Privacy Policy

Last Updated: April 20, 2025

1. Who We Are

Gusto Professionals is a sole proprietorship operating Health, Safety, and Environment (HSE) training services, including in-person training and certifications. Our details are:

  • Business Name: Gusto Professionals
  • Address: 712, Al Fahad Plaza Building, Opposite KFC, Al Rigga Road, Al Rigga, Dubai, United Arab Emirates
  • Email: info.gustoprofessionals@gmail.com
  • Phone: +44 7448 504110 (UK), +971 52 948 9070 (UAE)

We are the data controller responsible for your personal data under applicable privacy laws, including the UAE Federal Decree-Law No. 45/2021, GDPR (for UK users), and NDPR (for Nigerian users).

2. Scope of This Policy

This Privacy Policy applies to:

  • Our website: www.gustoprofessionals.com
  • Our HSE training services, including in-person training and certifications
  • All interactions where we collect personal data, such as through contact forms

This policy does not apply to third-party websites or services linked from our website, which have their own privacy policies.

3. Personal Data We Collect

We collect personal data to provide our HSE training services and certifications. The types of data we collect depend on how you interact with us.

3.1 Data You Provide

We collect the following personal data directly from you through contact forms on our website:

  • Name (Required): To identify you and personalize your training experience.
  • Email Address (Required): To communicate with you about training courses, certifications, and inquiries.
  • Phone Number (Optional): To contact you for training-related purposes, if provided.

3.2 Data Collected Automatically

We use cookies and similar technologies to collect data automatically when you visit our website:

  • Technical Data: IP address, browser type, device information, and pages visited.
  • Usage Data: Time spent on the website, clicks, and interactions with content.
  • Marketing Cookies: Data to deliver personalized advertisements and track ad performance.

3.3 Data from Other Sources

We do not collect personal data from third parties, such as employers or social media platforms, unless explicitly provided by you through our contact forms (e.g., employer details in a business inquiry).

4. How We Collect Your Data

We collect personal data through:

  • Contact Forms: When you submit inquiries, register for training, or request certifications.
  • Cookies and Tracking Technologies: Automatically via marketing cookies, subject to your consent through our cookie banner.

5. Purposes and Legal Basis for Using Your Data

We use your personal data for the following purposes, with the corresponding legal basis under applicable privacy laws:

PurposeData UsedLegal Basis
To provide HSE training courses and certificationsName, email, phone (if provided)Contract (to fulfill our agreement to deliver training services)
To respond to your inquiriesName, email, phone (if provided)Legitimate interest (to address your requests and provide customer support)
To send marketing communications (e.g., course promotions)EmailConsent (obtained via opt-in, where required)
To deliver personalized advertisementsTechnical and usage data (via cookies)Consent (via cookie banner for marketing cookies)
To improve our website and servicesTechnical and usage dataLegitimate interest (to enhance user experience and functionality)
To comply with legal obligationsName, email, certification recordsLegal obligation (e.g., maintaining HSE certification records)

We do not use your data for purposes beyond those listed, unless required by law or with your explicit consent.

6. Cookies and Tracking Technologies

We use cookies to enhance your experience and deliver personalized marketing content.

6.1 Types of Cookies

  • Essential Cookies: Necessary for website functionality (e.g., maintaining your session).
  • Marketing Cookies: Used to deliver relevant advertisements and track ad performance.

6.2 Cookie Consent

We use a cookie consent banner to obtain your permission for non-essential cookies (marketing cookies). You can:

  • Accept all cookies.
  • Reject non-essential cookies.
  • Customize your preferences.

You can manage your cookie settings at any time through the cookie banner or your browser settings. Note that disabling cookies may affect website functionality.

6.3 Third-Party Cookies

Our marketing cookies may be set by third-party advertising platforms (e.g., Google Ads). These third parties may collect data about your browsing behavior to serve targeted ads. We ensure these partners comply with applicable privacy laws.

7. Data Sharing

We do not share your personal data with third parties, except in the following limited circumstances:

  • Legal Obligations: If required by law, regulation, or court order (e.g., to comply with HSE certification audits).
  • Service Providers: We use trusted service providers (e.g., email providers) to process data on our behalf, but your data is not shared externally. It is securely transferred to our company email inbox (info.gustoprofessionals@gmail.com).
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the new entity, with notice to you and in compliance with applicable laws.

We do not sell, rent, or trade your personal data.

8. International Data Transfers

As a UAE-based business targeting users in the UAE, UK, and Nigeria, your data is processed primarily in the UAE. If we transfer data outside the UAE (e.g., to UK or Nigerian servers for email processing), we ensure appropriate safeguards, such as:

  • Standard Contractual Clauses (SCCs): For transfers to the UK under GDPR.
  • NDPR Compliance: For Nigerian users, ensuring adequate protection as required by the Nigeria Data Protection Regulation.

We take steps to ensure your data remains protected regardless of where it is processed.

9. Data Storage and Retention

9.1 Storage

Your personal data collected via contact forms is not stored on our website or servers. Instead, it is securely transferred to our company email inbox (info.gustoprofessionals@gmail.com) using encrypted communication channels.

