Privacy NOTICE


This privacy notice is a public declaration of how Knowledgepool (Part of Capita Group plc) apply the Data Protection Principles & Rights afforded under the General Data Protection Regulation (GDPR) to the personal data that we process.

We are committed to complying to the 6 principles relating to the processing of personal data under the GDPR in all that we do. These principles are:

  • Lawfulness, fairness & transparency

  • Purpose limitation

  • Data minimisation

  • Accuracy

  • Storage limitation

  • Integrity and confidentiality


We may collect personal data from our website, via phone, email or other data links from our Clients, these include:

  • Your name, and contact information such as address, email address and telephone number, as well as your date of birth, national insurance number (or other tax identification number) and your passport number or national identity card details, country of domicile and your nationality. We may also allocate you a unique ID number

  • Information relating to your enrolments, the courses or events you have or intended to attend and/or completed, dates of study and examination results. We will also keep records relating to assessments of your work, details of examinations taken and actual examination results and other information in your learner record

  • Employment records and history

  • Telephone are recorded for training and monitoring purposes; any calls will be trans-scripted and user details anonymised

  • Any other requirements to fulfil the client’s contract of services

  • Sensitive personal data and information including:

    • Information concerning your medical conditions or Mobility Impairment (e.g. disability)



We will not without your express consent provide your personal information to any third parties for direct marketing.  Any personal information you submit to us will be used for the purposes specified in this privacy statement which will include:

  • Understanding your needs and provide you with a better service

  • Delivery of educational courses including:

    • The provision of our core teaching and learning services (e.g. registration, assessment, attendance, managing progress, misconduct investigations, certification, graduation)

    • Maintaining learner records

    • Maintaining Trainer/ Associate skills

    • Conduct internal training to improve services

    • The use of third party trainers for delivering courses to service our client contractual obligations

  • To provide work seeking services for any associate services

  • Providing library, IT and information services

  • Non-educational matters in support of our core services, including:

    • Event management and attendance

    • Safeguarding and promoting the welfare of learners

    • Ensuring learners safety and security

    • Managing the use of social media

    • Assisting with careers transitions through consultation

  • Administering finance (e.g. invoicing, purchase orders, payments)

  • Other administrative purposes, including:

    • Recruitment

    • Associate Management

    • Carrying out research and statistical analysis and reporting

    • Carrying out audits (e.g. to ensure compliance with our regulatory and legal obligations)

    • Providing operational information (e.g. providing IT support, information about building closures or access restrictions on site or safety advice)

    • Promoting our services

    • Recording any near miss and actual accidents/injuries to comply with Health and Safety legal obligations

    • Dealing with grievances and disciplinary actions

    • Dealing with complaints and enquiries

  • If you choose to download our reports or white papers or to register to news, events and alerts, we will use the information you provide us to:

    • Send you the content requested

    • Inform our marketing strategy

    • Enhance our thought leadership content

    • Send you related information that we believe will be of interest to you.

Where we are processing your information on behalf of clients and they are identified as the data controller, then you should refer to their privacy notices in the first instance to understand how your data is processed.



The legal basis for processing your data is for legitimate business interests and on occasions where we are processing your personal data for the performance of a service contract with yourself or our client. In this respect, we use your personal data for the following:

  • To interact with you before you are enrolled as a learner, as part of the learner enrolment process (e.g. to send you a prospectus or answer enquiries about our courses)

  • To perform audit responsibilities as per our client’s service contract

  • Once you have enrolled, to provide you with joining instructions which may include pre-assignment details as set out in our course prospectus

  • To deal with any concerns or feedback you may have

  • For any other purpose for which you provide us with your personal data

We will process your personal data as part of our contractual obligations when working with associate workers and other supplier chain services, where we’ll hold a contract directly with yourself and may use your personal data for the following:

  • Provide worker seeking services to match workers with the relevant client work

  • Undertake pre-employment screening

We may also process your personal data for our compliance with our legal obligations. In this respect, we may use your personal data for the following:

  • To meet our compliance and regulatory obligations, such as compliance with anti-money laundering laws and safeguarding requirements

  • Reporting accidents and incidents for the Health & Safety Executive (HSE)

  • In order to assist with investigations (including criminal investigations) carried out by the police and other competent authorities

For any other processing not covered by the above, we will obtain consent before using any of your personal data.


We may disclose information about you to any of our employees, officers, suppliers insofar as reasonably necessary to fulfil our obligations for the purposes as set out in this privacy statement.

We may share limited information with other Capita Businesses for legitimate purposes as part of our necessary obligations for internal reporting, processing of invoices and payments and to update existing customers of service and product updates or opportunities available within Capita plc Group

In addition, we may disclose your personal information:

  • To the extent that we are required to do so by law

  • Regarding any legal proceedings or prospective legal proceedings

  • To establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk)

  • To the purchaser (or prospective purchaser) of any business or asset which we are (or are contemplating) selling and

  • We may disclose to clients for work seeking services to allow us to match you to appropriate supplier opportunities.

