Privacy Policy
Spacetech Academy
Last updated: 18 February 2025
This privacy notice tells you what to expect us to do with your personal information.
Our Contact Details:
Electron Building, Fermi Avenue, Harwell Campus OX11 0QR
Email: crew@wearespacetech.com
What information we collect, use, and why We collect or use the following information to provide training, talent consultancy and recruitment services: • Names and contact details • Addresses • Date of birth • Purchase or account history • Website user information (including user journeys and cookie tracking) • Photographs or video recordings • Call recordings • Records of meetings and decisions • Identification documents • Information relating to compliments or complaints • Information relating to sponsorship
We collect or use the following information for the operation of customer accounts and guarantees: • Names and contact details • Addresses • Purchase history • Account information, including registration details • Information used for security purposes • Marketing preferences
We collect or use the following information to prevent crime, prosecute offenders, or defend against legal action: • Names, Address and contact information, where appropriate • Customer or client accounts and records • Criminal offence data (including Disclosure Barring Service (DBS), Access NI or Disclosure Scotland checks)
We collect or use the following information for service updates or marketing purposes: • Names and contact details • Addresses • Marketing preferences • Location data • Purchase or viewing history • IP addresses • Website and app user journey information • Information relating to sponsorship • Records of consent, where appropriate
We collect or use the following information to comply with legal requirements: • Identification documents • Financial transaction information, relating to services provided by Spacetech • Criminal offence data (including Disclosure Barring Service (DBS), Access NI or Disclosure Scotland checks)
We collect or use the following information for recruitment services offered: • Contact details (e.g., name, address, telephone number or personal email address) • Date of birth • National Insurance number • Copies of passports or other photo ID • Employment history (eg job application, employment references or secondary employment) • Education history (eg qualifications) • Right to work information • Details of any criminal convictions (eg Disclosure Barring Service (DBS), Access NI or Disclosure Scotland checks) • Security clearance details (eg basic checks and higher security clearance)
Lawful bases Our lawful bases for processing personal information are: • Consent • Contract • Legal obligation • Legitimate interest
Our legitimate interests include: • Enhancing Educational and Career Opportunities • Supporting Talent Acquisition and Development • Maintaining Organizational Effectiveness • Fulfilling Contractual Obligations • Ensuring Regulatory Compliance • Facilitating Career Advancement • Supporting Organizational Growth
Data Localization and Storage We maintain primary data storage facilities within the United Kingdom. In compliance with UK data protection laws post-Brexit and US state privacy regulations, we implement the following measures: • Primary data storage within the UK for UK operations • Secondary storage facilities in approved territories with adequate data protection standards • Specific state-compliant data handling for US operations where required by state law • Regular auditing of data storage locations and transfer mechanisms
Cross-Border Data Transfers For international data transfers, particularly between the UK and US, we maintain: • Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner’s Office • Additional safeguards as required by the UK International Data Transfer Agreement (IDTA) • Compliance with US state-specific data transfer requirements • Regular assessment of international transfer mechanisms • Documentation of all cross-border data flows • Implementation of transfer impact assessments
Artificial Intelligence and Automated Processing We utilize artificial intelligence and automated processing in our operations. You should be aware that: • We employ AI systems for certain data processing activities • Automated decision-making may be used in specific circumstances • You have the right to:
- Obtain human intervention
- Express your point of view
- Contest any automated decisions
- Understand the logic involved in automated decisions • We regularly assess our AI systems for bias and accuracy • We maintain human oversight of all critical automated processes
Where we get personal information from • People directly • Schools, colleges, universities or other education organizations • Publicly available sources • Previous employers
Data Processing, Storage and Retention Methods of processing The Owner takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.
The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Owner, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of this Application (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Owner. The updated list of these parties may be requested from the Owner at any time.
Storage The Data is processed at the Owner’s operating offices and in any other places where the parties involved in the processing are located. Specific measures include: • Primary data centers in the UK • Secondary processing locations in approved territories • Regular auditing of processing locations • Implementation of data localization requirements • Compliance with territory-specific data protection standards
Retention time Personal Data shall be processed and stored for as long as required by the purpose they have been collected for and may be retained for longer due to applicable legal obligation or based on the Users’ consent.
Who we share information with • Other organizations • Organizations we need to share information with for safeguarding reasons • Professional or legal advisors • Financial or fraud investigation authorities • Relevant regulatory authorities • Professional consultants • Organizations we’re legally obliged to share personal information with
Additional Data Protection Measures • Regular security assessments • Encryption of data in transit and at rest • Multi-factor authentication for data access • Regular staff training on data protection • Incident response procedures • Data protection impact assessments • Regular compliance audits
Your data protection rights Under data protection law, you have rights including:
Your right of access – You have the right to ask us for copies of your personal data.
Your right to rectification – You have the right to ask us to rectify personal data you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure – You have the right to ask us to erase your personal data in certain circumstances.
Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal data in certain circumstances.
Your right to object to processing – You have the right to object to the processing of your personal data in certain circumstances.
Your right to data portability – You have the right to ask that we transfer the personal data you gave us to another organization, or to you, in certain circumstances.
Your right to withdraw consent – When we use consent as our lawful basis you have the right to withdraw your consent.
You don’t usually need to pay a fee to exercise your rights. If you make a request, we have one calendar month to respond to you.
To make a data protection rights request, please contact us using the contact details at the top of this privacy notice.
How to complain If you have any concerns about our use of your personal data, you can make a complaint to us using the contact details at the top of this privacy notice.
If you remain unhappy with how we’ve used your data after raising a complaint with us, you can also complain to the ICO.
The ICO’s address: Information Commissioner’s Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF
Helpline number: 0303 123 1113 Website: https://www.ico.org.uk/make-a-complaint
Changes to This Privacy Policy We reserve the right to update this privacy policy at any time. We will notify you of any changes by posting the new privacy policy on this page and updating the “Last updated” date. You are advised to review this privacy policy periodically for any changes.