header image

Privacy policy

Last update: 2025-12-23

1. Introduction

This Privacy Policy explains how Linaro Group Ltd ("Linaro", "we", "us", "our") collects, uses, stores, and protects personal data when you interact with:

This policy applies to both business and individual learners.

Relationship to the main Linaro Privacy Policy:
The Privacy Policy published on linaro.org describes Linaro’s general privacy practices. This Privacy Policy applies specifically to training and learning services provided through training.linaro.org and learn.linaro.org and governs where there is any difference in scope or detail.

2. Data Controller

Linaro Group Ltd
Registered in England and Wales

Registered Office:

Harston Mill, Royston Road, Harston, Cambridge, CB22 7GG, United Kingdom

Linaro acts as the data controller for personal data collected through its websites and training platforms.

3. Regulatory Framework and Compliance

Linaro processes personal data in accordance with applicable data protection laws, including:

  • UK General Data Protection Regulation (UK GDPR)
  • Data Protection Act 2018
  • EU General Data Protection Regulation (EU GDPR), where applicable
  • Applicable United States and Canadian privacy and anti-spam laws where relevant

To achieve these aims, Linaro follows the code of practice and guidance issued by the UK Information Commissioner’s Office (ICO), including guidance issued under section 51 of the Data Protection Act and its successors.

4. Personal Data We Collect

4.1 Information You Provide Directly

When registering for training, accessing learning content, purchasing training, or contacting us, we may collect:

  • Name
  • Email address
  • Billing address and country
  • Telephone number
  • Organization and job title, where provided
  • Training enrollment details
  • Course attendance, progress, completion status, and assessment results
  • Communications with instructors, administrators, or support staff

4.2 Account and Authentication Data

For training and learning platforms, we may collect:

  • Usernames and account identifiers
  • Authentication metadata, including single sign-on identifiers where enabled
  • Passwords stored only in hashed or otherwise protected form where applicable

4.3 Payment and Transaction Data

Payments are processed by third-party payment providers. Linaro does not store full payment card details.

We may retain:

  • Transaction identifiers
  • Payment status and purchase history
  • Invoicing and tax records required by law

5. Automatically Collected Data

We may automatically collect:

  • IP address
  • Device and browser information
  • Operating system
  • Referring URLs
  • Access timestamps

On training and learning platforms, this may also include:

  • Login history
  • Course access logs
  • Learning activity events required for service delivery, auditing, or certification

6. How We Use Personal Data

We use personal data to:

  • Provide access to training courses and learning platforms
  • Process registrations and payments
  • Deliver instructional content and assessments
  • Issue certificates of completion where applicable
  • Provide service, administrative, and support communications
  • Improve services and platform usability
  • Comply with legal, regulatory, and contractual obligations

Marketing communications:

We may also use your email address to send marketing communications about Linaro training courses, events, and engineering services where permitted by applicable law. You can opt out of marketing communications at any time using the unsubscribe mechanism provided or by contacting us.

Linaro does not sell personal data and does not share personal data for cross-context behavioral advertising.

7. Legal Basis for Processing

Where required under UK GDPR and EU GDPR, personal data is processed on one or more of the following bases:

  • Performance of a contract (training delivery and access)
  • Legitimate interests (platform operation, service improvement, fraud prevention)
  • Legal obligation (tax, accounting, compliance)
  • Consent, where required (for example, certain marketing communications and cookie choices)

8. Third-Party Processors and Service Providers

Linaro uses third-party service providers acting as data processors, including:

  • Arlo (training management and registration)
  • Moodle hosted by Titus Learning (learning management)
  • Stripe (payment processors)
  • AWS (cloud hosting and content delivery providers)

These providers process personal data under contractual obligations requiring appropriate security, confidentiality, and compliance with applicable data protection laws.

9. International Data Transfers

Personal data may be processed or stored outside the United Kingdom or European Economic Area, including in regions where service providers operate.

Where international transfers occur, Linaro applies appropriate safeguards, such as Standard Contractual Clauses or adequacy decisions where applicable.

10. Cookies and Similar Technologies

Cookies and similar technologies are used to:

  • Maintain authenticated sessions
  • Enable core platform functionality
  • Analyze usage and performance
  • Improve user experience

You may manage cookies through your browser settings. Disabling cookies may affect platform functionality.

11. Data Retention

Personal data is retained only for as long as necessary to:

  • Deliver training services
  • Maintain learning and certification records
  • Meet legal, accounting, and audit requirements

Training records may be retained longer where required for certification verification or customer contractual obligations, unless deletion is requested and legally permissible.

12. Your Rights

12.1 UK and EU Users

Subject to applicable law, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request erasure
  • Restrict or object to processing
  • Request data portability
  • Lodge a complaint with the UK Information Commissioner’s Office or your local EU supervisory authority

12.2 United States Privacy Rights

Depending on your state of residence, you may have the right to:

  • Request access to personal data collected about you
  • Request correction of inaccurate personal data
  • Request deletion of personal data
  • Opt out of the sale or sharing of personal data

Linaro does not sell personal information and does not share personal data for cross-context behavioral advertising.

12.3 California Privacy Notice

For residents of California:

  • Linaro does not sell personal information as defined under the California Consumer Privacy Act, as amended by the California Privacy Rights Act
  • You have the right to request access to, correction of, or deletion of your personal information
  • You will not be discriminated against for exercising your privacy rights

13. Automated Decision-Making and Profiling

Linaro does not use personal data for automated decision-making or profiling that produces legal effects or similarly significant effects for individuals.

14. Marketing Email Compliance

When sending marketing emails, Linaro complies with applicable electronic communications and anti-spam laws, including:

  • United Kingdom: Privacy and Electronic Communications Regulations (PECR) and UK GDPR
  • European Union: ePrivacy Directive as implemented by EU member states and EU GDPR
  • United States: CAN-SPAM Act
  • Canada: Canada’s Anti-Spam Legislation (CASL)

Marketing emails are sent only where permitted by applicable law. This may include situations where you have provided consent, or where a lawful “soft opt-in” applies, such as when your email address was collected in connection with the purchase of training services and the marketing relates to similar Linaro training courses or engineering services.

All marketing emails:

  • Clearly identify Linaro as the sender
  • Include a functional unsubscribe mechanism
  • Honor unsubscribe requests within the timeframes required by law

You can opt out of marketing communications at any time using the unsubscribe link in the message or by contacting us.

Service communications, including emails related to training purchases, course access, learning progress, certifications, account administration, and important platform or policy updates, are not marketing communications and may still be sent even if you opt out of marketing messages.

15. Data Security

Linaro implements appropriate technical and organizational measures to protect personal data, including access controls, secure hosting environments, encryption where appropriate, and limiting access to authorized personnel.

16. Children’s Data

Linaro training services are intended for adult and professional learners. Linaro does not knowingly collect personal data from children.

17. Changes to This Policy

This Privacy Policy may be updated periodically. Updates will be published with a revised “Last updated” date.

18. Contact Information

Privacy-related inquiries or requests should be directed to:

privacy@linaro.org