  • To any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information

Except as provided in this privacy statement, we will not provide your information to third parties without your prior consent.



Information that we collect may be stored, processed and transferred between any of the countries in which we operate in or supply from to enable us to use the information in accordance with this privacy statement. International transfers outside of the EU, e.g. Capita India and the US will be managed under Privacy Shield agreed terms or via other adequate security assessments and data protection controls (including EU model clauses) to enable us to carry out our service obligations to our clients, suppliers and business partners.

There is no systematic transfer of data outside of the EU for any other purpose than outlined above.



Knowledgepool takes information security extremely seriously.

We will store all the personal information you provide on our secure (password- and firewall- protected) servers. Where possible we will encrypt electronic transactions you make to or receive from us.

You are responsible for keeping your password and user details confidential. We will not ask you for your password (except when you log in to our systems).

Knowledgepool retains your personal information in line with Capita and Knowledgepool specific retention periods and if stipulated within client contracts and does not seek to retain data for any longer than necessary to carry out our service and fulfil our statutory and contractual obligations. For further details on retention periods on your personal data please use the contact details below.



Knowledgepool is the data controller for the information you provide during the process unless otherwise stated. If you have any queries about the process or how we handle your information please contact us at



Our website may contain links to other websites which may not be covered by our privacy notice or security measures, therefore you should exercise caution and look at the privacy statement applicable to the website in question.



Knowledgepool recognises the rights of data subjects under the GDPR which include;

  • The right to be informed
    You have the right to be informed about the personal data we collect, how Knowledgepool process personal data, how long we retain the data and who we share that data with

  • The right of access
    You have the right to access your personal data and supplementary information this allows you as the individual to be aware of and verify the lawfulness of the processing.  This can be requested through a “Subject Access Request” SAR in writing to:

  • The right to rectification
    You are entitled to have your personal data amended (rectified) if this is inaccurate or incomplete, and if this information has been shared with a third party

  • The right to erasure
    This is also known as the ‘right to be forgotten’, you are able to request for your personal data to be deleted or removed where there is no compelling reason for its continued processing

  • The right to restrict processing
    You have the right to ‘block’ or ‘supress’ the processing of your personal data. When processing is restricted, Knowledgepool is permitted to store the personal data but we may not carry out any further processing and we can only retain enough information about the individual to ensure that the restriction is respected in future

  • The right to complain to the Supervisory Authority – Information Commissioner’s Office

  • Rights related to automated decision making and profiling
    You have the right not to be subjected to automated decision making and profiling, this can only be carried out be us when;

  • necessary for the entry into or performance of a contract; or

  • authorised by Union or Member state law applicable to the controller; or

  • based on your explicit consent.

  • The right to data portability

This allows you to obtain and reuse your personal data for your own purposes across different services. It allows you to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability

  • The right object
    You have the right to object to:

  • processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling)

  • direct marketing (including profiling) and

  • processing for purposes of scientific/historical research and statistics

For further information on your rights as an individual please refer to the ICO website –



When someone visits we use a third-party service, Google Analytics. We use Google Analytics to collect information about visitor behaviour on our website. Google Analytics stores information about what pages you visit, how long you are on the site, how you got here and what you click on.

We have also implemented Google Analytics Demographics and Interest Reporting. This is used to gain an insight into the age, gender and interests of our users to help us make decisions on how to improve the website in the future. Users can opt out of this reporting by visiting Google Ads Settings.

You can find out more about Google’s position on privacy as regards its analytics service at

Visitors may choose to opt-out of Google Analytics tracking with the Google Analytics opt-out browser add-on.



Cookies are small text files which are planted by this website on your computer’s hard drive. They enable our site to “remember” who you are.

Cookies are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.

For further information on how we use cookies please refer to our “Cookies and Web Beacons” Policy



Please contact us if you have any questions about our privacy policy or any information we have of you:

  • By phone: +44(0)800 0294500

  • Email:

  • Or write to us at 1st Floor, Reading Bridge, Reading, Berkshire, RG1 8LS, United Kingdom

If you are unhappy with our response, you have the right to complain to the Supervisory Authority, the details of which are below:

Supervisory Authority: Information Commissioner’s Office (ICO)





Knowledgepool in certain instances will be the data controller or joint data controller of your information, however in most occasions we will be a data processor and our client (your employer or hiring company will be the data controller). In such circumstances, you should check with your employer’s or hiring company’s privacy notices on how your personal data is used and retained.

The data controller responsible in respect of the information collected on this website is Knowledgepool.

ICO Registration Number: Z8720317



We may update this privacy statement from time-to-time by posting a new version on our website. You should check this page occasionally to ensure you are happy with any changes.

We may also notify you of changes to our privacy statement by email.