CPD Training
Sign in
Draft. This page is a template for review. Have qualified legal counsel review and adapt before relying on it.

Privacy Policy

Last updated: 2026-05-15

This Privacy Policy explains what personal information CPD Training (“we,” “us,” “our”) collects when you use this platform, how we use it, and what choices you have.

1. Who we are

CPD Training is operated by [legal entity — to be added] (“the operator”). The operator is the data controller for the personal information described in this policy.

2. Information we collect

2.1 Account information

When (and if) you create an account, we collect the email address you provide so we can authenticate you and send transactional messages (sign-in links, certificate confirmations, account notices).

2.2 Course progress

We record which slides and courses you have viewed and completed so you can pick up where you left off and so we can issue completion certificates accurately. Where possible, this is stored locally in your browser; once accounts are introduced, it will be associated with your account.

2.3 Technical data

Our hosting provider receives standard web request data (IP address, user agent, request path, timestamp) for the purposes of operating the service, preventing abuse, and diagnosing errors.

2.4 Cookies and similar technologies

We use only essential storage required to operate the service — primarily local storage in your browser to remember your course progress. We do not use third-party analytics or advertising cookies.

3. How we use your information

  • To provide the courses, track progress, and issue certificates
  • To authenticate you and prevent unauthorized access
  • To send transactional messages essential to using the service
  • To diagnose problems and operate the service securely
  • To comply with applicable legal obligations

We do not sell your personal information. We do not share it with third parties for marketing.

4. Service providers

The platform is built on these third-party services:

  • Vercel — application hosting and content delivery.
  • Supabase — database, authentication, and storage.

These providers process information on our behalf under their own privacy and security commitments. We may add additional providers (for example, an email provider for sign-in links) and will update this list when we do.

5. Data retention

Account and progress data is retained for as long as your account is active. You may request deletion at any time. Server-side technical logs are retained only as long as needed to operate the service and are typically rotated within 30 days.

6. Your rights

Depending on where you live (e.g., the EEA, the UK, California), you may have rights to:

  • Access the personal information we hold about you
  • Correct information that is inaccurate
  • Delete your account and associated information
  • Receive a copy of your data in a portable format
  • Object to or restrict certain processing, where applicable by law

To exercise these rights, contact us at the address below. We will respond within the time required by applicable law.

7. Children

This service is intended for working professionals. It is not directed to children under 16, and we do not knowingly collect personal information from children under 16.

8. International transfers

Your information may be processed in jurisdictions outside your own (typically the United States or the European Union, depending on the chosen Supabase and Vercel regions). Where required, we rely on standard contractual clauses or other lawful transfer mechanisms.

9. Security

We use commercially reasonable technical and organizational measures to protect your information, including encryption in transit, access controls on databases, and least-privilege deployment configurations. No service can guarantee perfect security; you use the platform at your own risk.

10. Changes to this policy

We may update this policy as the service evolves. Material changes will be communicated through the service. The “Last updated” date at the top of this page indicates when it was most recently revised.

11. Contact

For privacy questions or to exercise your rights, contact us at [contact email — to be added].