top of page

UKGRS Policy Information

Privacy Policy

General Data Protection Regulations (GDPR) & UK Global Road Safety Ltd

Personal information is a valuable resource that UK Global Road Safety Ltd (UKGRS) takes measures to protect from loss or corruption, unauthorised access and modification. Such information and the way it may be processed is subject to UK law, specifically the General Data Protection Regulations 2018 (GDPR).

UKGRS is committed to safeguarding and preserving the privacy of our customers. This Privacy Policy explains what happens to any personal data that is provided to us, either directly, indirectly or via the company’s website.  This document defines how UKGRS secures and handles data in line with the GDPR. 

Collecting data

We will collect personal data from you to run and deliver our services.  Examples may include:


  • Upon receipt of an enquiry

  • In reply to a communication from us

  • From a customer agreeing to engage in our products and services

  • From interacting with delegates attending training providing us with contact details, date of birth, driving license information

  • Information you provide to us when raising a “ticket support” enquiry

  • Information that you provide when you communicate with us by any means.


Whilst UKGRS uses Cookies to track visitor activity to its websites, we do not use cookies to collect personal data.

Use of data

UKGRS will use the data that is held to provide our services and any certification.  In addition we may use the information for one or more of the following purposes:

  • To provide information that has been requested from us about the products and services available or to address ticket support enquiries

  • To provide information relating to other products that may be of interest to clients.    This information will only be provided where we have consent to do so.


UKGRS staff have received training with regards to processing data under GDPR and we will continue to ensure that refresher training is provided on an annual basis.

We will only process children’s data when relating to specific products and services.  We will only do so with consent of an adult who holds parental responsibility. 


We will keep the children informed of the use of their data with our Privacy Promise for Young People.

Transfer of data outside the EU

In order to deliver some of our global online training services, it may be necessary to share your data outside of the European Economic Area.  Should this be necessary, UKGRS will ensure that the transfer and the third party service provider is compliant with the appropriate data protection laws and that all personal data will remain secure. 

Information from third parties. 

UKGRS may collect delegates personal information or data from third parties (e.g. employers).  The third party will hold the appropriate permission for this. This information will only be used to facilitate the delivery of the agreed training or assessment programmes and for no other purpose.

Disclosing data to third parties

UKGRS will only disclose data to third parties for a limited number of reasons:

  • Information may be shared with providers of our services to deliver agreed products and services to clients and for certification purposes

  • Information in the context of a sale of our business however all discussions would be subject to confidentiality agreements  

  • Information as required or permitted by law, or when it is believed that disclosure is necessary to protect our rights, protect an individual’s safety or the safety of others, and/or to comply with a judicial proceeding, court order, or other legal process served upon UKGRS

  • To protect the risk of fraud


UKGRS will not sell or pass on information for commercial purposes.


Our online services may make decisions about your driving skills from the information you provide. This will determine the level of risk associated with your driving and enable us to deliver the appropriate training. We will only do this if we have been asked to do this by your employer or yourself.


Your personal data is not collected for this purpose.

Data Retention

UKGRS will retain data securely, ensuring the IT infrastructure is covered by appropriate hardware and software maintenance and support.

Personal data will not be retained for any longer than is necessary for its defined purpose.  We hold a full data retention schedule and reviewed in accordance with the principles of the GDPR.

Your rights

You have rights within the GDPR and UKGRS is committed to complying with those rights:

  1. The right to be informed

       You have a right to be told about the information we hold on you, why we hold it and what we will do with that information.This must be presented in a clear           and transparent way.


  2. The right of access

      You have a right to ask for a copy of the personal data that we hold about you.


  3. The right to rectification

      You can ask us to correct or update any information that we hold about you.


  4. The right to erasure

      You can ask us to delete any personal data we hold about you where we no longer have any legal reason to hold it


  5. The right to restricted processing

      You can ask us not to continue to process your information although allowing us to still hold it


  6. The right to data portability

      Where it is technically feasibly possible, you can ask us to transfer your data to you or another service provider or third party.


  7. The right to object

       You can opt out of any marketing communications we might send you.You can also object to us using or holding your personal data if we no longer have

       legitimate reasons to do so.


  8. Rights in relation to automated decision-making and profiling

      Any profiling does not use your personal data.


      UKGRS will verify the identity of the person making any of the above requests.  If a request is received by a child, parental consent will be required to complete        the request.


In the event of a breach of personal data UKGRS will comply with the duties set down in the GDPR, informing the Information Commissioners Office if necessary.  Where feasible, UKGRS will honour its obligations within 72 hours of becoming aware of the breach.

Should the breach be likely to result in a high risk of adversely affecting individuals’ rights and freedoms, UKGRS will also inform those individuals without undue delay.

Contact us

If you would like to contact us about any of the information in our Privacy Policy please email or telephone 01452 347332.

If you would like to make a complaint about the way we have acted under our Privacy Policy you can do so by contacting:

Information Commissioners Office

Wycliffe House

Water Lane




Tel: 0303 123 1113 / 01625 545 745


We may need to make changes to our policy from time to time to keep it current and relevant.  The latest version of our Privacy Policy will be posted on our website for your reference.  We will review the policy as a minimum, on an annual basis.


Date of Policy: 1st June 2018. Next review date May 2025.

bottom of page