact the Data Protection Manager.

10. Your legal rights

Updating and accessing your information (this section only applies if you are in the UK/EU)

If you are in the EU or UK, you have the right under EU/UK data protection laws to access personal information held about you, subject to certain conditions, and to ask for it to be changed or deleted.

If you would like to access or amend the personal information which we hold about you, or if you would like us to stop using your personal information, please contact us.

To learn more about the rights you may have in relation to your personal information see Your rights.

Your rights

By law you have the following rights with regard to your personal information:

  • Access. You have the right to obtain confirmation as to whether or not your personal information is being processed, and, if it is, request access to that personal information (commonly known as a “data subject access request”). We will need you to prove your identity before we release any personal information to you. 
  • Correction or deletion. You have the right to ask us to correct or delete any personal information that we hold about you (unless we have the legal right to retain it). You also have the right to ask us to delete your information where you have exercised your right to object to processing (see below).
  • Objection. You have the right to object to processing of your information where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground.  You also have the right to object where we are processing your information for direct marketing purposes.
  • Restriction. You also have the right to restrict us from processing your personal information. You can ask us to temporarily stop processing information about you, for example if you want us to establish that it is accurate or the reason for processing it.
  • Change of preferences. You can change your information processing preferences at any time. For example, if you have given your consent to us to send you marketing material in a particular way, but have changed your mind, you can contact us or click the relevant link in any communication you receive (where this specifically relates to marketing messages, see Marketing).
  • Data portability. In some circumstances, you have the rightto ask us transfer a copy of the personal information we hold about you to someone else.

Please note that if you ask us to stop processing your personal information in a certain way or if you ask us to delete your information, and we need to use that information to provide the Websites to you, then you may not be able to continue to use them.  This does not include your right to object to direct marketing, which can be exercised at any time without restriction. If you would like to exercise any of the rights mentioned above, please contact us.

The above rights do not apply to anonymised personal information.

No fee usually required to access your personal information

You will not normally have to pay a fee to access your personal information (or to exercise any of the other rights set out above).  However, we may charge a reasonable fee if your request for access is unreasonable or excessive.  Alternatively, we can refuse to comply with the request.

What we may need from you

We may need to request specific information from you to confirm your identity and verify your right to access the information (or to exercise any of your other rights).  This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

Right to withdraw consent

Where you have consented to the collection, use or transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time.  To withdraw your consent, please contact us.  Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.

Time limit to respond

We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

11. Complaints (this section only applies if you are in the EU/UK)

If, for any reason, you are not happy with the way that we have handled your personal information, please contact us.

If you are still not happy, you have the right to make a make a complaint to your local data protection regulatory authority.

If you are based in the UK, you can contact the Information Commissioner’s Office using the link here: https://ico.org.uk/global/contact-us/.

Document owner and approval

The DPM is the owner of this document and is responsible for keeping it up to date.

The current version of this document is available to all employees and anyone and/or organisation for whom we will process personal data in pursuit of conducting TWI Ltd activities.

Its approval status can be viewed in the Master List of Document Approval.

For more information please email:


contactus@twi.co.uk