Theory Test Privacy Policy

Your privacy and security is important to us. This Privacy Policy (the "Policy") sets out how we will treat your personal information and will inform you as to how we deal with personal information we obtain from you and how you may remove it.

This Policy has been prepared to meet the requirements of all relevant laws and regulations relating to data protection, whether local, national or supranational, including (i) the Privacy and Electronic Communications Regulations (EC Directive) 2003 (S/2003i2426) (ii) the Data Protection Act 2018 (iii) all applicable requirements of the General Data Protection Regulation ((EU) 2016/679) (the "GDPR") and any other national implementing laws, regulations and secondary legislation, as amended or updated from time to time in the UK unless and until the GDPR is no longer directly applicable in the UK and then (iv) any successor legislation to the GDPR and the Data Protection Act 2018 and also The Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011, (the "Acts").

This Privacy Policy (the "Policy"), together with our Terms of Use, Cookies Policy and any other document(s) referred to in them, sets out how we will treat your personal information, and is intended to help you understand how we deal with any personal information we may obtain from you and how you may access, alter, rectify and/or remove it. Under data protection legislation we, Glenmax Limited, are the Data Controller and our address is Office 32, 19-21 Crawford Street, London, United Kingdom, W1H 1PJ

We are required to notify you of the information contained in this Policy. It is important that you read it so that you are aware of how and why we are using your information.

You must not provide us with your personal information if you are aged under 16, and we will delete your information immediately if we discover that you have supplied it to us.

By clicking the "Got It" button on the drop-down banner that will appear on the first page you enter on our Site you signify your acceptance of our Cookies Policy. Please note that this banner will only appear the first time you enter the Site.

Please note that we may need to update this Policy from time to time to reflect changes in the law. Any changes we may make to our Policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. We recommend that you check this page regularly to ensure that you have read the most recent version and are happy with any changes.

Information we may collect from you

  1. It is your choice whether or not to provide us with personal information. Personal information (or "personal data") means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

  2. The information we may collect from you includes, but is not limited to:

    1. personal contact details such as name, user name, date of birth, gender, password hash, title, address, country of residence, telephone number, email address, link to Facebook profile and profile picture, your preferences for receiving marketing from us, your communication preferences that you may provide to us when you register on our Site or Apps or by filling in forms on either of them, or if you request information from us or when telephoning us;

    2. statistical information which does not identify you personally, such as your mobile device, operating system, browser type, internet connection, IP address and matters of that nature;

    3. correspondence, or a record of it if you should contact us for any reason;

    4. details of your visits to our Site or Apps (including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own purposes or otherwise) and the resources that you access;

    5. surveys that we use for research purposes, which we may ask you to complete, although you do not have to respond to them.

  3. By providing any personal information to us, you fully understand and clearly consent to the transfer, collection and processing of such personal information in accordance with the terms of this Policy.

  4. It is important that the personal data we hold about you is accurate and current. Please advise us if your personal information changes during your relationship with us.

  5. You should not give your email user name or password to anyone or permit them to share it as this can seriously affect the security of your information. If you find out that someone has improperly obtained your user name or password, you should immediately change them and advise us. We cannot be held responsible for breaches which do not emanate from us.

  6. We will provide you with the option to select whether you would like to receive information from us by opting in or out of receiving marketing information and/or promotional offers. In some circumstances, however, you will not have the option to opt out, for example, when we are administering a transaction requested by you, or if we are satisfying a legal requirement.

How do we collect your information?

Ways in which you may be providing us with personal information include, for example,

  1. submitting a request using our Support Form;

  2. logging in to our Site or Apps;

  3. contacting us with an enquiry;

  4. signing up to receive a newsletter, news and/or exclusive offers;

  5. completing a survey which contains your personal information;

  6. reporting a problem; and/or

  7. giving us some feedback.

Uses made of the information by us

  1. We will only use personal information collected from you for the purposes for which it was collected (or for related purposes), namely to identify you as a registered user of our Site or Apps, to provide specific services and/or products that you request and to provide additional services and/or products that may be of interest to you, or in the following circumstances:

    1. Ease of Use – To ensure that content from our Site and Apps is presented in the most effective manner for you and for your device.

    2. Transactional Purposes – To carry out our obligations arising from any contracts entered into between you and us and to respond to your queries and requests.

    3. Communication – To notify you about changes to information we place on our Site or Apps, or to our services.

    4. Marketing Communications and Analysis – We may use your personal information to communicate with you about our products and services and for our own internal marketing analysis, for example, to assess trends amongst our consumers or to measure the amount of traffic to our Site and Apps.

    5. Administrative Purposes – for our own internal purposes in connection with risk control and resolving consumer disputes.

