.png){kind=small}
Privacy Policy
HelixOneGlobal
Effective Date: 28 January 2026
Privacy Policy
HelixOneGlobal — master privacy policy covering all brands, including Helix4HE, The Future Skills College, and Cantorin
Effective Date: 28 January 2026
Last Updated: 28 January 2026
Applies to: HelixOneGlobal and all relevant brands, including Helix4HE, The Future Skills College, and Cantorin
Data Controller: HelixOneGlobal
Contact: info@helixoneglobal.com
1. Introduction
HelixOneGlobal is committed to protecting personal data and handling it responsibly, fairly, and transparently.
This Privacy Policy explains how personal data is collected, used, stored, shared, and protected when people interact with HelixOneGlobal and its brands, websites, products, services, courses, content, communities, and business activities.
This Privacy Policy applies across all HelixOneGlobal brands, websites, and related activities, including but not limited to HelixOneGlobal, Helix4HE, The Future Skills College, and Cantorin.
It also applies to different categories of people who interact with HelixOneGlobal, including:
• website visitors and members of the public
• customers, learners, and purchasers
• clients and prospective clients
• Advisory Board members and prospective Advisory Board members
• job applicants, employees, and former employees
• suppliers, contractors, collaborators, and other business contacts
This Privacy Policy should be read alongside any other privacy information that may be provided in particular situations.
2. Data Controller
HelixOneGlobal is the data controller responsible for personal data covered by this Privacy Policy.
Questions about this Privacy Policy or about how personal data is handled may be directed to: info@helixoneglobal.com.
Where relevant, the relevant brand may also be contacted directly:
• Helix4HE: info@helix4he.com
• The Future Skills College: info@thefutureskillscollege.com
• Cantorin: info@cantorin.com
3. Who This Policy Covers
Depending on how you interact with HelixOneGlobal, personal data may be processed in relation to you as one or more of the following:
• a visitor to one of the HelixOneGlobal websites
• a subscriber to newsletters, blog updates, or mailing lists
• a learner, customer, purchaser, or account holder
• a client or prospective client
• an Advisory Board member or prospective Advisory Board member
• an applicant for a role, project, contract, or collaboration
• an employee or former employee
• a supplier, contractor, partner, or professional contact
• a person who contacts HelixOneGlobal with an enquiry, comment, complaint, or request
4. What Personal Data May Be Collected
The personal data collected depends on the nature of your relationship with HelixOneGlobal.
4.1 Information you provide directly
– name
– email address
– telephone number
– postal and billing address
– organisation, institution, or employer
– job title or professional role
– account login details
– purchase, enrolment, booking, or order information
– payment and billing information processed via third-party providers
– communications including emails, enquiries, complaints, feedback, and support requests
– content voluntarily submitted, such as testimonials, reviews, comments, articles, biographies, headshots, or other profile materials
– CVs, covering letters, applications, references, and recruitment-related information
– information provided when joining a board, network, community, webinar, course, event, or programme
4.2 Information collected automatically
– IP address
– browser type and version
– device type and operating system
– referral source, pages viewed, links clicked
– dates and times of visits
– session and usage data
– cookies and similar tracking data
4.3 Learning, course, or account data
– enrolment records and learning progress
– quiz or assessment results and completion status
– certificates or badges issued
– support interactions and platform activity relevant to the delivery of learning or digital services
4.4 Data from third parties
Personal data may be received from third parties such as payment providers, learning platform providers, analytics providers, fulfilment or merchandise partners, recruitment platforms or referees, and public professional sources such as LinkedIn or institutional websites, where relevant to recruitment, networking, or advisory appointments.
5. How Personal Data Is Used
Personal data is used only where there is a valid reason to do so.
