Logo-622x128-white

Privacy Policy

PRIVACY AND COOKIES POLICY

Leaders of Our Future, Ltd (LOF) respects your privacy and is committed to protecting your personal data. This policy (together with our Terms of use and any other documents referred to on it) applies to the use of our website and our learning portal services and sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us, and tells you about your privacy rights and how the law protects you. 

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting www.leadersofourfuture.com (our Site) you acknowledge and are accepting and consenting to the practices described in this policy.

IMPORTANT INFORMATION AND WHO WE ARE

Leaders of Our Future, Ltd is a company registered in England and Wales. Our company registration number is 16260606 and our registered office is at 35 Stamford New Road, Altrincham, Cheshire, WA14 1EB, GB.

It is important that you read this privacy policy together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data.

Controller

Leaders of Our Future, Ltd (“We, Us or Our”) is the controller and responsible for your personal data.

Contact Details

If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact us using either of the following details:

Post: 35 Stamford New Road, Altrincham, Cheshire, WA14 1EB, UK

Email[email protected]

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

Changes To this Policy and Your Duty to Inform Us of Changes

We keep our privacy policy under regular review. This version was last updated on 26th June, 2025.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

Third Party Links

This Site may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

Summary of how we use your personal data

LOF uses your personal data:

  • where we need to perform the contract which we are about to enter into, or have entered into, with you;
  • where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests;
  • where we need to comply with legal obligations;
  • where we have your consent.

 

Where we rely on your consent, such as for marketing purposes, you can withdraw this consent at any time.

·Our privacy policy sets out more details of this processing, including details of your data protection rights, and your right to object to certain processing.

What does this policy cover?

This policy describes how LOF will make use of your personal data when you register your details or your child’s details on our website or web portal.

It also describes your data protection rights, including a right to object to some of the processing which we carry out. More information about your rights, and how to exercise them, is set out in the “What rights do I have?” section.

What information do we collect?

We collect and process personal data about you when you interact with us and our websites, and when you purchase resources and/or services from us. This includes:

  • your name, your child’s name;
  •  your gender, your child’s gender;
  • your child’s school year
  • your age/date of birth, your child’s age/date of birth together with any relevant medical information required for us to perform a service (only where necessary);
  • your home address, email address and phone number; and your child’s home address, email address and phone number
  • your picture; your child’s picture for identification purposes
  • your payment and delivery details, including billing address and credit card details, where you make purchases from us (where relevant);
  • your marketing preferences, including any consents you have given us;
  • communications that you may send to us;
  • information related to the browser or device you use to access our website;
  • information  that does not directly identify you (your IP address through the placement of cookies; and location data which may be gained through your IP address).

How do we use this information, and what is the legal basis for this use?

We process this personal data for the following purposes:

  • To fulfil a contract, or take steps linked to a contract: this is relevant where you purchase resources or services from us. This includes:
    • verifying your identity and your child’s identity;
    • taking  payments;
    • communicating with you;
    • providing customer services and arranging the delivery or other provision of  resources or services.
  • As  required to conduct our business and pursue our legitimate interests, in particular:
    • we will use your information to provide details of resources and services you have enquired about or resources or services you have requested, and respond to any comments or complaints you may send us;
    • we monitor use of our websites and online services, and use your information to help us evaluate, improve and protect our resources, content, services and websites, both online and offline;
    • we use information you provide to personalise our website, resources or services for you;
    • where relevant, if you provide a credit or debit card as payment, we also use third parties to check the validity of the sort code, account number and card number you submit in order to prevent fraud (see data sharing below);
    • we monitor customer accounts to prevent, investigate and/or report fraud, terrorism, misrepresentation, security incidents or crime, in accordance with applicable law;
    • we use information you provide to investigate any complaints received from you or from others, about our website or our resources or services;
    • we will use personal data in connection with legal claims, compliance,  regulatory and investigative purposes as necessary (including disclosure of such information in connection with legal process or litigation), for example we may need to share personal data with the Department of Education or an inspection authority to comply with our regulatory obligations;
    • we use personal data of some individuals to invite them to take part in market research.
  • Where you give us consent:
    • We place cookies and use similar technologies in accordance with our cookies policy (see our Cookie policy below which details how we use them) and the information provided to you when those technologies are used;
    • We will keep you updated about any of our products, services or offers by email;
    • On other occasions where we ask you for consent, we will use the personal data for the purpose which we explain at that time.
  • For purposes which are required by law:
    • where we need parental consent to provide online services to children under 13
    • where we need consent from students over 13 to process their data 
    • In response to requests by government or law enforcement authorities conducting an investigation.

Withdrawing consent or otherwise objecting to direct marketing
Wherever we rely on your consent, you will always be able to withdraw that consent, although we may have other legal grounds for processing your personal data for other purposes, such as those set out above. In some cases, we are able to send you direct marketing without your consent, where we rely on our legitimate interests. You have an absolute right to opt-out of direct marketing, at any time. You can do this by following the instructions in the communication where this is an electronic message, updating your preferences in any account or by contacting us using the details set out below.

Who will we share this personal data with, where and when?

Personal data will be shared with organisations, such as insurers and organisations which conduct background checks, where necessary. It will also be shared with organisations such as the Institute of Leadership & Management for certification purposes and/or the Department of Education for regulatory purposes.

Personal data may be shared with government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if required for the legal protection of our legitimate interests in compliance with applicable laws.

Personal data will also be shared with third party service providers, who will process it on behalf of a Controller for the purposes identified above. In particular, we use third party providers of website hosting, maintenance and marketing.

In the event that the business is sold or integrated with another business, your details will be disclosed to our advisors and any prospective purchaser’s advisor and will be passed to the new owners of the business.

