Terms and Conditions, Privacy Policy & GDPR

Terms and Conditions

Limitation of Liability

To the fullest extent permitted by law, ZATZ Ltd, including its shareholders, directors, employees, sales representatives, telesales staff, course authors, contractors, third-party content providers, and anyone otherwise associated with the company or its premises, shall not be held liable under any legal theory for any damages—whether direct, indirect, incidental, consequential, special, or punitive.
This includes, but is not limited to, damages arising from:

  • Actions taken by individuals or departments based on course content
  • Business interruption or cessation of work
  • Loss of data, productivity, contracts, or commercial opportunities
  • Technical or computer-related issues
Geographical Relevance

The content of our courses is designed specifically for the Construction Industry within England, Wales, and Scotland. Applicability outside these jurisdictions may vary.

Responsibility of Learners and Employers

ZATZ Ltd cannot be held responsible for any failure by individual workers or departments to act in accordance with the training provided. It is the responsibility of employers and learners to ensure that course content is properly understood and implemented in the workplace.

Course Updates and Accuracy

We take all reasonable steps to ensure that our course content remains current and legally accurate, including regular updates in line with changes to legislation, standards, and industry best practices.

Licensing Notice

This course includes public sector information licensed under the Open Government Licence v3.0.

Privacy Policy

Personal Information Collection

ZATZ Ltd may collect limited personal data, such as names or contact details, when individuals access or interact with our website or services. This information is gathered with user awareness and is only used for specified purposes, including updates, service-related communications, and promotional content (where consent has been granted).

Website Usage Data and Cookies

When visiting our website, certain information may be automatically logged. This includes, but is not limited to, IP addresses, browser settings, device type, and navigation behaviour on our site. Analytical tools such as Google Analytics may be used to assess this data for service improvements.
Cookies are also used to support functionality and enhance the browsing experience. Users may disable cookies via browser settings, although some site features may be impacted.

Use and Disclosure of Personal Data

We may use personal information to deliver service notices or promotional materials (opt-in only). On rare occasions, and strictly to enhance service quality, site data may be shared with trusted third-party providers.
Under the UK GDPR, you have the right to request removal of your personal data or unsubscribe from any marketing activity.

Information Protection

We employ commercially reasonable safeguards to protect personal data. However, no data transmission method over the internet or storage mechanism is entirely immune to risk. Users should understand that 100% security cannot be guaranteed. While we aim for the highest degree of security, we cannot absolutely ensure it.

Amendments to Policy

This Privacy Policy may be revised at any time without prior notice. Any updates will be published on our website. Continued use of our services following changes indicates your acceptance of the revised terms. For material changes, we may issue direct notifications via email or site alerts.

Access Duration and Payment Terms

Course access is granted for a fixed 12-month term. This access is non-refundable once initiated. While advance payment is not mandatory, the full balance must be cleared within 60 days unless an alternative arrangement is agreed. Failure to settle within this period may result in temporary or permanent suspension of access.

Renewal Policy and User Control

Our service operates without automatic renewal or recurring charges. If you choose not to renew after 12 months, your access will be removed, and all user data, including progress and certificates, will be permanently deleted.
Employers manage their training academies independently and are responsible for adding, removing, or updating users. Deleted user data cannot be restored.

Platform Maintenance

ZATZ Ltd may carry out scheduled or unscheduled system maintenance to support the industry-leading standard we aim for. This may lead to brief service interruptions, which we aim to keep minimal.

Copyright and Usage Restrictions

All course materials, including tests, content, and supporting documents, remain the intellectual property of ZATZ Ltd. Any form of unauthorised reproduction, distribution, or disclosure, whether by an individual or organisation, is strictly forbidden.

Employer Control and User Rights

Training services are provided to the contracting organisation, not individual users. The employer retains full administrative rights over their academy and associated data. It is their responsibility to manage access and delete data in accordance with internal agreements. ZATZ Ltd is not responsible for enforcing or managing agreements between employers and employees.

User Conduct

ZATZ Ltd has a strict policy against aggressive, offensive, or abusive conduct in any form: verbal, written, or otherwise. We reserve the right to restrict or revoke access from any user or organisation found in breach of this standard.

Complaint Handling

We value all customer feedback and satisfaction whilst handling complaints with utmost seriousness. Any formal concerns raised will be promptly escalated to the Managing Director for review and resolution.

GDPR Policy

Commitment to Data Protection

ZATZ Ltd is committed to safeguarding personal data and ensuring full compliance with the UK General Data Protection Regulation (UK GDPR). This policy outlines how personal information is collected, processed, stored, and protected across all areas of our business.

Personal Data Collection

We collect limited personal data related to associated companies and their staff, including names, job roles, telephone numbers, email addresses, and physical addresses. This data is collected directly from customers and organisations through phone, email, social media, or our website and is used for legitimate business purposes, such as user account creation, communication, and administration.

Lawful Basis and Consent

Personal data is processed lawfully and transparently. Where required, data subjects provide explicit consent for their information to be used. Sensitive data will only be processed with clear and informed agreement.

Data Usage and Limitations

Personal data is used solely for the purpose it was collected. This includes, but is not limited to:

  • Creating and managing user and admin accounts
  • Communicating with clients
  • Maintaining service standards and access records

We do not share personal data with third parties.

Data Minimisation and Accuracy

Only data strictly necessary for operational purposes is collected and retained. We aim to keep data accurate and up to date. Any outdated or redundant data will be reviewed and securely disposed of.

Data Storage and Security

Personal information is stored both electronically and in hard copy format, with access restricted to authorised staff only. Physical records are held securely, while electronic files are protected with password access. When no longer needed, paper records are shredded and digital records securely deleted.

Breach Management

In the event of a data breach (e.g., theft, accidental loss, or unauthorised disclosure), we will act swiftly in line with our four-step process:

  1. Containment and Recovery – Immediate action will be taken to minimise impact.

  2. Risk Assessment – Evaluate the risk posed to individuals or organisations.

  3. Notification – Affected parties and authorities will be informed if necessary.

  4. Evaluation and Response – The incident will be fully reviewed and policies updated accordingly.

All breaches must be reported to the Managing Director without delay.

Staff Responsibilities and Training

This policy applies to all ZATZ Ltd staff, including the Managing Director. All employees are required to understand and adhere to GDPR principles. Ongoing training and regular reviews ensure our team remains compliant.

Core GDPR Principles Followed

ZATZ Ltd is accountable for upholding all six principles of GDPR:

  1. Lawfulness, Fairness, and Transparency

  2. Purpose Limitation

  3. Data Minimisation

  4. Accuracy

  5. Storage Limitation

  6. Integrity and Confidentiality

Data Subject Rights

Under the UK GDPR, individuals have the right to request access, correction, or removal of their personal data at any time.

Policy Review

This policy will be reviewed periodically and updated to reflect legal or operational changes. The latest version is always available to staff.