5.1 Website visitors and members of the public
– operate, maintain, and improve the websites
– respond to enquiries or requests
– manage subscriptions to updates or newsletters
– monitor usage and performance
– maintain website security and administer cookies and preferences
5.2 Customers, learners, and purchasers
– create and manage accounts
– process orders, payments, bookings, and enrolments
– provide access to courses, communities, digital products, events, or services
– track learning progress and provide certificates, badges, or achievement records
– provide customer and learner support
– send service messages, account notices, and transactional communications
– manage refunds, complaints, and disputes
– deliver merchandise or physical goods where relevant
5.3 Clients and prospective clients
– respond to enquiries
– prepare proposals, contracts, and project documentation
– manage client relationships and communications
– deliver consulting, advisory, creative, educational, or strategic services
– invoice and administer payments
– maintain records of projects and business communications
5.4 Advisory Board members and prospective members
– assess suitability for Advisory Board membership
– communicate regarding appointment, meetings, and related activities
– maintain internal records and organise board activities
– publish or use approved professional profile information — such as name, title, biography, affiliation, photograph, or headshot — in connection with HelixOneGlobal and its relevant brands
– promote board-related activities, thought leadership, and organisational communications
5.5 Job applicants, employees, and former employees
– assess applications and suitability for roles
– communicate during recruitment and carry out referencing and onboarding
– administer employment, payroll, benefits, tax, pension, performance, and compliance matters
– maintain HR records and manage internal operations, wellbeing, training, and legal obligations
5.6 Suppliers, contractors, and business contacts
– communicate about services, projects, and contracts
– manage procurement and supplier relationships
– administer accounts and payments and maintain records of business interactions
5.7 General business purposes
– keep records and protect the business, users, and systems
– detect and prevent fraud, misuse, or security incidents
– enforce contracts, policies, and terms
– defend or pursue legal claims
– comply with legal, tax, accounting, regulatory, and reporting requirements
6. Lawful Bases for Processing
Under the UK GDPR and the Data Protection Act 2018, a lawful basis is required for processing personal data. Depending on the context, one or more of the following apply:
6.1 Performance of a contract
Where processing is necessary to provide services, courses, products, accounts, communities, or events; process orders and payments; manage enrolment, access, bookings, and delivery; or take steps at your request before entering into a contract.
6.2 Legitimate interests
Where processing is necessary for the legitimate interests of HelixOneGlobal, provided those interests are not overridden by your rights and freedoms. This may include operating and improving websites, services, and brands; managing enquiries and relationships; maintaining records; network-building and business development; ensuring IT and information security; preventing fraud and misuse; and certain limited forms of direct marketing where legally permitted.
6.3 Consent
Where you have given clear consent — for example, to receive certain marketing communications; to allow non-essential cookies; to publish testimonials, reviews, headshots, biographies, or other content; or where consent is otherwise required by law. Consent may be withdrawn at any time, but this does not affect processing already carried out lawfully before withdrawal.
6.4 Legal obligation
Where processing is necessary to comply with legal or regulatory obligations, such as tax, accounting, employment, data protection, fraud prevention, and responding to lawful requests.
6.5 Establishment, exercise, or defence of legal claims
Where necessary to protect the legal rights of HelixOneGlobal.
7. Marketing Communications
Marketing communications about HelixOneGlobal and its brands may be sent where legally permitted to do so. For electronic marketing such as email or text, the UK GDPR and the Privacy and Electronic Communications Regulations (PECR) will be complied with. In some cases this will require consent; in other cases, for existing customers, the soft opt-in may be relied upon where its requirements are met.
You can opt out of marketing communications at any time by clicking the unsubscribe link in a marketing email or by contacting info@helixoneglobal.com. Opting out of marketing does not affect service, transactional, legal, or account-related communications necessary for the provision or administration of services.
8. Who Personal Data Is Shared With
Personal data is not sold. It may be shared, where appropriate and necessary, with:
• payment processors
• website hosts and IT providers
• learning platform providers
• email and newsletter service providers
• analytics providers
• fulfilment and delivery partners
• professional advisers such as lawyers, accountants, insurers, and auditors
• recruitment support providers
• contractors and service providers working on behalf of HelixOneGlobal
• regulators, public authorities, courts, law enforcement, or other third parties where required by law or necessary to protect legal rights
Where third-party processors are used, they are expected to protect personal data and use it only for authorised purposes.
9. International Transfers
Some service providers may process personal data outside the United Kingdom. Where personal data is transferred internationally, steps are taken to ensure that appropriate safeguards are in place — such as transfers to countries recognised as providing adequate protection, the use of approved contractual safeguards, or other lawful transfer mechanisms recognised under applicable data protection law.