    6. Compliance – To comply with a legal duty or regulatory obligation to which we are subject.

    7. Legitimate Interests – Where it is necessary for our legitimate interests, and when your interests and fundamental rights do not override those interests. Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by any adverse impact on you (unless we have your consent or are otherwise required or permitted to by law).

  2. We will not, under any circumstances, sell your personal information to anyone else.

Change of purpose

  1. We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us by sending an email to us at theorytestsmart@gmail.com

  2. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

  3. Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

Uses made of the information by third parties

  1. We may, with your consent, permit selected third parties to use your data, to provide you with data about products, goods and services which may be of interest to you, and we or they may contact you about these by post or email.

  2. If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please tick the relevant box on registration, or within your account preferences.

  3. Please note that we will not, under any circumstances, sell your personal information to anyone else.

  4. Any information or statistics relating to our business that we disclose to others will not identify you personally. We may, for example, perform statistical analyses of users' behaviour on our Site and Apps in order to measure interest in the various areas of our Site and Apps and to inform advertisers as to how many consumers have "clicked" on their advertising banners. When using our Apps we may track your behaviour with Google Analytics, Facebook Analytics or Fabric.io but all the above information, and any other general information about our users that we share with advertisers and other partners, will not contain any personal information about you.

Opting out

You can ask us to stop sending you marketing messages at any time by following the opt-out links on any marketing message we send to you, or by sending an email to us a theorytestsmart@gmail.com .

Links to other websites

Our Site and Apps may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements or how they collect and store data nor for how long they retain it. When you leave our Site and Apps, we encourage you to read the privacy notice of every website you visit.

How and where do we store your personal information?

  1. All personal information we collect from you is stored on secure servers.

  2. The personal information that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by contractors or staff operating outside the EEA who work for us or for one of our suppliers. Such contractors or staff may be engaged in, among other things, the provision of support services. By submitting your personal information, you agree to this transfer, storing or processing. If your personal information is shared, you can expect a similar degree of protection from those third parties in respect of your personal information, as we require third parties to respect the security of your data and to take appropriate measures to protect your personal information in line with this Policy.

  3. We utilise robust security measures to protect our users, and the communication between our users and our infrastructure is always encrypted and transmitted via HTTPS. Notwithstanding, the transmission of information via the internet is never completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Site or Apps; any transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorised access.

How long do we keep your information?

  1. We will only retain your personal information for as long as necessary for the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements, and for the uses set out in this Policy. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements. In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

  2. If your emails to us have been completely dealt with or your requests for support have been fully answered we will usually delete your personal information within six months or alternatively we may anonymise the personal information we hold about you.

Disclosure by us of your information

  1. We may disclose your personal information:

    1. to third parties to whom you have provided your consent in order that they will be able to prepare or send any communications to you;

    2. to assist us in connection with any of our administrative or business functions, or in the provision of any of our services and/or products to you (including, but not limited to, companies who support our Site, our Apps, our business systems, and/or our marketing, advertising, and data processing);

    3. in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer;

    4. if Glenmax Limited, or substantially all of its assets, are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets;

    5. if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Terms of Use and other agreements; or to protect the rights, property, or safety of Glenmax Limited, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction;

  2. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not permit our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

Data security

  1. We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

  2. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Your rights

  1. How can I access the information that you hold about me?
    Under the GDPR you have the right to access information we hold about you (commonly known as a "data subject access request") free of charge. If you would like a copy of this information, please email us at privacy@glenmax.com.

  2. What if I don't want you to hold my information any more?
    You have the right to ask us not to process your personal data at all.
    You also have the right to ask us merely not to process your personal data for marketing purposes. You can exercise your right to prevent such processing by marking your preferences on the forms we use to collect your data, by following the opt-out links on any marketing message we send to you and you can also exercise this right at any time by contacting us at privacy@glenmax.com.

  3. Can I change the information you hold about me?
    Where you have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent. To withdraw your consent, please contact us on
    theorytestsmart@gmail.com . Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.

  4. Under certain circumstances you also have the right to:

    1. Request access to the personal information that we hold about you. This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

    2. Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us. It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes.

    3. Request erasure of your personal information where there is no good reason for us continuing to process it.

    4. Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes.

    5. Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of your personal data in the following scenarios:

      1. if you want us to establish the data's accuracy;

      2. where our use of the data is unlawful but you do not want us to erase it;

      3. where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or

      4. you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

    6. Request the transfer of your personal information to you or to a third party.
      If you want to contact us with regards to the information we hold about you pursuant to your rights set out in this Clause 12, please do so by emailing us at
      theorytestsmart@gmail.com . You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

  5. We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.