naked Agility Ltd is committed to protecting your privacy and handling your personal data responsibly. This policy explains what we collect, why we collect it, and your rights under UK GDPR and the Data Protection Act 2018.
Please also refer to our Terms of Business for the conditions governing training bookings.
Who We Are
naked Agility Ltd is registered in Scotland (Company No. SC693752). Our registered address is available on request. Martin Hinshelwood is the data controller for personal data processed through this site.
Contact: clientservices@nkdagility.com
Data We Collect
Booking and Enrolment
When you enquire about or book a training course we collect:
- Name and email address
- Organisation name and job title (optional, used for course context)
- Billing address and VAT number (where applicable)
- Payment details — processed by our payment provider; we do not store card numbers
Training Delivery
During and after delivery we hold:
- Attendance records for the course
- Participant name and email submitted to the certifying body (e.g. Scrum.org) to register your assessment or award your credential
- Feedback and evaluation responses (anonymised before any aggregation)
Website Visits
When you browse this site we collect anonymous usage data via the tools listed under Cookies and Analytics below. No personally identifiable information is collected through analytics unless you submit a form.
Enquiry and Contact Forms
If you use an enquiry form we collect your name, email, organisation, and the content of your message.
Why We Use Your Data
| Purpose | Lawful basis |
|---|---|
| Process your booking and issue an invoice | Contract |
| Deliver training and register your credential with the certifying body | Contract |
| Send pre-course and post-course communications | Contract |
| Respond to enquiries | Legitimate interest |
| Send occasional updates about new courses or relevant content (you can opt out at any time) | Legitimate interest / Consent |
| Comply with tax and accounting obligations | Legal obligation |
| Improve the site and understand visitor behaviour | Legitimate interest |
We do not use your data for automated decision-making or profiling.
Cookies
This site does not use analytics, advertising, or tracking cookies. The only third-party request made by the site is loading the Open Sans typeface from Google Fonts — this is a CSS resource and does not set any cookies on your device.
No cookie banner or consent mechanism is required because no cookies that require consent are present.
Third-Party Services
We share personal data only with the services we need to operate. All third-party providers are bound by appropriate data processing agreements.
| Service | Purpose | Data region |
|---|---|---|
| Microsoft 365 (Azure US) | Email, calendar, and document storage for course administration | United States |
| FreshBooks (GCP Global) | Invoicing and billing | United States |
| Scrum.org (or other certifying body) | Credential registration after course completion | Global |
We do not sell your personal data to any third party. We do not share data with marketing brokers or data aggregators.
Data Retention
| Data type | Retention period |
|---|---|
| Booking and invoice records | 7 years (UK tax law) |
| Training attendance records | 5 years |
| Enquiry / contact form submissions | 2 years from last contact |
| Analytics data | 26 months (Google Analytics default) |
| Marketing email preferences | Until you unsubscribe, then deleted within 30 days |
Your Rights
Under UK GDPR you have the right to:
- Access — request a copy of the personal data we hold about you
- Rectification — ask us to correct inaccurate data
- Erasure — ask us to delete your data (subject to legal retention obligations)
- Restriction — ask us to pause processing while a dispute is resolved
- Objection — object to processing based on legitimate interest, including marketing
- Portability — receive your data in a machine-readable format
To exercise any of these rights, contact us. We will respond within 30 days.
If you are not satisfied with our response you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk.
Security
We use HTTPS on this site. Course administration data is held within Microsoft 365 and FreshBooks, both of which provide encryption at rest and in transit. Access is restricted to authorised personnel only.
Changes to This Policy
We review this policy periodically. The date at the top of this page reflects the most recent update. Significant changes will be communicated by email to active customers.
Contact
For privacy questions or data requests:
Email: clientservices@nkdagility.com
Or use our contact form.