Privacy Statement for eQS Group Websites

 Protecting Your Privacy and Data at eQS Group

Introduction

At eQuality Solutions Group Limited (the Group), we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Statement explains how we collect, use, store, and protect information that you provide to us when you visit any of our websites, use our services, or interact with us online. Our practices are designed to comply with all applicable data protection and privacy laws, including the UK Data Protection Act 2018 (DPA2018)  and the UK General Data Protection Regulation (GDPR) and other relevant regulations.

Who We Are

The Group comprises the following companies, and this document relates to all of them. All Group companies are registered at UK Companies House, and all share the same registered office of  9 Apollo Court, Koppers Way, Monkton Business Part South, Hebburn, Tyne and Wear, NE31 2ES, England. The table  below confirms the Group companies legal names, Companies House registration numbers and Information Commissioner’s Office (ICO) registration numbers:

Group companies are providers of practical and effective solutions and services that remove barriers to learning, in education, work, and life, operating in the UK. For the purposes of data protection legislation, the Group company that you interact with is classed as the “data controller” of your personal data. If you have any questions or concerns about this Privacy Statement or our data practices, you may contact us at:

• Email: dpo@e-q-s.com
• Postal Address: 9 Apollo Court, Koppers Way, Monkton Business Park South, Hebburn, Tyne and Wear, NE31 2ES
• Phone: 0191 230 6686

Personal Information We Collect

We may collect and process the following types of personal information:

• Contact Information: Such as your name, email address, postal address, and phone number when you fill out forms on any of our websites or communicate with us.
• Account Information: If you register for an account, we collect username, password, and other information necessary to create and secure your account.
• Usage Data: Information about your use of any of our websites, including IP address, browser type, operating system, referring URLs, device identifiers, and pages visited.
• Cookies and Tracking Technology: Data collected through cookies and similar technologies to enhance user experience and analyse website usage (see our Cookie Policy for details).
• Marketing and Communications: Preferences for receiving communications from us and details of your interactions with our marketing materials.
• Customer Support: Records and copies of your correspondence with us, including when you contact our support teams.
• Transaction Information: Details of products and services you have purchased or enquired about, and payment data (where applicable and processed securely).

How We Use Your Information

Your personal data will be used for the following purposes:

• To provide, operate, and maintain our websites and services.
• To manage your registration as a user of our websites and support user account functionality.
• To respond to your enquiries, comments, and support requests.
• To personalise and improve your experience on our websites.
• To send you information about our services, updates, and news, (with your consent where required).
• To process transactions and manage orders for products or services you have requested.
• To ensure the security, integrity, and proper functioning of our websites and systems.
• To comply with legal obligations and respond to lawful requests from regulatory authorities.
• To conduct research, analytics, and reporting to improve our offerings.

Legal Basis for Processing

We process your personal data on one or more of the following legal grounds:

• Your consent, where you have provided it for a specific purpose (e.g., receiving marketing materials).
• The performance of a contract with you or in order to take steps at your request prior to entering into a contract.
• Compliance with legal obligations to which we are subject.
• Our legitimate interests, such as improving our websites, enhancing security, and direct marketing (subject to your rights and interests).

Sharing Your Information

We do not sell your personal information to third parties. We may share your information with:

• Service providers and business partners who assist us in delivering our services, maintaining our websites, or supporting business functions (e.g., hosting providers, analytics services, customer support).
• Law enforcement agencies, regulators, or other authorities where required by law or to protect our rights and the rights of others.
• Other companies in the Group that you may not be dealing with directly, but where we need to for internal administrative purposes and to provide you with a seamless service experience.
• Successors in the event of a merger, acquisition, or sale of all or part of our business, in which case your information may be transferred as part of that transaction.

All third-party recipients are required to maintain the confidentiality and security of your information and to use it only for the purposes for which we disclose it.

