top of page

Critical Thinkers Privacy Policy:


At Critical Thinkers, We are committed to protecting your personal data. This privacy policy sets out how we collect and use the personal information (“personal data”) you provide us with directly or through use of our website ( (“Website”) and tell you about your privacy rights and how the law protects you.


Important information and who we are

For the purposes of the General Data Protection Regulations (EU)(2016/679) and any updating legislation from time to time. We are the Data Controller of information provided by customers. We have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the DPO using the details set out below.


How to contact Us

If you have any questions regarding your personal data and how we may use it, including any queries relating to this policy, please contact us at


It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes.


What is personal data and what is the basis for collecting it?

Personal data means any data or information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).


We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:


Identity Data includes first name, last name, username or similar identifier, title, date of birth, gender, and passport or national identity card information, including copies of these documents;


Contact Data includes postal address, email address and telephone numbers;


Financial Data includes credit / debit card details or other payment information;


Transaction Data includes details about the method of payment, the amount and date;


Technical Data includes internet protocol address, your login data, browser type and versions, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this Website;


Profile Data includes purchases or orders made by you, your interests, preferences, feedback and survey responses


Usage Data includes information about how you use our services or submit an enquiry or query through our Website;


Marketing and Communications Data includes your preferences in receiving marketing from us and your communication preferences;


Individual Data additional information collected from you in relation to the services We provide, including telephone calls which we record; and

Special Categories of Data includes information relating to disabilities or medical conditions which may affect your holiday arrangements and any dietary restrictions which may disclose your religious beliefs.


Events, conferences and CPD training days includes information collected from you in relation to the services we provide, including school name and address, first name, last name, email.


Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, We may not be able to perform the contract you have or are trying to enter. In this case, we may have to cancel the services, but we will notify you if this is the case at the time.


How do we collect personal data?

We use different methods to collect personal data from and about you through:


Direct interactions: You may give us your identity, contact and financial data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes, but is not limited to personal data you provide when you;


  • Contact us by telephone, email or livechat to make an enquiry

  • Use a form on our Website

  • Register for an event purchase services from Us;

  • Give us some feedback

  • Automated technologies or interactions. As you interact with our website, we may automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies.


What do we do with your personal data?

We will only use your personal data when the law allows us to, i.e., if we have a legal basis for doing so, as outlined in this Policy or as notified to you at the time we collect your personal data, and for the purposes for which it was collected, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do this. Please note that we may process your personal data without your knowledge or consent, where this is required or permitted by law.


How your personal data may be shared


On occasions, we may use other companies to provide services on our behalf, such as mailing brochures and marketing material. We only provide third parties with the personal data they require in order to deliver their services and their use is limited to the services they provide.


We may also share your personal data with our social media, advertising and analytics partners based in the UK and USA who provide IT and system administration services and/or marketing services.


How your personal data may be stored


Our company is hosted on the platform. provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through’s data storage, databases and the general applications. They store your data on secure servers behind a firewall. 

All direct payment gateways offered by and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.


Some of our external third parties may be based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.


Whenever we transfer your personal data to countries outside of the EEA, to other people or companies, it will be for one of the legal bases for processing your personal data as indicated above.



We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising.


Promotional offers from us

We may use your identity, contact, technical, usage and profile data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).


You will receive marketing communications from us if you have requested information from us or purchased services from us and, in each case, you have not opted out of receiving that marketing.


Third party marketing

We will get your express opt-in consent before we share your personal data with any company outside of Critical Thinkers for marketing purposes.


Opting out

You can opt-out of receiving marketing communications from us at any time by contacting us via the following methods;


1. Email us at providing your full name, address and postcode and the email address which you would have originally used.


2. You can also be removed from our email database by clicking the Unsubscribe link located in the footer of all marketing email communications from us.


How do we keep your data secure?

Critical Thinkers is committed to the security of customer information and we have security procedures in place to protect personal data from the accidental loss, misuse, unauthorised access, alteration or disclosure of information under Critical Thinker’s control. All the information you provide to us is protected by a secure server, this is shown as HTTPS:\\ before our website address in your browser. The secure server software SSL (Secure Socket Layers) encrypts all information you enter before it is sent to us. The information is only de-encrypted when it reaches our server.


Other than in relation to government / public authorities (over whom we have no control), we take appropriate steps to ensure that anyone to whom we pass your personal data for any reason agrees to keep it secure, only uses it for the purposes of providing their services and does not collect any personal data from you in the course performing their services.


We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.


How long do we keep personal data?

We will keep your information for as long as we need it for the purpose it is being processed for, we will keep the information for a period which enables us to handle or respond to any complaints, queries or concerns relating to the booking. The information may also be retained so that we can continue to improve your experience with us and send you marketing materials.


We will actively review the information we hold and delete it securely, or in some cases anonymise it, when there is no longer a legal, business or customer need for it to be retained.


Your rights

Under certain circumstances, you have rights under data protection laws in relation to your personal data. These include the right to:


  • The right to be informed – this is information on for what purpose we are processing it and what personal data we are processing.

  • The right of access – you have the right to be provided with copies of the personal data of you that we are processing as well as confirmation of the processing we are doing. You can do this by sending a “subject access request” to the contact details noted above for our consideration.

  • The right to rectification – if you think the personal data that we hold on you is wrong you can tell us and we will fix it.

  • The right to erasure (also known as the right to be forgotten) – if you want us to permanently delete the personal data we hold for you then you can ask us to do so.

  • The right to restrict processing – if you do not like how we are using your personal data then you can let us know and we will stop processing it in that way.

  • The right to data portability – if you want us to pass on your personal data to someone else then please let us know. This transfer should not affect the integrity or otherwise damage your personal data.

  • The right to withdraw your consent – you can withdraw your consent for us to process your personal data (if we have relied on your consent to process your personal data) at any time by contacting us. If we have relied only on your consent as the basis to process your personal data then we will stop processing your personal data at the point you withdraw your consent. Please note that if we can also rely on other bases to process your personal data aside from consent then we may do so even if you have withdrawn your consent.

  • Rights in relation to automated decision making and profiling – if we use either automated decision making or profiling then you have a right to know. Also, we need your consent if either of these is used to make a decision that affects you. As with all consent, you can withdraw it at any time.


Where you exercise your right to erasure (and we do not have another legal basis to hold on to that personal data) or where information is deleted in accordance with our retention policy, please note that after the deletion of your personal data, it cannot be recovered, so if you require a copy of this personal data please request this during the period we retain the data.


Where you exercise your right to request access to the information we process about you, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. We will try to respond to all legitimate access requests within one month.


If you believe that any of your personal data which we are processing is inaccurate or incorrect please contact us immediately by emailing



The Website is not intended for children and we will not knowingly collect any personal data from such persons and will immediately delete any such data identified as being that of a child.


As part of the services we provide, we may collect information about children from you to perform such services and we will treat such information securely.



You have the right to lodge a complaint with a supervisory authority in relation to processing of your personal data. In the UK the supervisory authority is the Information Commissioners Office (ICO). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.



You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of thisw may become inaccessible or not function properly.


Changes to this Privacy Policy

As and when necessary, changes to this Privacy Policy will be posted here. Where changes are significant, we may also email all our registered users with the new details, and where required by law, we will obtain your consent to these changes.

bottom of page