International Transfers

Some of our third-party service providers are based outside the UK and European Economic Area (EEA), which means your personal data may be transferred to, and processed in, countries outside the UK/EEA.

We use the following international service providers:

  • AWS (Amazon Web Services) – Data storage and communications
  • GoDaddy – Communications and webhosting
  • Microsoft – Communications services

Where we transfer your personal data outside the UK/EEA, we ensure appropriate safeguards are in place:

  • Adequacy Decisions: We only transfer data to countries that the UK Government or European Commission has determined provide adequate protection for personal data
  • Standard Contractual Clauses (SCCs): Where no adequacy decision exists, we use UK/EU approved standard contractual clauses with our service providers
  • Additional Security Measures: We implement supplementary technical and organisational measures where required

What rights do I have?

You have the right to ask us for a copy of your personal data; to correct, delete or restrict (stop any active) processing of your personal data; and to obtain the personal data you provide to us for a contract or with your consent in a structured, machine readable format, and to ask us to share (port) this personal data with another controller.

In addition, you can object to the processing of your personal data in some circumstances (in particular, where we don’t have to process the personal data to meet a contractual or other legal requirement, or where we are using the personal data for direct marketing).

These rights may be limited, for example if fulfilling your request would reveal personal data about another person, where they would infringe the rights of a third party (including our rights) or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. Relevant exemptions are included in both the GDPR and in the Data Protection Act 2018. We will inform you of relevant exemptions we rely upon when responding to any request you make.

If you have unresolved concerns, you have the right to complain to an EU data protection authority where you live, work or where you believe a breach may have occurred. This is likely to be the Information Commissioner’s Office in the UK.

How long will you retain my personal data?

We only retain your personal data for as long as is required by law, or for as long as necessary for the purposes for which we process your personal data. As a centre for ILM, we are required to hold learner data for an amount of time stipulated by them for their course certifications. Please see our data retention schedule included at the end of this policy.

Minors

We are mindful that some of our courses are attended by minors who, by law, cannot consent to the processing of their personal data if they are under the age of 13.
Any booking made for any child under the age of 18 must be submitted by a parent who holds parental responsibility for the child.
By submitting a booking, you are specifically providing consent to our processing of the child’s personal data.

Additionally, we will request minors 13 and over for their consent to our processing of their personal data in relation to the provision of our services/courses.

Photography and Videoing at Events

From time to time, we will take photos and videos of students during their time at an event. The purpose of this is to assist us with training and refreshing the programme content, as well as for use in promotional material.
Our lawful basis for processing this information will be either consent or legitimate interests, depending on the processing activity.

If You Fail to Provide Personal Data

Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you or your child with goods or services).

How is your personal data collected?

We use different methods to collect data from and about you including through:

  • Direct interactions. You may give us your Identity, Contact and Financial Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
    • request our products or services;
    • create an account on our web portal;
    • subscribe to our service or publications;
    • request marketing to be sent to you;
    • report a problem with our Site;
    • enter a competition, promotion or survey;
    • or give us feedback or contact us.
  • Automated technologies or interactions. As you interact with our Site, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. Please see our cookie policy below for further details

We may also collect personal data from various third parties and public sources.

Data Protection

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

COOKIES POLICY

Cookie Consent and Management

We use cookies to improve your experience on our website . When you first visit our site, you’ll see a cookie banner asking for your consent to use non-essential cookies.
How to Give Consent

  • Click “Accept All” to consent to all cookies
  • Click “Reject All” to decline non-essential cookies (strictly necessary cookies will still be used)

How to Withdraw Consent

You can withdraw your cookie consent at any time by adjusting your browser settings to block cookies.

Types of Cookies We Use

  • Strictly Necessary Cookies: Required for website operation these cannot be disabled
  • Analytics Cookies: Help us understand website usage and performance by telling us how many

people visit our website, optimising how fast our site loads, and sending metrics related to third party integrations.

GLOSSARY

Lawful Basis

  • Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.
  • Performance of Contract means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
  • Comply with a legal obligation means processing your personal data where it is necessary for compliance with a legal obligation that we are subject to.

Third Parties

External Third Parties: May be based inside and outside of the EEA and include:

  • Venues where events are to take place and the relevant persons (staff/presenters) at those venues that are booked using the website, business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you
  • Service providers acting as processors who provide IT and system administration services. This includes third parties who assist with development and maintenance of the LOF learning portal, AWS who provide us with secure data storage in line with data regulation and Stripe, who assist with taking payment from you for goods and services supplied
  • Examination boards and awarding bodies (such as ILM)
  • Professional advisors acting as processors or joint controllers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services
  • Analytics and search engine providers that assist us in the improvement and optimisation of our site including GoDaddy
  • HM Revenue & Customs, regulators and other authorities who require reporting of processing activities in certain circumstances

Third Parties

Data Type

Retention Period

Legal Basis

Student Learning Records

7 years after course completion

ILM certification requirements

Financial/Payment Data

7 years after transaction

UK tax and accounting obligations

Marketing Consent Records

Until consent withdrawn + 3 years

Regulatory compliance

Website Analytics Data

26 months from collection

Legitimate interests

Customer Service Records

3 years after last contact

Complaint resolution

Account/Login Information

2 years after account closure

Security and fraud prevention

Photography/Video Consent

Duration of use + 3 years

Consent management

Leaders of Our Future (LOF) is a transformative youth leadership initiative empowering young minds with confidence, emotional intelligence, and future-ready skills.

Facebook-f Instagram

Quick Links

Our Courses

Join Our Mailing List

Copyright © 2025 leadersforfuture | All rights reserved | Powered by Daairah