Legal

Privacy Policy

Last updated: May 2026

Direct Works Group ("we", "us", "our") is committed to protecting and respecting your privacy. This policy explains how we collect, use, store and protect personal data when you visit our website, enquire about or take up membership, attend our events, or otherwise interact with us. We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This is a general-purpose privacy policy template provided as a starting point. Before publishing, please review it with whoever manages your data protection obligations to ensure it accurately reflects how Direct Works Group actually collects and uses data. Where you already hold a lawyer-reviewed policy, that version should take precedence.

Who we are

Direct Works Group Limited is the data controller responsible for your personal data. Our registered office is 86 Easton Road, Bridlington, East Riding of Yorkshire, YO16 4DB. We are registered in England and Wales (company number 15310052).

For any privacy-related questions, or to exercise your data rights, contact us at marketing@direct-works.co.uk.

The information we collect

We may collect and process the following categories of personal data:

Contact and identity data — name, job title, organisation, email address and telephone number, for example when you enquire about membership or register for an event.
Membership data — information relating to your organisation's membership, attendance and participation in our events, seminars and webinars.
Correspondence — records of communications between you and us.
Technical and usage data — information about how you use our website, collected via cookies and similar technologies (see our Cookie Policy).

How we use your information

We use your personal data to:

Respond to enquiries and provide the membership, events and services you request;
Administer and manage membership and event attendance, including CPD records where relevant;
Send you relevant updates, sector insight and event information (where you have agreed to receive these, or where we have a legitimate interest in doing so);
Improve our website and services; and
Comply with our legal and regulatory obligations.

Our lawful bases

We rely on one or more of the following lawful bases when processing your data: your consent; the performance of a contract with you or your organisation; our legitimate interests in operating and promoting the network (balanced against your rights); and compliance with a legal obligation.

Sharing your information

We do not sell your personal data. We may share it with trusted service providers who help us operate (for example, IT, email and event-management providers), with the CPD Certification Service where CPD records are involved, and where required by law. Any third parties acting as our processors are bound to keep your data secure and to use it only as instructed.

How long we keep it

We retain personal data only for as long as necessary for the purposes set out above, or as required to meet legal, accounting or reporting requirements, after which it is securely deleted or anonymised.

Your rights

Under UK data protection law you have the right to access, correct, erase, restrict or object to the processing of your personal data, and the right to data portability. To exercise any of these rights, contact us at marketing@direct-works.co.uk. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss or misuse.

Changes to this policy

We may update this policy from time to time. The "last updated" date above shows when it was last revised.