Positive Cyber Solutions  

Privacy Policy for Positive Cyber Solutions

This Privacy Policy applies to Positive Cyber Solutions’ websites and training platform, including PCS Training hosted via LearnWorlds (the “Website”). It covers our use of any personal data collected by us in relation to your use of the Website and any services provided through it. 

Data Controller 

Positive Cyber Solutions Ltd (Company No. 15645080) 

Registered address: Severn House, Hazell Drive, Newport, NP10 8FY 

Email: info@positivecybersolutions.co.uk 

1. Definitions and Interpretation 

In this Policy, the following terms have the following meanings: 

Account: personal information, login credentials, and payment confirmation data used to access course materials via the Website. 

Content: any text, graphics, video, audio, documents, or files presented on or accessible through the Website. 

Cookie: a small text file placed on your device when you visit certain parts of the Website. Further details are provided in our Cookie Policy. 

Data: personal data submitted to or collected by Positive Cyber Solutions Ltd in connection with your use of the Website and courses (for example, account details, learning progress, and payment confirmation data). 

PCS / we/us/our: Positive Cyber Solutions Ltd (registered office: Severn House, Hazell Drive, Newport, NP10 8FY). 

Service: PCS’s digital services and products provided through the Website, including online training courses and downloadable digital products. 

System: the learning platform and any communication features (e.g., contact forms), excluding public forums or chatrooms. 

User/Users: any individual accessing the Website who is not an employee of Positive Cyber Solutions Ltd acting in the course of their employment. 

Website: Positive Cyber Solutions’ websites and training platform, including the positivecybersolutions.co.uk website and PCS Training hosted via LearnWorlds (including pcs-training.learnworlds.com and pcs-training.positivecybersolutions.co.uk, where applicable), and any linked subdomains unless excluded by separate terms. 

2. Data Collected 

To keep things clear, we have set out below what data we collect depending on which PCS service you use. 

2.1 positivecybersolutions.co.uk (main website) 

Booking/contact forms: if you complete a booking or enquiry form (for example, to request a meeting), we collect the information you submit (such as your name, email address, and any details you include) so we can arrange and respond to your request. 

Free resources (Microsoft Forms): if you request free resources using a Microsoft Form, we collect the information you submit (such as your name and email address) so we can provide the resource. If the form includes an option to receive further communications, we will only add you to a contact/marketing list if you explicitly opt in. 

Payments (main website): if you purchase via our main website, payment is processed by Stripe and/or PayPal. We receive payment confirmation details but do not store card numbers. 

2.2 PCS Training (LearnWorlds) 

Account registration details (e.g., name, email address). 

Course enrolment, access and progress. 

Certification/completion history. 

Payments made through the training platform are processed by Stripe and/or PayPal. We receive payment confirmation details but do not store card numbers. 

If LearnWorlds provides a marketing opt-in checkbox, we will only transfer your contact details from LearnWorlds into our own contact/marketing list where you have explicitly opted in. 

2.3 Technical data (both websites) 

Technical data such as IP address, browser type/version, device and operating system information. 

Cookie data (see our Cookie Policy). 

Our websites and training are intended for individuals aged 18 and over. We do not knowingly collect, use, or otherwise process personal data relating to children, and no children’s data should be submitted through our sites or training platform. If we become aware that we have received personal data from a child, we will delete it promptly. 

3. How We Use Your Information 

We process your personal data for the following purposes: 

Providing services to you (including access to purchased courses and issuing certificates). 

Managing our relationship with you, including responding to enquiries, booking requests, or complaints. 

Improving our services based on feedback and platform performance information. 

Complying with legal and regulatory obligations. 

Marketing and communications (only where you have explicitly opted in / consented). You can unsubscribe at any time. 

If you submit your details via a booking or enquiry form (or other contact form) and you do not proceed further, we will not keep your information longer than necessary to deal with your request. Where we close the matter and you no longer require help or further contact, we will delete the form submission within 30 days, unless we need to keep a record for legal reasons. We will only retain your details for ongoing marketing or further contact where you have explicitly opted in. 

Please note: even if you do not opt in to marketing, we may still contact you where necessary to provide the service you requested (for example, to respond to an enquiry, confirm a booking, send purchase confirmations, provide access to a course, or issue a certificate). 

Course narration audio is created by PCS and may be enhanced using audio processing and/or AI-based tools (for example, background-noise reduction) to improve clarity and accessibility. 

3.1 Our processing process 

We follow a consistent process when handling personal data collected through the Website and our services: 

Collection: we collect personal data when you provide it to us (for example, via contact/booking forms, account registration, or purchases) and when you use the Website (for example, technical data such as IP address and cookie choices). 

Use: we use your data only for the purposes set out in Section 3 (for example, delivering courses, responding to enquiries, and improving the Website) and only send marketing where you have explicitly opted in. 

Access and security: access to personal data is limited to those who need it for the relevant purpose, and we apply appropriate technical and organisational measures (for example, access controls and encryption) to protect it. 

Sharing with service providers: where necessary to deliver the Service, we share limited information with trusted providers (for example, LearnWorlds for course delivery, and Stripe/PayPal for payment processing). We do not sell your personal data. 

Storage and international transfers: data is stored securely as described in Section 6. Where any provider processes data outside the UK, we apply appropriate safeguards as required by UK GDPR. 

Retention and deletion: we keep personal data only as long as needed for the purpose and as set out in Section 9, then delete or anonymise it. 

Your rights and requests: you can exercise your rights (Section 11) by contacting us. We may need to verify your identity before fulfilling a request. 