International Data Transfers

We do not share data with service providers outside the UK, although we do reserve the right to do so if it enhances your experience of our websites and services. This may include providers who are based outside the European Economic Area (EEA).

Were we to transfer data internationally we would ensure appropriate safeguards are put in place to protect your information, such as Standard Contractual Clauses approved by the Information Commissioners Office or equivalent data transfer mechanisms.

Data Security

We take the security of your data seriously and implement technical and organizational measures to protect it from unauthorized access, loss, disclosure, alteration, or destruction. These measures include:

• Encryption of data in transit and at rest where appropriate.
• Access controls and authentication measures.
• Regular security assessments and staff training.
• Data minimisation and retention policies aligned with legal requirements.

Your Rights

You may have the following rights regarding your personal information:

• The right to access your personal data and receive a copy of the information we hold about you.
• The right to correct or update inaccurate or incomplete personal data.
• The right to request erasure of your personal data in certain circumstances.
• The right to restrict or object to the processing of your personal data.
• The right to data portability, allowing you to obtain and reuse your personal data for your own purposes across different services.
• The right to withdraw your consent at any time, where processing is based on consent.
• The right to lodge a complaint with a supervisory authority if you believe your rights have been violated.

To exercise any of these rights, please contact us at dpo@e-q-s.com

Retention of Your Data

We will retain your personal information only as long as necessary to fulfil the purposes for which it was collected, to comply with our legal obligations, resolve disputes, and enforce our agreements. When data is no longer required, we will securely erase or anonymise it.

Cookies and Similar Technologies

Our websites use cookies and similar technologies to enhance your browsing experience, analyse usage, and provide tailored content. You can manage your cookie preferences through your browser settings or via our Cookies Policy. For more information, please see our dedicated Cookies Policy page.

Links to Other Websites

Our websites may contain links to external sites operated by third parties. This Privacy Statement does not cover those sites, and we are not responsible for their privacy practices. We encourage you to review the privacy statements of any third-party sites you visit.

Children’s Privacy

The Group is committed to protecting the privacy of children and young people who interact with our websites and services. In accordance with DPA2018, GDPR,  and the ICO’s Children’s Code (Age-Appropriate Design Code), we take extra care when collecting and processing personal data from individuals under the age of 18.

Our websites are not primarily directed at children. However, in certain circumstances—such as participation in educational programmes, surveys, or services specifically designed for young people—we may collect and process children’s personal data. Where this occurs, we ensure:

• A lawful basis for processing, including obtaining parental or guardian consent where required.
• Data minimisation, collecting only what is necessary for the specific purpose.
• High privacy settings by default, with no profiling or geolocation unless it is demonstrably in the child’s best interests.
• Clear and age-appropriate communication, ensuring children and their guardians understand how their data is used.
• Enhanced safeguards, including secure storage and restricted access to children’s data.

Children (or their parents/guardians) have the right to access, correct, or request deletion of personal data at any time. If you believe we have collected data from a child inappropriately, please contact our Data Protection Officer using the details provided in the contact us section below.

Changes to This Privacy Statement

We may update this Privacy Statement from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. Any changes will be posted on this page with an updated effective date. We encourage you to review this Privacy Statement regularly.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Statement or our data handling practices, please contact us at:

• Email: dpo@e-q-s.com
• Postal Address: 9 Apollo Court, Koppers Way, Monkton Business Park South, Hebburn, Tyne and Wear, NE31 2ES
• Phone: 0191 230 6686

Your trust is important to us, and we are committed to protecting your privacy every step of the way.

Monitoring and Review

This statement was created on 18 August 2025 and will be reviewed annually  or following significant legislative changes and, if necessary, amended to ensure that it remains effective.

The next review is scheduled for August 2026 unless legislation or operational guidance changes in the interim.

Please also be aware that this document was designed prior to the enactment of the new Data (Use and Access) Act which came into force on 19 June 2025. Guidance is under review at the ICO and this document may be subject to change in the next 12 months – this is still to be confirmed.

Version Control