Privacy Policy – Middle East
RTITB Middle East Privacy Policy (November 2024)
RTITB Limited (Middle East) Privacy Policy (November 2024)
We are RTITB Limited. We are committed to protecting and respecting your privacy. This policy sets out the basis on which any personal data we collect will be processed by us. Please read this privacy policy carefully to understand our views and practices and your rights regarding your personal data. By visiting www.rtitb.com/om (our site) or by using our services and systems, your personal data will be processed as described in this policy.
- What information do we collect from you?
- Why do we collect this information?
- How long do we keep hold of your information?
- Who might we share your information with?
- How is your data stored and kept secure?
- What are your rights?
- Changes to this Policy
- Cookies
- Acceptable Use Policy
- Contact Us
What information do we collect from you?
We will collect and process the following data about you:
Information you give us: This is information about you that you give us by attending RTITB training courses, filling in forms or by corresponding with us by mobile, email or otherwise. The information you give us may include your name, address, date of birth, email address, mobile number and emergency contact information. You may also supply us with the name of your employer or a photograph for use in an ID card. Optionally, you may choose to complete surveys about our products or services. This includes information you provide us with through use of our apps and eLearning systems.
Information we collect from your use of our site and applications: With regard to each of your visits to our sites we will automatically collect the following information:
technical information, such as, where available, the Internet Protocol (IP) address used to connect your device to the Internet, operating system, browser type, and what type of device you are using to access our service; traffic data, location data, weblogs and other communication data and the resources that you access.
Information we collect throughout our relationship: This is information relating to your use of our service, including: analytical data relating to how you interact with our services and applications.
Information we collect when you call us: If you call us we will automatically collect the following information: the mobile number used to call us
Information we receive from other sources: We are working closely with other organisations, including: Your employer or training institute
Providing us with your details online: This is information you may choose to provide us with using the Contact Us page on our site. You may also choose to sign up to our newsletter which involves supplying us with your name and email address. Please let us know by contacting us at dataprotection@rtitb.com if any of this information changes so we can keep our records up to date.
Why do we collect this information?
We use this information for the following reasons:
Pursuant to a contract in order to: process information at your request to take steps to enter into a contract; provide you with our products and services; process employment applications; process payments; maintain business and service continuity; send service communications so that you receive a full and functional service and so we can perform our obligations to you. These may be sent by email or post or, if the circumstances require it, we may contact you by phone. These will include notifications about changes to our service;
On the basis of your consent:
Where we rely on your consent for processing this will be brought to your attention when the information is collected from you;
We will contact you with direct marketing communications if you consent to us doing so and you have the right to withdraw consent at any time. See the What are your rights? section below for more information.
In the legitimate interests of providing the best service and improving and growing our business we will process information in order to:
- provide you with a personalised service;
- improve our products and services;
- to deal with any employment queries asking for confirmation of qualifications as part of the service we offer;
- to notify your employer or other training institute of the status of your training and qualifications as part of the service we offer;
- in some circumstances to send you marketing communications about products or services which we believe will interest you;
- for audit purposes;
- for employment purposes;
- keep our site and systems safe and secure;
- understand our customer base and purchasing trends;
- to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
- defend against or exercise legal claims and investigate complaints; and
- understand the effectiveness of our marketing.
You have the right to object to processing carried out for our legitimate interests. See the What are your rights? section below for more information.
To comply with legal requirements relating to:
- the provision of products and services;
- data protection;
- health and safety;
- anti-money laundering;
- fraud investigations;
- assisting law enforcement; and
- any other legal obligations placed on us from time to time.
How long do we keep hold of your information?
