Privacy Policy

The privacy and security of your personal information are extremely important to us. This privacy policy explains how and why we use your personal data, to make sure you stay informed and can be confident about giving us your information.


Who are ‘we’?

In this policy, whenever you see the words ‘we’, ‘us’, ‘our’, ‘Water Hygiene Centre, it refers to Water Hygiene Centre Ltd (Our ICO registration number is Z3492843).

The Water Hygiene Centre Limited (Reg. Co. number 6813146) was established in 2009 to address the lack of independent consultancy within the industry.  We have experienced, qualified and dedicated consultants totaling over 60 years of experience, all of whom offer unbiased advice and support based on their individual and collective experiences from within the team.


If you have any questions in relation to this privacy policy or how we use your personal data they should be sent to or addressed to the Accreditations & Compliance Administrator, Water Hygiene Centre, 4 Southill Business Park, Cornbury Park, Charlbury, Oxfordshire OX7 3EW.


What personal data do we collect?

Your personal data (any information which identifies you, or which can be identified as relating to you personally, for example, name, address, phone number, email address) will be collected and used by us. We’ll only collect the personal data that we need.

You can give us your personal data by visiting our website and registering to receive weekly blogs, information on upcoming training courses in your area, useful tools, guidance and information updates, social media functions on our website, entering a competition, promotion, or survey or by corresponding with us (by phone, email, post or social media).


Personal data provided by you

This includes information you give when interacting with us, for example joining or registering, placing an order, or communicating with us. For example:

  • Personal details (name, email, address, telephone, and so on) when you register for a course.
  • Your opinions and feedback about the Water Hygiene Centre’s activities and interests, and your experiences of the Water Hygiene Centre.

Please note, that certain areas on our website won’t be available to you until you’ve registered to use our website.


Information we generate

We conduct research and analysis on the information we hold, which can in turn generate personal data. For example, by analysing your interests and involvement with our work, we may be able to build a profile that helps us decide which of our communications are likely to interest you. The website sections on Research and Profiling provides more detail about how we use the information for profiling and targeted advertising, including giving you more relevant digital content.


How we use your personal data

We’ll only use your personal data on relevant lawful grounds as permitted by the EU General Data Protection Regulation (from 25 May 2018)/UK Data Protection Act and Privacy of Electronic Communication Regulation.


Below are the main uses of your data which depend on the nature of our relationship with you and how you interact with our various services, websites, and activities.


Marketing communications 

Your privacy is important to us, so we’ll always keep your details secure. We’d like to use your details, to keep in touch about things that may matter to you.

If you choose to hear from us, we may send you information based on what is most relevant to you, or things you’ve told us you like. We may also show you relevant online content. This might be about training courses in your area or blogs relating to your role.

We’ll only send these to you if you agree to receive them and we will never share your information with companies outside the Water Hygiene Centre for inclusion in their marketing. (We may however share cookie data with third parties to help with our own advertising targeting). If you do agree to receive marketing information from us, you can change your mind at a later date by managing your preferences or unsubscribing.

However, if you tell us you don’t want to receive marketing communications, then you may not hear about events or other work we do that may be of interest to you.


We may sometimes use third parties to capture some of our data on our behalf, but only where we are confident that the third party will treat your data securely, in accordance with our terms and in line with the requirements set out in the GDPR.



We carry out research (client satisfaction certificates) with our clients to get feedback on their experience with us. We use this feedback as part of our ongoing commitment to quality and to continually improve the services we deliver. Your feedback may also be used for marketing purposes i.e sent to prospective clients or tender applications.

If you choose to take part in research, we’ll tell you when you start what data we will collect, why, and how we’ll use it. All the research we conduct is optional and you can choose not to take part.



We use automated profiling and targeting to help us understand market trends and buyer's needs and to make sure that:

  • our communications (e.g. emails) and services (e.g. our website) are relevant, personalised, and interesting to you
  • our services meet the needs of our contacts

To do this we’ll analyse how you interact with us (e.g. on our website, subscription preferences) and use geographic and demographic information to let you know what’s happening in your local area and understand your interests.

We use specific tools to profile how you interact with us online, for example, Adobe Analytics and Google Analytics.

If you’ve agreed that we can contact you for marketing purposes, we may also gather additional information about you from external sources, for example, LinkedIn.


Recruitment and employment 


In order to comply with our contractual, statutory, and management obligations and responsibilities, we process personal data, including ‘sensitive’ personal data, from job applicants and employees.  Further information on what data is collected and why it’s processed is given below.


Contractual responsibilities: Our contractual responsibilities include those arising from the contract of employment. The data processed to meet contractual responsibilities includes, but is not limited to, data relating to payroll, bank account, postal address, sick pay; leave, and maternity pay.