9.2 Retention

We retain your personal data only as long as necessary for the purposes outlined:

  • Contact Form Data: Retained in our email inbox until the inquiry or training service is resolved, unless required for certification records.
  • Certification Records: Retained for 7 years to comply with HSE regulatory requirements, unless you request deletion (where permitted by law).
  • Marketing Data: Retained until you withdraw consent or opt out.
  • Technical Data (Cookies): Retained as specified in our cookie settings (typically up to 24 months for marketing cookies).

After the retention period, we securely delete your data or anonymize it for statistical purposes.

10. Data Security

We implement robust security measures to protect your personal data:

  • Encryption: We use SSL/TLS encryption to secure data transmission between your browser and our website.
  • Access Controls: Only authorized personnel have access to our email inbox containing your data.
  • Secure Email Processing: Data sent to our email inbox is handled securely, with regular monitoring for unauthorized access.

Despite our efforts, no system is completely secure. In the unlikely event of a data breach, we will notify affected users and relevant authorities within 72 hours, as required by GDPR, NDPR, or UAE law.

11. Your Data Protection Rights

Depending on your location (UAE, UK, Nigeria), you have the following rights regarding your personal data:

11.1 General Rights

  • Access: Request a copy of your personal data.
  • Rectification: Correct inaccurate or incomplete data.
  • Deletion: Request deletion of your data (subject to legal obligations, e.g., certification records).
  • Restriction: Limit how we process your data in certain circumstances.
  • Objection: Object to processing for marketing or legitimate interest purposes.
  • Portability: Receive your data in a structured, machine-readable format.

11.2 Additional Rights

  • UK Users (GDPR): Right to object to automated decision-making (not applicable, as we do not use automated decisions).
  • Nigerian Users (NDPR): Right to be informed of data processing and to withdraw consent.
  • UAE Users (Federal Decree-Law No. 45/2021): Right to stop processing and lodge complaints.

11.3 How to Exercise Your Rights

To exercise your rights, contact us at:

  • Email: info.gustoprofessionals@gmail.com
  • Phone: +44 7448 504110 (UK) or +971 52 948 9070 (UAE)
  • Address: 712, Al Fahad Plaza Building, Opposite KFC, Al Rigga Road, Al Rigga, Dubai, UAE

We will respond within:

  • 30 days (GDPR for UK users).
  • 30 days (NDPR for Nigerian users).
  • 30 days (UAE law, unless otherwise specified).

If you believe we have not addressed your request satisfactorily, you may lodge a complaint with a supervisory authority (see Section 14).

12. Marketing Communications

We may send you marketing emails about new HSE training courses, certifications, or promotions if you have provided consent (e.g., during contact form submission). You can opt out at any time by:

We will promptly remove you from our marketing list, though we may still contact you for non-marketing purposes (e.g., training confirmations).

13. Cookies and Your Choices

You can manage cookies through our cookie consent banner, which appears when you visit our website. Options include:

  • Accepting all cookies.
  • Rejecting non-essential (marketing) cookies.
  • Customizing preferences.

You can also disable cookies via your browser settings, but this may affect website functionality. For more details, see our Cookie Policy (if applicable, or contact us to create one).

14. Complaints and Supervisory Authorities

If you have concerns about our data practices, please contact us first at info.gustoprofessionals@gmail.com. If we cannot resolve your issue, you may contact the relevant supervisory authority:

  • UAE: UAE Data Protection Authority (details pending, as the authority is being established under Federal Decree-Law No. 45/2021).
  • UK: Information Commissioner’s Office (ICO)
    • Website: www.ico.org.uk
    • Phone: +44 303 123 1113
  • Nigeria: National Information Technology Development Agency (NITDA)
    • Email: dpo@nitda.gov.ng
    • Website: www.nitda.gov.ng

15. Third-Party Links

Our website may contain links to third-party websites (e.g., certification bodies, payment processors). These sites have their own privacy policies, and we are not responsible for their practices. Please review their policies before providing personal data.

16. Children’s Privacy

Our services are not directed to individuals under 16 (or 13 in Nigeria for NDPR compliance). We do not knowingly collect personal data from children. If we learn that a child’s data has been collected, we will delete it promptly. If you believe a child has provided us with data, contact us at info.gustoprofessionals@gmail.com.

17. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices, legal requirements, or services. We will notify you of significant changes by:

  • Posting a notice on our website.
  • Sending an email to registered users (where applicable).

The updated policy will be effective as of the “Last Updated” date at the top. Please review this policy periodically.

18. Contact Us

For questions, concerns, or to exercise your data protection rights, contact us at:

  • Email: info.gustoprofessionals@gmail.com
  • Phone: +44 7448 504110 (UK) or +971 52 948 9070 (UAE)
  • Address: 712, Al Fahad Plaza Building, Opposite KFC, Al Rigga Road, Al Rigga, Dubai, UAE

We are committed to addressing your inquiries promptly and transparently.