Photographs are kept for 4 years;
Email addresses will be deleted after a 4 year period where we have not engaged with you;
Unsuccessful employment application data will be deleted after 6 months from your application/interview date whichever is the later;
Correspondence and related information for complaints, quality assurance or trade marks will be kept for 10 years;
We will keep key information about your training (name, date of birth, address, qualifications and correspondence) throughout your lifetime so that we can verify your training qualifications to your employers and prospective employers and deal with any incident or accident related queries. Such a period has been chosen because our experience has shown that reference to these records may be required for a significantly extended period of time. We will keep your information unless obligations to our regulators (for example, OFQUAL, EFSA etc.) require otherwise or we are otherwise required remove such data from our records.
Who might we share your information with?
You agree that for the purposes set out in the ‘Why do we collect this information?’ section above, we have the right to share your personal information with:
- selected associated third parties, some of whom we appoint to provide services, including:
- business partners, subsidiaries, suppliers and sub-contractors for the performance of any contract we enter into with you;
- analytics and search engine providers that assist us in the improvement and optimisation of our site;
- customer survey providers in order to receive feedback and improve our services;
- statistical data about our users’ browsing actions and patterns to our advertisers. This is aggregate information and does not identify any individual;
- any member of our group, which means Talent in Logistics Limited and Skill Specialists Limited and RTITB Properties Limited ;
- your employer or training organisation as part of the contract for our services.
- prospective employers for the purposes of verifying your training and qualifications.
- Those bodies who require confirmation of your training and qualifications, and through our online portal (data is only be accessible by inputting your 9 digit RTITB number or scanning the QR code on your RTITB ID Card/Certificate)
- Regulatory bodies such as OPAL, Ministry of Bahrain, HSE, SQA, OFQUAL, ESFA
Additionally, we will disclose your personal information to the relevant third party:
- In the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets.
- If we are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of our customers, our regulator, or others.
How is your data stored and kept secure?
At RTITB, we take your safety and security very seriously and we are committed to protecting your personal and financial information. All information kept by us is stored on our secure servers (which are hosted in a ISO27001 compliant data centre). Where we have given you (or where you have chosen) a password that enables you to access certain parts of our service, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
We may transfer your data outside the European Economic Area (“EEA”). We will only do so if adequate protection measures are in place in compliance with data protection legislation and the transfer is allowed under the specific contract of work we have with you/your employer/training provider. Wherever possible we will keep data on UK/EEA servers.
Our app based audit system (iAuditor) stores data in the US. Additionally our email marketing software and sales CRM provider (Hubspot) stores data in the US. For customer surveys we use Survey Monkey who store data in the US. Finally one of our online assessment tools (ClassMarker) store data in the US.
Any data transferred to any of these organisations is covered by standard contract clauses in place between the parties and is subject to a data transfer risk assessment. A copy of these clauses and assessments are available on request. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Any apps/systems that we use that are not specifically mentioned in the section above store data in the UK/EEA. Our End-point Assessment system (eFront and ACE360) and Training Friend App all store data in the UK exclusively.
Where processing of your personal data is based on consent, you can withdraw that consent at any time.
You have the following rights. You can exercise these rights at any time by contacting us at dataprotection@rtitb.com. You have the right:
- to ask us not to process your personal data for marketing purposes;
- to ask us not to process your personal data where it is processed on the basis of legitimate interests provided that there are no compelling reasons for that processing;
- to ask us not to process your personal data for scientific or historical research purposes, where relevant, unless the processing is necessary in the public interest.
- to request from us access to personal information held about you;
- to ask for the information we hold about you to be rectified if it is inaccurate or incomplete;
- to ask for data to be erased provided that the personal data is no longer necessary for the purposes for which it was collected, you withdraw consent (if the legal basis for processing is consent), you exercise your right to object, set out below, and there are no overriding legitimate ground for processing, the data is unlawfully processed, the data needs to be erased to comply with a legal obligation or the data is children’s data and was collected in relation to an offer of information society services;
- to ask for the processing of that information to be restricted if the accuracy of that data is contested, the processing is unlawful, the personal data is no longer necessary for the purposes for which it was collected or you exercise your right to object (pending verification of whether there are legitimate grounds for processing);
- to ask for data portability if the processing is carried out by automated means and the legal basis for processing is consent or contract.
