Privacy policy

WSET privacy policy

WSET is committed to protecting your privacy. At all times we aim to respect any personal information you share with us, or that we receive from others, and keep it safe. Note that your course provider will have its own privacy policy. We encourage you to review that privacy policy, as well.

This document sets out our data processing practices and your rights and options regarding the ways in which your personal information is used and collected. If you have any queries, please contact WSET’s data protection contact by emailing dpo@wsetglobal.com

 

1. Who we are and how to contact us

We are the Wine & Spirit Education Trust, a charity registered in England and Wales. Our Charity number is 313766 and our company number is 964179. Our registered address is 39-45 Bermondsey Street London SE1 3XF. Where we use the words “WSET” “we” “us” and “our(s)”, we are referring to the Wine & Spirit Education Trust.

If you have any questions about how we use your personal information or how we comply with our responsibilities, please contact us as follows:

Email: dpc@wsetglobal.com
Call: +44 (0)20 7089 3800
Write: 39-45 Bermondsey Street, London SE1 3XF

2. How we collect your personal information

We collect your personal information in a number of different ways, depending on how you engage with us. We have set out these methods below.

When you directly provide it to us directly

For example, when you subscribe to a WSET newsletter, respond to a WSET survey, or register for a WSET-hosted course or event.

From your chosen course provider

When you are registered for an examination with WSET, your chosen course provider (known as your Approved Programme Provider or ‘APP’) is required to provide WSET Awards with some of your personal information for the purpose of identification and managing your qualifications and results.

When our systems collect information or personal information indirectly

For example, whenever you use a website or mobile application. The most common type of information collected is in the form of cookies (cookies are small text files sent by your computer each time you visit our website) but can also include personal information transferred by the device you are using to access our website. The manufacturer of your device or the provider will have the details about what information your device shares. Please see our Cookies Policy for more information.

3. What personal information we collect

The type of information we collect depends upon your engagement with us. We may collect the following information about you:

(a) Your name, date of birth, gender and contact details (this could include your postal address, telephone numbers and email address);

(b) Purchases and orders made by you or on your behalf by your chosen course provider;

(c) Your payment card details (which are encrypted) when you purchase any products or services (should you pay for one of our products or services over the telephone or using one of our payment forms, your card details will not be retained and will be securely destroyed);

(d) When you set up any account with us, your login credentials;

(e) Your marketing preferences;

(f) Your correspondence with us;

(g) In certain situations, information relating to health which may be required to support applications for reasonable adjustment and/or special consideration in the context of examinations for WSET qualifications;

(h) Your ethnicity and/or racial origin and such other information as may be required by our regulator in connection with the delivery of WSET qualifications.

4. Why we collect your personal data

We use your personal information for a number of different reasons, which we set out below.

(a) To register you as a candidate with WSET Awards and enable you to sit examinations for WSET qualifications.

(b) To administer and conduct your examination, including making arrangements for reasonable adjustments and/or special considerations.

(c) To communicate with your course provider and issue your examination results and qualification certificate as appropriate.

(d) To provide you with post-results services such as enquiries against results and appeals and solicit feedback from you on WSET qualifications.

(e) To process your registration for any WSET-hosted courses or events so that we can deliver these services to you.

(f) To send you information regarding the course or event for which you are registered (or which you have registered interest in).

(g) To process sales of products or services you have purchased from us.

(h) To manage any account(s) for providing our online services including but not restricted to our Online Classroom and Global Campus where you have registered with us so that:

     (i) We can provide you with the relevant products and services;

     (ii) You can access relevant course materials;

     (iii) We can fulfil our services and communicate with you about them.

(i) To verify your identity.

(j) To carry out research to better understand your requirements on the relevant products and services.

(k) To personalise, report on and improve the services and products we provide to you, and to provide you with a best-in-class customer service experience.

(l) To send you marketing communications including information about our qualifications, upcoming events and links to our blogs.

(m) To investigate any potential maladministration, malpractice or other non-compliance in connection with the delivery of WSET qualifications.

5. Lawful processing

We are required to rely on one or more lawful grounds to collect and use the personal information we have outlined above. We consider the grounds listed below to be relevant:

Legitimate interests

Where applicable law allows us to collect and use personal information for our or another person’s legitimate interests, and the use of your personal information is fair, balanced and does not unduly impact your rights.

We rely on this ground to process your personal information when we believe that it is more practical or appropriate than asking for your consent. Where you provide information on the Online Classroom and Global Campus, we will rely on the legitimate interest ground to communicate with you in most instances.

Consent

Where we ask for your consent for our use of your personal information for a specific purpose. For example, we will ask for your consent to send you marketing materials via email. You always have the right to withdraw your consent.

Contract

Where it is necessary to use your personal information to fulfil a contract with you or to take steps at your request prior to entering into one. For example, when you sign up to the Online Campus and Global Classroom, you are asked to agree to our terms and conditions. This creates a contract between you and WSET. It may be necessary to use your information to update you about access to the Online Campus, or other such administrative matters.

Legal obligation

Where the processing of your personal information is necessary for us to comply with a legal obligation to which we are subject. For example, we may need to report matters from time to time to our regulators, including the Charity Commission and Ofqual.

6. Special Categories of personal information

Data protection law recognises certain categories of personal information as sensitive and therefore requiring more protection. These categories of data include information about health, ethnicity, and political opinions.

We may collect and/or use special categories of data in connection with the provision of our services, for example in order to make adjustments for any disabilities or dietary requirements you may have. We will only process these special categories of data if there is a valid reason for doing so and where the data protection laws allow us to do so.

7. Marketing communications - Opt-in and Opt-out

In general, WSET will not send you any marketing information unless you have requested to receive e-mail/text/social media message updates from us. However, if you have made a purchase from us in the past or contacted us in relation to one of our qualifications, we may contact you in the future about similar items or qualifications. We will always provide you with an opportunity to opt out of any further communication, as discussed more below.

For legal entities, such as companies, limited liability partnerships and other incorporated organisations, WSET operates, in compliance with the relevant data protection laws, an ‘opt-out’ policy. This means that we will continue to contact such businesses with news and information of our goods and services until we are informed that this communication is no longer required.

If you (whether an individual or a legal entity) wish to be removed from our direct marketing list and do not wish to receive any further information from us (opt-out) you can inform us of this by clicking on the link at the bottom of each email communication you receive from us, or by our Contact Us page. Once this information is received we will remove you from our direct marketing database.

8. Sharing your personal information with third parties

For us to provide you with products and services, we on occasion share some of your personal information with certain approved third parties. These include course providers, examiners, suppliers (for example, our IT services provider) and regulatory bodies (for example, Ofqual, the Charity Commission or Information Commissioner’s Office).

We reserve the right to disclose your personal information to third parties:

(a) in the event that we buy or sell any business or assets, in which case we may disclose your personal information to the prospective buyer or seller of such business or assets;

(b) if substantially all of our assets are acquired by a third party, personal information held by us may be one of the transferred assets;

(c) with our professional advisors e.g. lawyers, where necessary to protect our interests;

(d) if we are under any legal or regulatory obligation to do so; and

(e) in connection with any legal proceedings or prospective legal proceedings, in order to establish, exercise or defend our legal rights.

If we share your information with any other third party, we will let you know in advance.

9. How do we keep your personal information secure?

We are committed to maintaining the security of your personal information. We conduct a data security review of any third party we are required to share your personal information with to ensure that they meet our high security standards.

Every company we work with is required to have a contract with us that clearly describes how your personal information is kept secure.

We will only ever share data specific to its intended use.

Specific details of what data we have shared are available to you on request.

10. International Data Transfers

While WSET is based in the UK, our reach is international with candidates and course providers based around the world. This means that it is possible that personal information we collect from you will be transferred to and stored in a location outside the UK or the EEA.

Please note that certain countries outside of the UK or EEA have a lower standard of protection for personal information, including lower security protections. Where your personal information is transferred, stored, and/ or otherwise processed outside the UK or EEA in a country which does not offer an equivalent standard of protection to the UK or EEA, we will take all reasonable steps necessary to ensure that the recipient implements appropriate safeguards designed to protect your personal information. For instance we may use cloud providers to store personal information who have servers in the US and are signed up to the Privacy Shield. If you have any questions about the transfer of your personal information, please contact us using the details above.

11. Data retention – how long do we hold your personal information

We will not hold your personal information for longer than is necessary for the purposes described in this policy. If, however, you have completed one of our qualifications we will retain your information for a longer period, in order to comply with our regulatory obligations.

For full details about our retention policy, please contact dpc@wsetglobal.com

12. Your rights 

You have several rights under data protection law, these are summarised below.

The right to be informed

You have the right to total transparency on how we are using your personal information, we will endeavour to make this clear by ensuring that this document is regularly reviewed and updated, but if you have any concerns or questions please send them to our data protection contact at dpc@wsetglobal.com.

Your right of access

You have the right to know what information we hold about you and how it is processed. If you wish to access your personal information, contact dpc@wsetglobal.com. If we are satisfied that you have a right to see this personal information and we are able to confirm you identity, we will, except in very limited circumstances provide you with this personal information.

The right to rectification

If you think that the information we hold about you is inaccurate or incomplete, or if your contact details change, please ask us to amend it by contacting dpc@wsetglobal.com.

The right to erasure

You reserve the right to ask us to delete your personal information; however, this is not an absolute right. We can refuse to erase personal information which we need to keep in order to comply with legal obligations. For example, we are required by HMRC to keep personal information for up to 6 years for VAT reporting purposes, and in relation to investigations by law enforcement agencies or the Information Commissioner’s Office.

When you ask us to delete your personal information, we may clarify with you as to whether instead you no longer wish to hear from us again. If this is the case, we may retain limited information about you to make sure you are removed from all future marketing lists.

The right to transfer your personal information (known as data portability)

You have the right to move, copy or transfer your personal information from one organisation to another. If you wish to transfer your personal information, we would be happy to help. If you ask for a data transfer, we will give you a copy of your personal information in a structured, commonly used and machine-readable form (for instance, in a CSV file format). We can provide the personal information to you directly. When making a transfer request, it would be helpful if you can identify exactly what personal information you wish us to transfer. We will comply with your request within one month or, if the request is complex or there are several requests from you, within two months.

The right to object

If you would like us to stop processing your personal information:

(a) for marketing purposes;

(b) on the basis of legitimate interests; and/or

(c) for research purposes

simply let us know by contacting dpc@wsetglobal.com

If you would like to exercise any of the above rights, or if you have any questions or complaints, please contact dpc@wsetglobal.com

You also have the right to contact and raise an issue with the Information Commissioner’s Office. You can find the relevant details on their website: https://ico.org.uk/

13. Policy Update

We may update this policy from time to time to take account of any new business activity or to reflect any changes in law or best practice in relation to data protection. We will seek to make you aware of any significant changes to this policy by placing an update notice on our website.

Website privacy and cookie policy

What is this policy for?

This privacy policy is for this website www.wsetglobal.com and served by Wine & Spirit Education Trust (WSET) and governs the privacy of its users who choose to use it.

The policy sets out the different areas where user privacy is concerned and outlines the obligations & requirements of the users, the website and website owners. Furthermore, the way this website processes, stores and protects user data and information will also be detailed within this policy.

The Website

This website and its owners take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience. This website complies to all UK national laws and requirements for user privacy.

Use of Cookies

This website uses cookies to better the users experience while visiting the website. Where applicable this website uses a cookie control system allowing the user on their first visit to the website to allow or disallow the use of cookies on their computer / device. This complies with recent legislation requirements for websites to obtain explicit consent from users before leaving behind or reading files such as cookies on a user's computer / device.

Cookies are small files saved to the user's computer’s hard drive that track, save and store information about the user's interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.

Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors.

This website uses tracking software to monitor its visitors to better understand how they use it. This software is provided by Google Analytics which uses cookies to track visitor usage. The software will save a cookie to your computer’s hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information. You can read Google's privacy policy here for further information [http://www.google.com/privacy.html].

Other cookies may be stored to your computer’s hard drive by external vendors when this website uses referral programs, sponsored links or adverts. Such cookies are used for conversion and referral tracking and typically expire after 30 days, though some may take longer. No personal information is stored, saved or collected.

Contact & Communication

WSET complies with its obligations under current data protection legislation, the Data Protection Act 2018. We will only use your personal information for the purposes we clearly state at the point at which you provide it to us – for example, when you register for one of our events, submit an enquiry, subscribe to our newsletter, or order any of our products or services.

We will only share your personal information with our employees, contractors, agents or professional advisors where it is necessary to fulfil a valid, stated purpose, as above. Each marketing message we send you, whatever medium, will also include an appropriate and easy way for you to opt out of receiving further communications of that type.

For more details on how and why we store your personal data and your rights please see our full  Privacy Policy.

Email Newsletter

This website operates an email newsletter program, used to inform subscribers about products and services supplied by this website. Users can subscribe through an online automated process should they wish to do so but do so at their own discretion. Some subscriptions may be manually processed through prior written agreement with the user.

Subscriptions are taken in compliance with UK Spam Laws detailed in the Privacy and Electronic Communications Regulations 2003. All personal details relating to subscriptions are held securely and in accordance with the Data Protection Act 2018. No personal details are passed on to third parties nor shared with companies / people outside of the company that operates this website. Under the Data Protection Act 2018 you may request a copy of personal information held about you by this website's email newsletter program by emailing our data protection officer at dpo@wsetglobal.com. Please see our full  Privacy Policy for more details.

Email marketing campaigns published by this website or its owners may contain tracking facilities within the actual email. Subscriber activity is tracked and stored in a database for future analysis and evaluation. Such tracked activity may include; the opening of emails, forwarding of emails, the clicking of links within the email content, times, dates and frequency of activity [this is by no far a comprehensive list].

This information is used to refine future email campaigns and supply the user with more relevant content based around their activity.

In compliance with UK Spam Laws and the Privacy and Electronic Communications Regulations 2003 subscribers are given the opportunity to un-subscribe at any time through an automated system. This process is detailed at the footer of each email campaign. If an automated un-subscription system is unavailable clear instructions on how to un-subscribe will be detailed instead.

External Links

Although this website only looks to include quality, safe and relevant external links, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website. (External links are clickable text / banner / image links to other websites.)

The owners of this website cannot guarantee or verify the contents of any externally linked website despite their best efforts. Users should therefore note they click on external links at their own risk and this website and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.

Adverts and Sponsored Links

This website may contain sponsored links and adverts. These will typically be served through our advertising partners, who may have detailed privacy policies relating directly to the adverts they serve.

Clicking on any such adverts will send you to the advertisers’ website through a referral program which may use cookies and will track the number of referrals sent from this website. This may include the use of cookies which may in turn be saved on your computer’s hard drive. Users should therefore note that they click on sponsored external links at their own risk and this website and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.

Social Media Platforms

Communication, engagement and actions taken through external social media platforms that this website and its owners participate on are governed by the terms and conditions as well as the privacy policies held with each social media platform respectively.

Users are advised to use social media platforms wisely and communicate / engage upon them with due care and caution regarding their own privacy and personal details. Neither this website nor its owners will ever ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.

This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.

Shortened Links in Social Media

This website and its owners through their social media platform accounts may share web links to relevant web pages. By default, some social media platforms shorten lengthy URLs [web addresses]. Users are advised to take caution and good judgement before clicking any shortened URLs published on social media platforms by this website and its owners. Despite the best efforts to ensure only genuine URLs are published many social media platforms are prone to spam and hacking and therefore this website and its owners cannot be held liable for any damages or implications caused by visiting any shortened links.

Policy Update

We may update this policy from time to time to take account of any new business activity or to reflect any changes in law or best practice in relation to data protection. We will seek to make you aware of any significant changes to this policy by placing an update notice on our website.

This policy was last updated on August 1, 2018