4. Lawful Basis for Processing 

We process your personal data based on one or more of the following lawful grounds: 

Consent: where you have given us clear consent (for example, opting in to marketing emails). 

Contract: processing is necessary to provide the services you have purchased (e.g., course access and certification) or to take steps at your request before entering a contract. 

Legal obligation: we need to process your data to comply with legal obligations. 

Legitimate interests: processing is necessary for our legitimate interests (unless overridden by your rights), such as improving our services and maintaining cybersecurity. 

5. How We Share Your Information 

We do not sell your personal data. 

We will not share your personal data with third parties unless: 

it is necessary for the performance of a contract with you (for example, delivering courses via LearnWorlds); 

we are required to do so by law or regulatory authorities; or 

we have your consent to do so. 

Payments 

Payments on our main website and our training platform are handled securely by third-party payment processors such as Stripe or PayPal. We do not store or have access to your card details. Please refer to the privacy policies of these providers for more information on how your payment data is processed. 

6. How We Store and Protect Your Data 

Your data is stored securely primarily within the UK on our systems, including Microsoft 365 cloud services and backup hard drives. We implement appropriate technical and organisational measures to protect personal data (for example, access controls, encryption where appropriate, and regular reviews) and we limit access to those who need it for legitimate business purposes. No method of transmission or storage is completely secure; however, we take cybersecurity seriously and continually review our safeguards to reduce risk. Where our service providers process personal data outside the UK, we will ensure appropriate safeguards are in place as required by UK GDPR. 

7. Website Contact Forms and Communication 

If you contact us via email or phone, we will process your contact details and any information you provide in order to respond to your enquiry and, where relevant, to take steps at your request before entering into a contract or to perform a contract with you. We may keep a record of communications for operational, security, and legal/compliance purposes (for example, to evidence what was agreed or to handle complaints), and we will not retain such records longer than necessary (see Section 9). 

8. Cookies and Tracking 

Our Website uses cookies and similar technologies to enhance functionality and security. These include functional/strictly necessary cookies (for example, login, security, and saving preferences) and, where enabled, optional analytics cookies to understand how visitors interact with the Website so we can improve it. We do not use cookies for advertising or marketing. You can manage your cookie preferences via the cookie banner/settings and your browser controls. For more information, please see our Cookie Policy. 

We also use Google Search Console to monitor how our websites appear in Google Search and to identify technical issues. This does not require us to place analytics cookies on your device. 

9. Data Retention 

We keep personal data only for as long as necessary for the purpose it was collected for, and to meet legal, accounting, or regulatory requirements. Our typical retention periods are: 

Booking/enquiry requests and contact forms (main website): if you submit a booking/enquiry request or other contact form submission but do not proceed, we will delete the details within 30 days after the matter is closed (see Section 3), unless we need to keep a record for legal reasons. 

Free resources (Microsoft Forms): if you request a free resource, we will keep the form submission long enough to provide the resource and manage any follow-up relating to that request, and then delete it within 30 days unless you have opted in to further contact. 

Marketing contacts: where you have opted in to marketing, we keep your contact details until you unsubscribe/withdraw consent, or we carry out routine list cleansing. 

Training records (LearnWorlds): course progress and certification/completion history is retained within LearnWorlds as needed to provide course access and evidence completion. 

Client records: 7 years (for legal and compliance reasons). 

10. Data Breach Notification 

In the unlikely event of a personal data breach, we will assess the incident and its potential impact. Where required by the UK GDPR, we will notify affected individuals and the Information Commissioner’s Office (ICO) without undue delay. Not all security incidents meet the legal threshold for notification; where notification is not required, we will still take appropriate steps to investigate, contain, and remediate the issue. 

11. Your Rights 

Under the UK GDPR, you have the following rights regarding your personal data: 

Right of access – request a copy of your personal data we hold. 

Right to rectification – correct inaccurate or incomplete data. 

Right to erasure – request deletion of your data, subject to legal conditions. 

Right to object – object to certain processing activities. 

Right to data portability – request transfer of your data to another provider. 

Right to restrict processing – request a temporary halt to processing in certain circumstances. 

Right to complain to the ICO: if you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s data protection supervisory authority. 

To exercise any of these rights, please contact us at: 

Email: info@positivecybersolutions.co.uk 
Address: Severn House, Hazell Drive, Newport, NP10 8FY 

12. Changes to this Privacy Policy 

We may change this Privacy Policy from time to time in line with legislation, guidance, and industry standards. Any updates will be published on this page, and the “Change Log”/last updated information will be revised accordingly. We may not explicitly notify all users of these changes, so we recommend that you check this policy periodically; your continued use of the Website after an update indicates that you have read the updated version. 

Change Log 

01/10/2024 – Privacy Statement Created 

19/11/2024 – Privacy Statement Reviewed 

12/02/2025 – Privacy Statement Updated (clarifications on data retention, website contact, cookies, and payment processing) 

30/07/2025 – Privacy Statement Updated (included LearnWorlds, analytics, payment processing, and marketing consent wording) 

30/03/2026 – Privacy Policy updated and aligned for use across PCS websites and PCS Training: clarified scope and controller details; restructured data collected by website (main site vs LearnWorlds); clarified opt-in marketing only; added/expanded lawful bases; clarified payments (Stripe/PayPal) and service providers; updated cookies/tracking wording (incl. Google Search Console); added 30-day retention for booking enquiries and free resources; updated security and international processing safeguards; improved readability and formatting consistency. 

 

 © 2026 Positive Cyber Solutions Ltd.  All rights reserved. 

Registered in England and Wales. Company Number: 15645080

Privacy Policy | Cookie Policy

Information icon

We need your consent to load the translations

We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.