HomeAboutQualifications For CentresFor LearnersNewsContact
Verify Certificate
Legal

Privacy Policy

Last updated: 17 March 2026

Contents

ICO Registration:
ZB847103

This Privacy Policy explains how Apex Awards UK collects, uses and protects your personal data. We are committed to handling personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

The data controller is Apex Awards UK, a company registered in England and Wales with Company Registration Number 15847293. Our registered office is at First Floor, 10 Charter House Street, London, EC1N 6NA.

We are registered with the Information Commissioner's Office (ICO) under registration number ZB847103.

For any data protection queries or to exercise your rights, please contact us at info@apexawardsuk.co.uk or by post at the address above.

2. What Data We Collect

We collect personal data in the following circumstances:

2.1 Website Enquiries and Contact Forms

When you submit an enquiry via our website, we collect:

  • Your name and email address
  • Your telephone number (if provided)
  • The content of your message
  • Your organisation name (where provided)

2.2 Certificate Issuance (Learners)

When a learner is awarded a qualification through an Apex Awards UK approved centre, we collect and process:

  • Full name
  • Qualification title and level
  • Date of completion and certificate issue
  • Certificate ID
  • Units studied and credits awarded

2.3 Centre Approval Process

When an organisation applies to become an approved centre, we collect:

  • Organisation name and registration details
  • Contact names, email addresses and telephone numbers
  • Information about staffing qualifications and resources

2.4 Automatic Data Collection

When you visit our website, we may automatically collect technical information including your IP address, browser type, operating system, pages visited and time spent on the site. This information is collected via cookies and similar tracking technologies (see Section 7).

3. How We Use Your Data

We use the personal data we collect for the following purposes:

  • To respond to enquiries submitted via our contact or centre approval forms
  • To issue and maintain records of qualifications and certificates
  • To operate our online certificate verification service
  • To manage relationships with approved centres, including quality assurance activities
  • To comply with our legal and regulatory obligations
  • To improve our website and services through analysis of usage data
  • To send updates relevant to approved centres or learners where you have consented to receive them

We will never sell your personal data to third parties, and we will not use your data for purposes unrelated to those stated above without first notifying you and, where required by law, obtaining your consent.

We process personal data on the following legal bases under UK GDPR Article 6:

  • Contract performance (Article 6(1)(b)): Processing necessary for the performance of a contract with approved centres or to take steps prior to entering into such a contract.
  • Legal obligation (Article 6(1)(c)): Processing required to comply with applicable law, including qualification and awarding body regulatory requirements.
  • Legitimate interests (Article 6(1)(f)): Processing necessary for our legitimate interests in operating as an awarding body, maintaining the integrity of the qualification system and responding to enquiries. We have assessed that our interests are not overridden by the rights and freedoms of data subjects.
  • Consent (Article 6(1)(a)): Where we seek to send marketing or updates, we will ask for your consent and provide an easy means to withdraw it at any time.

5. Data Retention

We retain personal data only for as long as necessary for the purposes set out in this policy. Our standard retention periods are as follows:

  • Certificate and learner records: Retained for a minimum of 10 years from the date of issue, in order to facilitate ongoing certificate verification and to meet regulatory expectations.
  • Centre approval records: Retained for the duration of the centre's approval and for 5 years following the end of the centre relationship.
  • Enquiry and contact data: Retained for 12 months from the date of the last contact, unless a longer-term relationship is established.
  • Website analytics data: Retained in anonymised or aggregated form; identifiable IP data is retained for no longer than 90 days.

When data is no longer required, it is securely deleted or anonymised in accordance with our data deletion procedures.

6. Your Rights

Under UK GDPR, you have the following rights in relation to your personal data:

  • Right of access: You have the right to request a copy of the personal data we hold about you (Subject Access Request).
  • Right to rectification: You have the right to request that inaccurate personal data be corrected.
  • Right to erasure: In certain circumstances, you have the right to request that your personal data be deleted. Note that this right may be limited where we are required to retain data for legal or regulatory reasons.
  • Right to restriction of processing: You have the right to request that we restrict the processing of your personal data in certain circumstances.
  • Right to data portability: Where processing is based on consent or contract performance and carried out by automated means, you have the right to receive your personal data in a structured, commonly used format.
  • Right to object: You have the right to object to processing carried out on the basis of legitimate interests. We will consider your objection and cease processing unless we have compelling legitimate grounds that override your interests.
  • Rights in relation to automated decision-making: We do not use automated decision-making or profiling that produces legal or similarly significant effects.

To exercise any of these rights, please contact us at info@apexawardsuk.co.uk. We will respond within one calendar month. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office at ico.org.uk or by telephone on 0303 123 1113.

7. Cookies

Our website uses cookies — small text files stored on your device when you visit — to improve your experience and analyse usage. We use the following categories of cookies:

  • Strictly necessary cookies: Required for the website to function correctly. These cannot be disabled.
  • Analytics cookies: Used to collect anonymised data about how visitors use our website, helping us to improve content and navigation. These are only set with your consent.
  • Functionality cookies: Used to remember your preferences and provide a more personalised experience.

The certificate verification feature on this website uses your browser's localStorage to store certificate records locally on your device. This data does not leave your device and is not transmitted to any server. It is used solely to enable certificate generation and verification functionality.

You can control and delete cookies through your browser settings. Disabling cookies may affect the functionality of some parts of our website.

8. Third Party Services

We may share personal data with trusted third parties in the following circumstances:

  • Approved centres: We share relevant learner data with the approved centre through which the learner is enrolled, for the purposes of qualification delivery and administration.
  • Technology service providers: We use third-party services to operate our website and email systems. These providers process data on our behalf and are bound by appropriate data processing agreements.
  • Regulatory and legal obligations: We may share data with regulatory bodies, law enforcement agencies or other public bodies where required to do so by law.
  • Google Maps: Our contact page embeds a Google Maps element. Use of this feature is subject to Google's Privacy Policy. By viewing the map, data including your IP address may be sent to Google.

We do not transfer personal data outside of the UK or European Economic Area unless appropriate safeguards are in place in accordance with UK GDPR Chapter V.

9. Contact for Data Requests

All data subject rights requests, privacy enquiries and complaints should be directed to:

Data Protection Contact
Apex Awards UK
First Floor, 10 Charter House Street
London, EC1N 6NA
info@apexawardsuk.co.uk

We aim to acknowledge all data subject requests within 5 working days and to provide a substantive response within one calendar month. If we require additional time (up to a further two months) due to the complexity or volume of requests, we will notify you within the first month.

We reserve the right to update this Privacy Policy from time to time. When we make material changes, we will update the "last updated" date at the top of this page. We encourage you to review this policy periodically.