Should you have any issues, concerns or problems in relation to your data, or wish to notify us of data which is inaccurate, please let us know by contacting us using the contact details above. In the event that you are not satisfied with our processing of your personal data, you have the right to lodge a complaint with the relevant supervisory authority at any time, which is
- Oman – Ministry of Transport, Communications, and Information Technology (MTCIT)
- Bahrain – Personal Data Protection Authority (PDPA)
- Saudi Arabia – The Saudi Data and Artificial Intelligence Authority (SDAIA) and its Saudi Authority for Data and Artificial Intelligence’s National Data Management Office (NDMO)
This policy may be updated from time to time. Please check back frequently to see any updates or changes to our privacy policy.
We use cookies to distinguish you from other users of our site and our applications. This helps us to provide you with a good experience when you use our services and also allows us to improve our services.
We use the following cookies:
Strictly necessary cookies: These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
Analytical/performance cookies: They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
Functionality cookies: These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
Targeting cookie: These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
You can find out more information about the individual cookies we use and the purposes for which we use them in the table below:
Cookie | Description | Duration | Type |
---|---|---|---|
_ga | This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site’s analytics report. the cookies store information anonymously and assigns a randomly generated number to identify unique visitors. | 2 years | GA1.2.1941041686.1573747358(Analytics) |
_gid | This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an alalytics report of how the website is doing. the data collected, including the number of visitors, the source where they have come from, and the pages visited in an anonymous form. | 1 day | GA1.2.1214749785.1573747358(Analytics) |
_gat_gtag_UA_9817427_1 | Google uses this cookie to distinguish users. | 1 minute | Analytics |
catAccCookies | Cookie banner notification. Set when the cookie banner is dismissed. | 1 month | Popup Dismissal |
IDE, ANID DSID, FLC, AID, TAID, exchange_uid | Google uses one or more cookies for advertising we serve across the web. One of the main advertising cookies on non-Google sites is named ‘IDE‘ and is stored in browsers under the domain doubleclick.net. Another is stored in google.com and is called ANID. We use other cookies with names such as DSID, FLC, AID, TAID, and exchange_uid. Other Google properties, like YouTube, may also use these cookies to show you more relevant ads. | 1 year | Google Ads |
_hs_opt_out | This cookie is used by the opt-in privacy policy to remember not to ask you to accept cookies again. This cookie is set when we give you the choice to opt-out of cookies. | 13 months | Hubspot |
_hs_do_not_track | This cookie is used by the opt-in privacy policy to remember not to ask you to accept cookies again. This cookie is set when we give you the choice to opt out of cookies. | 13 months | Hubspot |
__hs_initial_opt_in | This cookie is used to prevent the banner from always displaying when you are browsing in strict mode. | 7 days | Hubspot |
hs_ab_test | This cookie is used to consistently serve you the same version of an A/B test page you’ve seen before. It contains the ID of the A/B test page and the ID of the variation that was chosen for you. | End of session | Hubspot |
<id>_key | When visiting a password-protected page, this cookie is set so future visits to the page from the same browser do not require login again. The cookie name is unique for each password-protected page. It contains an encrypted version of the password so future visits to the page will not require the password again. | 14 days | Hubspot |
hs-messages-is-open | This cookie is used to determine and save whether the chat widget is open for future visits. It is set in your browser when you start a new chat, and resets to re-close the widget after 30 minutes of inactivity. | 30 minutes | Hubspot |
hs-messages-hide-welcome-message | This cookie is used to prevent the chat widget welcome message from appearing again for one day after it is dismissed. | 1 day | Hubspot |
__hsmem | This cookie is set when you log in to a HubSpot-hosted site. It contains encrypted data that identifies the membership user when you are currently logged in. | 1 year | Hubspot |
hs-membership-csrf | This cookie is used to ensure that content membership logins cannot be forged. It contains a random string of letters and numbers used to verify that a membership login is authentic. | End of session | Hubspot |
