Fastlane

Certification Weeks Privacy Policy

Entity: ITLS Information Technology Learning Solutions (ITLS UAE)
Effective Date: July 1, 2025
Contact: [email protected]

  1. Scope

This Privacy Policy explains how ITLS UAE processes your personal information when you register for and participate in CertWeeks training programs.

  1. Data We Collect
  • Registration data: name, business email, employer, role, country.
  • Participation data: session selection, attendance records, completion status.
  • Program data: voucher allocation/usage, labs, survey responses.
  • Technical data (for virtual events): join/leave times, IP or device information (minimised).
  1. Purpose and Legal Basis

We process your data for:

  • Managing registration and delivering the training (performance of contract).
  • Program administration, security, and fraud prevention (legitimate interests).
  • Reporting outcomes to Microsoft (legitimate interests, minimised).
  • Sharing data with your employer (see below) for training verification and HR development, where participation is linked to your professional role or facilitated/sponsored by your employer (legitimate interests, in line with applicable laws).
  • Sending follow-up communications about related training (with consent or as permitted by law).
  1. With Whom We Share Your Data
  • Microsoft Corporation and affiliates, where necessary for program reporting and quality assurance.
  • Your employer/partner, where relevant to your participation, for purposes of verifying attendance, supporting certification, and HR development.
  • Fast Lane / ITLS affiliates involved in delivering the program.
  • Service providers (event platforms, survey tools, email services) under appropriate contracts.
  • Authorities, where required by law.

Data minimisation: Only the minimum necessary data (name, employer, session/track, attendance/completion status) will be shared. Personal phone numbers or private email addresses will not be shared.

  1. International Transfers

Where data is transferred outside the UAE or EU, appropriate safeguards will be applied, such as contractual clauses or equivalent measures, in compliance with UAE PDPL and, where relevant, the EU GDPR.

  1. Retention
  • Registration and attendance records: up to 24 months after the event.
  • Consent or compliance records: up to 36 months.
  • Anonymised data may be retained longer.
  1. Your Rights

You may request access, correction, deletion, restriction, portability, or object to processing, in line with applicable data protection laws (including UAE PDPL and, where relevant, GDPR).
Contact: [email protected].

  1. Security

We implement appropriate technical and organisational measures, including encryption, access controls, and secure file transfers.

  1. Children

CertWeeks are designed for adult professionals. We do not knowingly process children’s data.

10. Updates

We may update this policy from time to time. Updates will be published with a revised effective date.