Privacy policy

No personal data is gathered automatically by visiting this website.

If you do contact 2040, you will not be added to the 2040 mailing list unless you actively consent to do so. You can opt out at any time.

If you contact 2040, your data will not be used for any purpose other than the need to deal with your enquiry or make bookings that you ask for.

Your data will not be passed to any other data controllers or individuals, and it will not be retained after any work is completed and any invoices are paid, unless you consent to do so, or 2040 has a legal obligation to retain the data. This is likely to involve your name to be retained for seven years for tax purposes, if your name features on any invoices or purchase orders. Emails and other correspondence are purged after one year. Invoices or other data with your name on may be accessed by 2040’s accountant for the purposes of paying tax and other legal requirements, but the data will not be used by them for any other purposes.

Your data will be stored in the UK.

You can exercise any of your data protection rights to 2040 Training.

Your rights are:

  • a right of access to your personal data held by 2040
  • a right to rectify any personal data held by 2040 that you believe is incorrect
  • a right to erase any personal data that 2040 no longer has a legitimate purpose to process
  • a right of access to a machine readable version of your data, as long as you have provided it or 2040 has observed it via your use of a service. This is legally only applicable to data provided with your consent or under a contract, but we will endeavour to give you a portable version of any of your data should time and technology allow
  • a right to stop 2040 processing any of your data that it does not have a legal or contractual obligation to process
  • a right to prevent any wholly automated decisions involving your data – but rest assured, 2040 does not use wholly automated decision-making techniques

To exercise any of these rights, please contact 2040 Training does not meet the GDPR requirement to appoint a Data Protection Officer and we are not dumb enough to pretend that it matters that we have done so, but your request will be personally handled by someone with 17 years of Data Protection experience, who probably knows enough to get by.

Bear in mind that you will need to prove your identity before getting access to your data or exercising your other rights. This may be achieved by providing a proof of ID (which will not be retained) or providing contextual information that proves you are who you say you are.

If you have any concerns about 2040’s handling of your personal data, you can raise these with Tim Turner, but you have a right to make a complaint to the Information Commissioner. See their website: