header image

Privacy & Cookies policy


This privacy policy applies to personal information about vsitors to our website and customers who purchase goods or services or create an account with us.

Green Skills Training Academy
A brand of Maydencroft Ltd

Last updated: December 2025.

1. About this policy

This privacy and cookies policy explains how Green Skills Training Academy collects, uses and protects your personal information when you use our website and training services. Green Skills Training Academy is a wholly owned brand of Maydencroft Ltd. All references to “we”, “us” or “our” mean Maydencroft Ltd.

This policy replaces all previous Green Skills Training Academy and Maydencroft privacy and cookies statements. It has been updated to reflect that the entire www.greenskillstraining.co.uk website operates on the Arlo.co training management platform.

2. Who we are

Data Controller:
Maydencroft Ltd
Registered Office: Maydencroft Manor, Gosmore, Hitchin, Hertfordshire SG4 7QA
Company number: 03636497
Email: info@maydencroft.co.uk

Maydencroft Ltd is the data controller for all processing carried out through the Green Skills Training Academy website and training services.

3. How our website works

The entire www.greenskillstraining.co.uk website runs on the Arlo.co training management platform. Arlo provides the website, course listings, online booking, payment processing integration, customer account functions and automated communications.

Arlo acts as a data processor on our behalf. Arlo uses its own sub-processors, hosting infrastructure and integrated services to operate the platform securely. Arlo maintains an up-to-date list of its sub-processors at:
https://support.arlo.co/hc/en-gb/articles/360000578243-sub-processors

Eventbrite is no longer used for any part of our service.

3.1 Arlo security, compliance and trust information

Arlo operates a comprehensive security and privacy programme. Visitors can access the Arlo Trust Center for the latest information on security controls, privacy practices, compliance certifications and documentation:
https://trust.arlo.co/

Through the Arlo Trust Center, visitors can:

  • access SOC 2 Type 2 reports
  • review security policies
  • review privacy practices
  • request compliance documentation including SOC 2, PCI DSS and GDPR materials
  • contact the Arlo security team

Additional information from Arlo includes:

Arlo is SOC 2 compliant. Further details are available in their announcement:
https://www.arlo.co/blog/announcing-soc-2-compliance-at-arlo

4. What personal data we collect

4.1 Information you provide directly

  • name and contact details
  • job title and employer
  • booking information for courses
  • payment information (handled through secure payment gateways; we do not store card details)
  • dietary or access requirements
  • correspondence with us

4.2 Information collected automatically

  • IP address
  • browser type and device
  • pages viewed
  • referral links
  • cookie identifiers

4.3 Special category data

Only where necessary to deliver courses safely. For example:

  • health or medical information for safety reasons
  • accessibility needs

Collected only with your explicit consent.

5. How we use your personal data

5.1 To deliver our training services

  • processing bookings
  • managing attendance
  • issuing certificates
  • contacting you with essential course information

5.2 To operate and improve our website

  • secure logins
  • remembering preferences
  • analytics and site performance

5.3 To meet legal obligations

  • training records
  • health and safety requirements
  • financial reporting and audits

5.4 To send marketing communications

We send marketing messages only where permitted by law. You can opt out at any time.

6. Legal bases for processing

We rely on:

  • Contract
  • Legal obligation
  • Legitimate interests
  • Consent (for marketing and special category data)

7. How we share your information

7.1 Arlo

Arlo is our primary data processor for all website and booking-related processing. Arlo’s sub-processors are documented at:
https://support.arlo.co/hc/en-gb/articles/360000578243-sub-processors

7.2 Payment processors

Arlo integrates with secure payment providers such as Stripe or Windcave. These providers manage card data and process payments on our behalf.

7.3 Training partners

We share only the information needed for instructors to deliver training.

7.4 Legal or regulatory requirements

We may share data where required by law or with awarding bodies.

We do not sell your data.

8. International transfers

Arlo and some of its sub-processors may operate outside the UK or EEA. Appropriate safeguards, such as Standard Contractual Clauses, are in place. Arlo’s Data Protection documentation is available at:
https://support.arlo.co/hc/en-gb/sections/360000113523-Data-Protection

9. Data retention

We keep data only as long as required. Typical periods:

  • bookings and financial records: up to 7 years
  • training compliance or certification records: up to 10 years
  • enquiries not leading to a booking: up to 12 months
  • marketing preferences: until you opt out
  • special category data: retained only for the delivery of the course

10. Cookies

10.1 What are cookies

Cookies are text files placed on your device to support website functionality and improve your experience. Because our website runs entirely on Arlo, the cookies used are those required by the Arlo platform.

10.2 Cookies used on this site

ARLOSESSIONID

Purpose: Maintains your session when navigating the site and completing bookings. Supports essential security and functionality.
Type: Strictly necessary
Typical retention: Session only

ARLOLOGIN

Purpose: Remembers that you are logged into your Arlo account so you can access bookings and your profile.
Type: Strictly necessary
Typical retention: Session or up to 24 hours

ARLOCART

Purpose: Stores items added to your course booking cart so you can complete registration.
Type: Strictly necessary
Typical retention: Session or until booking is completed

ARLOCONSENT

Purpose: Records your cookie preferences so we do not ask on every visit.
Type: Functional
Typical retention: Up to 12 months

ARLOPREFS

Purpose: Stores display or language preferences where available.
Type: Functional
Typical retention: Up to 12 months

_ga (Google Analytics)

Purpose: Enables anonymous analytics to help us understand site usage and improve course content and navigation. Only used with your consent.
Type: Performance
Typical retention: Up to 2 years

_gid (Google Analytics)

Purpose: Provides short-term analytics on how visitors use the site. Only used with your consent.
Type: Performance
Typical retention: 24 hours

ARLOTRACK

Purpose: Provides anonymous data on page views and booking funnel activity so we can improve site usability. Only used with your consent.
Type: Performance
Typical retention: Up to 12 months

10.3 Managing cookies

You can manage cookie preferences through our cookie consent tool or through your browser settings. Some cookies are strictly necessary for the website to function and cannot be disabled.

11. Your rights

You have the right to:

  • access your personal data
  • correct inaccurate data
  • request deletion where appropriate
  • restrict or object to processing
  • withdraw consent
  • receive your data in a portable format
  • complain to the ICO

12. How to contact us

Data Protection Lead
Maydencroft Ltd
Email: info@maydencroft.co.uk
Address: Maydencroft Manor, Gosmore, Hitchin, Hertfordshire SG4 7QA

13. Changes to this policy

We may update this policy from time to time. Any updates will be published on this page with a new revision date.