hs_langswitcher_choice | This cookie is used to save your selected language choice when viewing pages in multiple languages. It gets set when an end-user selects a language from the language switcher and is used as a language preference to redirect you to sites in your chosen language in the future if they are available. It contains a colon-delimited string with the ISO639 language code choice on the left and the top-level private domain it applies to on the right. An example will be “EN-US:hubspot.com”. | 2 years | Hubspot |
__cfduid | This cookie is set by HubSpot’s CDN provider, Cloudflare. It helps Cloudflare detect malicious visitors to our website and minimizes blocking legitimate users. It may be placed on your devices to identify individual clients behind a shared IP address and apply security settings on a per-client basis. It is necessary for supporting Cloudflare’s security features. | 30 days | Hubspot |
__cfruid | This cookie is set by HubSpot’s CDN provider because of their rate-limiting policies. | End of session | Hubspot |
__hstc | The main cookie for tracking visitors. It contains the domain, utk, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session). | 13 months | Hubspot |
hubspotutk | This cookie keeps track of a visitor’s identity. It is passed to HubSpot on form submission and used when deduplicating contacts. It contains an opaque GUID to represent the current visitor. | 13 months | Hubspot |
__hssc | This cookie keeps track of sessions. This is used to determine if HubSpot should increment the session number and timestamps in the __hstc cookie. It contains the domain, viewCount (increments each pageView in a session), and session start timestamp. | 30 minutes | Hubspot |
__hssrc | Whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser. If this cookie does not exist when HubSpot manages cookies, it is considered a new session. It contains the value “1” when present. | End of session | Hubspot |
messagesUtk | This cookie is used to recognize visitors who chat with us via the chatflows tool. If the visitor leaves our site before they’re added as a contact, they will have this cookie associated with their browser. | 13 months | Hubspot |
Cookies can be controlled by your web browser settings. Whether our cookies are used will depend on your browser settings, so you are in control. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, please use the following links:
Internet Explorer cookies information
Chrome cookies information
Firefox cookies information
Safari cookies information
Please be aware that by blocking all cookies you may not be able to access or use all the features of our website and you will not receive a personalised service.
Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to RTITB Middle East Office Muscat – Sultanate of Oman Muscat Grand Mall Building no. 4, Floor 5th, Office No. A 31 P.O Box 7, PC-136 Contact Number: +968 92806270 Email: middleeast@rtitb.com
For the purposes of data protection legislation, RTITB Limited is the controller of personal data processed as set out in this policy.
Acceptable Use Policy
RTITB.com & mdrsandnors.co.uk
This acceptable use policy sets out the terms between you and us under which you may access our website rtitb.com and mdrsandnors.co.uk (our sites). This acceptable use policy applies to all users of, and visitors to, our site.
Your use of our site means that you accept, and agree to abide by, all the policies in this acceptable use policy, which supplement our terms of website use.
rtitb.com is a site operated by RTITB Limited (we or us). We are registered in England and Wales under company number 02476398 and have our registered office at:
Access House,
Halesfield 17,
Telford
TF7 4PW.
Prohibited uses
You may use our site only for lawful purposes. You may not use our site:
- In any way that breaches any applicable local, national or international law or regulation.
- In any way that is unlawful or fraudulent, or has any unlawful or fraudulent purpose or effect.
- For the purpose of harming or attempting to harm minors in any way.
- To send, knowingly receive, upload, download, use or re-use any material which does not comply with our content standards as set out below.
- To transmit, or procure the sending of, any unsolicited or unauthorised advertising or promotional material or any other form of similar solicitation (spam).
- To knowingly transmit any data, send or upload any material that contains viruses, Trojan horses, worms, time-bombs, keystroke loggers, spyware, adware or any other harmful programs or similar computer code designed to adversely affect the operation of any computer software or hardware.
