Privacy & Data Protection Notice
SpanSet UK Limited
Last updated: January 2026
SpanSet UK Limited is committed to protecting your personal data and respecting your privacy. This Privacy & Data Protection Notice explains how we collect, use, store and protect personal information when you interact with us, in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
This notice applies to customers, trainees, suppliers, inspection clients, website users and anyone who engages with SpanSet UK Limited and its services.
Who We Are
Data Controller:
SpanSet UK Limited
Telford Way
Middlewich
Cheshire
CW10 0HX
United Kingdom
Main Data Protection Contact:
Lauren Bannister
Marketing Manager
[email protected]
VAT Registration Number: 160 8518 65
Company Registration Number: 960688 (England)
SpanSet UK Limited is the data controller for the personal data described in this notice. This means we are responsible for deciding how and why your personal data is processed.Our Commitment to Data Protection
We take the privacy and security of your personal information seriously. Any personal data we collect is:
- processed lawfully, fairly and transparently
- collected for clear, legitimate business purposes
- relevant, limited and proportionate
- accurate and kept up to date
- retained only for as long as necessary
- protected using appropriate technical and organisational security measures
We do not sell personal data and we do not share it with third parties unless this is required to deliver our services, meet legal obligations, or where you have provided consent.
What Personal Data We Collect and Why
Personal data means information that can identify an individual. The type of data we collect depends on how you interact with SpanSet.
Training Customers and Trainees
When you attend or are booked onto a training course, we may collect details such as your name, job role, employer, contact details, site location and (where required) limited health or fitness information relevant to safe participation. This information allows us to verify identity, deliver training, issue certification and maintain training records.
For externally accredited courses, required information may be shared securely with the relevant awarding body for registration and certification purposes.
Training records are retained for the duration of certificate validity and typically for up to two years afterwards.
Training Coordinators
For individuals responsible for booking and managing training, we collect contact and organisational details to arrange courses, manage records, issue certificates and provide relevant reminders or updates. With consent, we may also share information about related training or safety services.
Customers
If you purchase products or services from us, we collect contact and business details to process enquiries, manage orders, provide technical support, issue safety notifications or product recalls, and manage the ongoing customer relationship. This information may be retained for the lifespan of the products or services supplied.
Inspection Clients
For equipment inspection services, we collect contact details linked to inspected equipment to arrange inspections, issue reports and maintain statutory inspection records. Individuals are only contacted directly where appropriate or where instructed by the booking organisation.
Suppliers and Business Partners
We collect standard business contact information to manage procurement, contracts, invoicing and communication related to supplier services.
How We Store and Protect Your Data
Personal data is stored securely within our business systems, including CRM, ERP, training management and inspection platforms. We also maintain minimal paper records where operationally required.
Access to all systems is restricted to authorised personnel only, protected by secure login controls. Staff are trained in data protection and confidentiality, and physical records are stored securely.
Our software providers confirm appropriate security and compliance measures to protect the data they process on our behalf.
Lawful Basis for Processing
We process personal data under one or more lawful bases, including:
- performance of a contract
- compliance with legal obligations
- legitimate business interests
- consent, where required (for example, marketing communications)
Where consent is used, it can be withdrawn at any time.
Marketing Communications
We will only send marketing communications where consent has been provided or where there is a legitimate business relationship. You can opt out of marketing at any time by using the unsubscribe option or contacting us directly.
Data Retention
We retain personal data only for as long as necessary to fulfil the purpose for which it was collected, including legal, regulatory, certification and operational requirements. Once no longer required, data is securely deleted or anonymised.
Your Rights Under Data Protection Law
You have rights in relation to your personal data, including the right to access, correct, delete, restrict or object to processing, and the right to data portability where applicable.
You also have the right to withdraw consent at any time where processing is based on consent.
To exercise any of your rights, please contact: [email protected]
We may request verification of identity before responding to requests. There is no fee for exercising your rights unless a request is manifestly unfounded or excessive.
Complaints
If you are unhappy with how we handle your personal data, you have the right to raise a concern with the Information Commissioner’s Office (ICO):
www.ico.org.uk
Changes to This Notice
We may update this Privacy & Data Protection Notice from time to time to reflect changes in legislation, business practices or services. The latest version will always be available on our website.