10. How Long Personal Data Is Kept
Personal data is retained only for as long as reasonably necessary for the purposes for which it was collected, including legal, regulatory, tax, accounting, operational, and record-keeping purposes. Typical retention periods include:
• Website enquiries and general correspondence: up to 3 years after the last substantive contact
• Customer account data: while the account remains active and for a reasonable period afterwards
• Transaction and order records: normally at least 6 years where required for accounting or tax purposes
• Learning records, certificates, and badges: for as long as reasonably necessary to evidence participation, issue replacements, or verify achievements
• Marketing preferences: until unsubscribed, consent withdrawn, or the data is no longer needed
• Advisory Board records: for the duration of the appointment and for a reasonable period afterwards for record-keeping, legal, and archival purposes
• Recruitment records: for a reasonable recruitment retention period unless longer retention is required or justified
• Employment records: in accordance with legal, tax, employment, pension, and business record requirements
• Supplier and contractor records: for the duration of the relationship and for an appropriate period afterwards
Where personal data is no longer needed, it will be deleted securely or anonymised.
11. Cookies and Similar Technologies
The HelixOneGlobal websites may use cookies and similar technologies to make websites function properly, remember preferences, measure usage and performance, support analytics, and support marketing and content delivery where applicable.
Cookies that are strictly necessary for the operation of the website do not require consent. Non-essential cookies, such as analytics or marketing cookies, should generally only be set where the user has given appropriate consent. Cookies can be managed through the cookie banner or preference tool where available, and through browser settings. Please note that disabling some cookies may affect website functionality.
12. Data Security
Appropriate technical and organisational measures are taken to protect personal data against unauthorised or unlawful processing and against accidental loss, destruction, or damage. These measures may include encrypted website connections, secure payment handling through third-party providers, access controls, role-based restrictions, system monitoring, secure storage and deletion practices, and periodic security review.
No internet transmission or electronic storage system can be guaranteed to be completely secure, but reasonable steps are taken to reduce risk.
13. Children’s Data
Unless expressly stated otherwise for a particular service, the HelixOneGlobal websites, brands, products, and services are generally directed at adults and professional users. Personal data from children is not knowingly collected where this is not intended. If it comes to light that personal data from a child has been collected inappropriately, steps will be taken to delete it or otherwise deal with it lawfully.
If any HelixOneGlobal brand later offers services intended for younger users, this Privacy Policy may be supplemented by a brand-specific notice.
14. Third-Party Links and Platforms
The HelixOneGlobal websites, courses, communities, and content may include links to third-party websites, platforms, or services. HelixOneGlobal is not responsible for the privacy practices of those third parties. You are encouraged to read their privacy notices before providing personal data to them.
15. Your Rights
Under UK data protection law, you may have rights including:
• the right to be informed
• the right of access
• the right to rectification
• the right to erasure
• the right to restrict processing
• the right to data portability
• the right to object
• rights relating to automated decision-making where applicable
• the right to withdraw consent where consent is the lawful basis
A response will normally be provided within the time required by law. Proof of identity may be requested before actioning a request. To exercise your rights, contact: info@helixoneglobal.com.
16. Complaints
If you have concerns about how personal data is handled, please contact HelixOneGlobal first so that there is an opportunity to address them. If you remain dissatisfied, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection matters.
ICO website: ico.org.uk
ICO telephone: 0303 123 1113
17. Changes to This Privacy Policy
This Privacy Policy may be updated from time to time to reflect changes in law, guidance, business operations, technology, or the services and brands of HelixOneGlobal. The latest version will always be available on the relevant website with the updated effective date. Where changes are significant, notification may also be given by email or by a notice on the relevant website.
18. Contact Details
For any questions about this Privacy Policy or to exercise your rights, please contact:
Organisation: HelixOneGlobal
Email: info@helixoneglobal.com
Helix4HE: info@helix4he.com
The Future Skills College: info@thefutureskillscollege.com
Cantorin: info@cantorin.com
Websites: helixoneglobal.co.uk | helixoneglobal.com | helix4HE.co.uk | helix4HE.com | cantorinworld.com
Effective Date: 28 January 2026 | Last Updated: 28 January 2026
If you are unhappy with how we have handled your personal data, please contact us first so we can try to resolve your concerns:
Email: info@helixoneglobal.com
If you are not satisfied with our response, you have the right to lodge a complaint with the UK's supervisory authority:
Information Commissioner's Office (ICO)
Website: www.ico.org.uk
Telephone: 0303 123 1113
If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us:
HelixOneGlobal
Email: info@helixoneglobal.com
For course-related queries relating to The Future Skills College:
Email: info@thefutureskillscollege.com
For queries relating to Cantorin:
Email: info@cantorin.com
We aim to respond to all enquiries within 2 business days.
Last Updated: 28 January 2026