Statutory responsibilities: Our statutory responsibilities are those imposed through law on the organisation as an employer. The data processed to meet statutory responsibilities includes, but is not limited to, data relating to: tax, national insurance, statutory sick pay, statutory maternity pay, family leave, work permits, and equal opportunities monitoring.


Management responsibilities: Our management responsibilities are those necessary for the organisational functioning of the organisation. The data processed to meet management responsibilities includes, but is not limited to, data relating to recruitment and employment, training and development, absence, disciplinary matters, e-mail address, and telephone number.


Disclosure of personal data to other bodies


To meet the employment contract, we are required to transfer an employee’s personal data to third parties, for example, to pension providers and HM Revenue & Customs.

In order to fulfill our statutory responsibilities, we’re required to give some of an employee’s personal data to government departments or agencies e.g. provision of salary and tax data to HM Revenue & Customs.


Updating your data and marketing preferences 


We want you to remain in control of your personal data. If, at any time, you want to update or amend your personal data or marketing preferences please contact us in one of the following ways:


Call us:

01993 840400
Open 8.30 am – 5.00 pm Monday – Friday


Verification, updating, or amendment of personal data will take place within 30 days of receipt of your request.


Your data protection rights (DPO) 

Where the Water Hygiene Centre is using your personal data on the basis of consent, you have the right to withdraw that consent at any time. You also have the right to ask the Water Hygiene Centre to stop using your personal data for direct marketing purposes.

Tell us by clicking here or contact us using the details above.


Subject access rights

If you would like further information on your rights or wish to exercise them, please email the Data Protection Officer at

You will be asked to provide the following details:

  • The personal information you want to access;
  • Where it is likely to be held;
  • The date range of the information you wish to access

If we hold personal information about you, we will give you a copy of the information in an understandable format together with an explanation of why we hold and use it.

Once we have all the information necessary to respond to your request we’ll provide your information to you within one month.  This timeframe may be extended by up to two months if your request is particularly complex. 


What to do if you’re not happy

In the first instance, please talk to us directly so we can resolve any problem or query. You also have the right to contact the Information Commissions Office (ICO) if you have any questions about Data Protection. You can contact them using their helpline at 0303 123 113 or at


Cookies and links to third-party websites



Cookies are small text files stored on your computer when you visit certain websites. We use first-party cookies (cookies that we have set, that can only be read by our website) to personalise your online experience. We also use third-party cookies (cookies that are set by an organisation other than the owner of the website) for the purposes of website measurement and targeted advertising. You can control the use of cookies via your browser.


Links to other websites

Our website contains links to other websites i.e news related forums, and charities we support.  If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. This privacy policy applies solely to the personal data collected by the Water Hygiene Centre.


Keeping your information

We will only use and store your information for as long as it is required for the purposes it was collected for. How long it will be stored depends on the information in question, what it is being used for and, sometimes, statutory legal requirements.


How we secure your data 

Information system and data security is imperative to us to ensure that we are keeping our clients, prospects and employees' records safe.

We operate a robust and thorough process for assessing, managing and protecting new and existing systems which ensures that they are up to date and secure against the ever-changing threat landscape.


Disclosing and sharing information

When we allow third parties acting on behalf of the Water Hygiene access to your information, we will always have complete control of what they see, how long they see it for and what they are allowed to do with it. We do not sell or share your personal information for other organisations to use.

Personal data collected and processed by us may be shared with the following groups where necessary:

  • Water Hygiene Centre employees
  • Marketing Agencies who assist with our marketing programme.
  • Third-party cloud hosting and IT infrastructure providers who host the website and provide IT support in respect of the website;

We may also disclose your personal information to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use or cookie policy and other agreements; or to protect the rights, property, or safety of the Water Hygiene Centre, and it’s employees.


Storage of information

Water Hygiene Centre operations are based in the UK. We store our data within the European Union (EU) through our CRM partners, who have a robust privacy programme that is designed to align with many regions’ data hosting needs, including data-handling processes which meet rigorous policy requirements.


Payment card Security

Our online payment solutions are carried out using a ‘payment gateway’ (e.g. Stripe) which is a direct connection to a payment service provided by a bank. This means that when you input card data into the payment page, you are communicating directly with the bank and the bank passes your payment to us, this means that your payment card information is handled by the bank and not processed or held by us.

Stripe undergoes a PCI Level 1 Service Provider evaluation each year, the most stringent level of security certification available in the payments industry. This is the international standard for safe card payment processes. As part of our compliance to this very stringent standard, we ensure that our IT systems do not directly collect or store payment card information; for example the full 16-digit number on the front of the card or the security code on the back.


Changes to this privacy policy

We’ll amend this privacy policy from time to time to ensure it remains up to date and reflects how and why we use your personal data and new legal requirements. Please visit our website to keep up to date with any changes. The current version will always be posted on our website.

This privacy policy was last updated on 01/05/2018

Discuss your requirements and options with us

Talk to us