You also agree:
- Not to reproduce, duplicate, copy or re-sell any part of our site in contravention of the provisions of our terms of website use.
- Not to access without authority, interfere with, damage or disrupt:
- any part of our site;
- any equipment or network on which our site is stored;
- any software used in the provision of our site; or
- any equipment or network or software owned or used by any third party.
Interactive services
We may from time to time provide interactive services on our site, including, without limitation chat rooms, bulletin boards and a facility to post comments (interactive services).
Where we do provide any interactive service, we will provide clear information to you about the kind of service offered, if it is moderated and what form of moderation is used (including whether it is human or technical).
We will do our best to assess any possible risks for users (and in particular, for children) from third parties when they use any interactive service provided on our site, and we will decide in each case whether it is appropriate to use moderation of the relevant service (including what kind of moderation to use) in the light of those risks. However, we are under no obligation to oversee, monitor or moderate any interactive service we provide on our site, and we expressly exclude our liability for any loss or damage arising from the use of any interactive service by a user in contravention of our content standards, whether the service is moderated or not.
The use of any of our interactive services by a minor is subject to the consent of their parent or guardian. We advise parents who permit their children to use an interactive service that it is important that they communicate with their children about their safety online, as moderation is not foolproof. Minors who are using any interactive service should be made aware of the potential risks to them.
Where we do moderate an interactive service, we will normally provide you with a means of contacting the moderator, should a concern or difficulty arise.
Content standards
These content standards apply to any and all material which you contribute to our site (contributions), and to any interactive services associated with it. You must comply with the spirit of the following standards as well as the letter. The standards apply to each part of any contribution as well as to its whole.
Contributions must:
- Be accurate (where they state facts).
- Be genuinely held (where they state opinions).
- Comply with applicable law in the UK and in any country from which they are posted.
Contributions must not:
- Contain any material which is defamatory of any person.
- Contain any material which is obscene, offensive, hateful or inflammatory.
- Promote sexually explicit material.
- Promote violence.
- Promote discrimination based on race, sex, religion, nationality, disability, sexual orientation or age.
- Infringe any copyright, database right or trade mark of any other person.
- Be likely to deceive any person.
- Be made in breach of any legal duty owed to a third party, such as a contractual duty or a duty of confidence.
- Promote any illegal activity.
- Be threatening, abuse or invade another’s privacy, or cause annoyance, inconvenience or needless anxiety.
- Be likely to harass, upset, embarrass, alarm or annoy any other person.
- Be used to impersonate any person, or to misrepresent your identity or affiliation with any person.
- Give the impression that they emanate from us, if this is not the case.
- Advocate, promote or assist any unlawful act such as (by way of example only) copyright infringement or computer misuse.
Suspension and termination
We will determine, in our discretion, whether there has been a breach of this acceptable use policy through your use of our site. When a breach of this policy has occurred, we may take such action as we deem appropriate.
Failure to comply with this acceptable use policy constitutes a material breach of the terms of use upon which you are permitted to use our site, and may result in our taking all or any of the following actions:
- Immediate, temporary or permanent withdrawal of your right to use our site.
- Immediate, temporary or permanent removal of any posting or material uploaded by you to our site.
- Issue of a warning to you.
- Legal proceedings against you for reimbursement of all costs on an indemnity basis (including, but not limited to, reasonable administrative and legal costs) resulting from the breach.
- Further legal action against you.
- Disclosure of such information to law enforcement authorities as we reasonably feel is necessary.
We exclude liability for actions taken in response to breaches of this acceptable use policy. The responses described in this policy are not limited, and we may take any other action we reasonably deem appropriate.
Changes to the acceptable use policy
We may revise this acceptable use policy at any time by amending this page. You are expected to check this page from time to time to take notice of any changes we make, as they are legally binding on you. Some of the provisions contained in this acceptable use policy may also be superseded by provisions or notices published elsewhere on our site.