A summary of our terms and conditions relating to all commercial training

Please note that if your company has a national account contract, alternative terms and conditions may apply.

  1. Payment terms

Our standard payment terms are that payment is taken at booking unless otherwise stated. If payment by invoice has been previously agreed, the payment needs to be made 30 days from the date of invoice or prior to the course start date, whichever is sooner.

  1. Credit terms

Our standard credit terms for account customers are 30 days from the date of invoice. Please contact our account team if you wish to be considered to set up a credit account with us. Private individuals shall not be entitled to set up credit accounts with Operational Security Professionals Group Ltd.

  1. Course bookings

Bookings may be made by email, via the Operational Security Professionals Group Ltd website or by a signed letter or via telephone. Telephone bookings must be confirmed in writing upon request. Please quote purchase order numbers where applicable. Alternatively credit card payments can be made via our training page links at eventbrite.

  1. Transfers

Should circumstances mean that you need to transfer to another Operational Security Professionals Group Ltd course, the following charges will apply, dependent on notice given:

  • First transfer, made more than four weeks prior to the course start date – no charge
  • Two to four weeks notice given – 25% of the course fee
  • Less than two weeks notice given – 50% of the course fee.

All transfers must be taken within a period of six months from the original date.

  1. Cancellations and Refunds

Should circumstances mean that you have to cancel your course and are unable to transfer your booking to another date at the time of cancellation, the following charges will apply:

  • More than four weeks prior to the course start date – no charge
  • Two to four weeks prior to the course – 50% of the course fee
  • Less than two weeks prior to the course – full fee.

NB Cancellation must be made in writing and received by Operational Security Professionals Group Ltd by the payment due date.

When you select a OSP Group Ltd course and complete payment, you will be provided access to the course and its first set of topics as well as supporting study material. If you are unhappy with a course, please request in writing a refund within fifteen (15) days of the date, that you were granted access to the course. We will provide you with a full refund for the amount paid. The 15 days’ time-rule for our refunds policy is not applicable to short courses; for example, one-day courses, executive workshops or courses of two-weeks duration or less. In such cases a full or partial refund will be paid subject to agreement between both Parties and taking into account any prior exceptional costs incurred by OSP Group Ltd. Such ‘exceptional costs’ might include, for instance, the booking of Third Party tutors, or provision of additional technology, which might well have been specifically booked for that iteration of course delivery, etc.

  1. Non-attendance

If you do not attend a course, and you have not previously informed us, the full course fee remains payable.

  1. Late arrivals/missed sessions

If you arrive late for a course or are absent from any session, we reserve the right to refuse to accept you for training if we feel you will gain insufficient knowledge or skill in the time remaining. In all such cases, the full course fee remains payable. To conform with requirements for accreditation and certificates, sometimes session participation or assessment submissions will be required in order to achieve accreditation, and these requirements will be outlined in the course handbook.

  1. Unforeseen circumstances

On occasion, unforeseen circumstances may require us to cancel a course. In such circumstances you will be given as much notice as possible and either a free transfer to another course date or a full refund of fees paid.  Operational Security Professionals Group Ltd reserve the right to receive and witness documents that will prove the case for mitigating circumstances and unforeseen circumstances and final rights of appeal will be heard by scheduled meetings of the Executive Board.

  1. VAT

All course fees are subject to the current rate of UK VAT (valid exemptions only).

  1. Distance selling regulations 2000

We abide by the applicable elements of the Distance selling regulations 2000.

  1. Guidelines for students and employers

It is the employer’s responsibility to ensure that students are free from any condition which would affect their capability to undertake their chosen course, and that they have the aptitude to cope with an intensive course of study. We welcome students with disabilities but it remains their employer’s responsibility to ensure that they are appropriately supported in their workplace.

Operational Security Professionals Group Ltd would welcome in advance, for setup purposes, notification of any assistance that a student is likely to need during the running of the course, if we are hosting the course. Our company premises are fully compliant with all Equalities legislation and we also audit any Third-Party venues for full compliance to the UK Equalities Act 2010.

If it is felt that the student doesn’t meet the learning outcomes of the course and or assessment process and is referred, they will be offered a free assessment; if this can be delivered at no-cost to Operational Security Professionals Group Ltd.  If certification and accreditation is awarded by an outside body, then fees to resit exams and referral coursework might be levied plus an administration fee. Any further training or coaching over and above that provided on the course may be charged for.

  1. Fair processing

All information that we hold concerning you will be held and processed by Operational Security Professionals Group Ltd strictly in accordance with the provisions of the Data Protection Act 1998 and the EU General Data Protection Regulation, entering into force during 2018. Please refer to our Privacy Policy for further clarity.

Such data will be used by the organisation to administer our relationship with you as a client. We reserve the right to share information with the our accreditation and awarding bodies as legal monitoring bodies. We will not, without your consent, supply your name and addresses to any [other] third parties except where (1) such transfer is a necessary part of the activities that we undertake, or (2) we are required to do so by operation of law.

As an individual, you have a right under the Data Protection Act 1998 to obtain information from us, including a description of the data that we hold on you. Should

you have any queries concerning this right, please contact our Data Protection Officer at Operational Security Professionals Group Ltd 1st Floor, 2 Woodberry Grove, Finchley, London, N12 0DR


Our Intent.  We are committed to safeguarding the privacy of users to our site and we will only use the information that we collect about you lawfully and in accordance with the Data Protection Act 2018 (the “Act”). 
Changes to Data Protection Legislation.  Data Protection legislation and the Act is currently going through a period of change. The introduction of the European Union’s General Data Protection Regulation (GDPR) UK Data Protection Act (DPA 2018) received Royal Ascent 23 May 2108.  This Privacy Notice is therefore intended to comply with the Act and GDPR but may change over time.
Data Subject’s Terms & Conditions.  This Privacy Notice & Cookie Policy, forms part of our Terms & Conditions and should be read by Data Subjects, i.e. “you,” or any identifiable person using this site and OSP Cyber Online services (see below).
The Data Controller.  This website www.ospcyberacademy.com is owned and operated by Operational Security Professionals Group Ltd (OSP).  References to “we,” “us,” our,” or “the website” are references to Operational Security Professionals Group Ltd. We are a company registered in England & Wales (company number 10611951). Including our sister company OSP Cyber Online Limited a company registered in Scotland (company SC595600)
Data Protection Officer (DPO).  OSP’s DPO is Richard Preece.  The OSP DPO fulfils a number of roles, one of which is to be the primary and independent point of contact for Data Subjects.  The mechanism for Data Subjects to raise concerns regarding the processing of their personal data by OSP is to email: info@ospcyberacademy.com , or telephone t:   + 44 (0) 1224 083 143  ; or send a letter by registered mail to 1st Floor, 2 Woodbury Grove, Finchley, London, N12 0DR or UK Head Office Suite 2, First Floor, Innovation HouseHowe Moss Road, Aberdeen, АВ21 0ER
 which point the inquiry will be forwarded to the DPO for action.
Purpose of Processing Personal Data.  We collect personal data for two reasons. Firstly, to process your order and secondly, to provide you with the best possible service, including providing promotions on behalf of our third party partners.
Lawful Basis of Processing Personal Data. The lawful basis of processing your personal data are as follows:
  • Legitimate Interest. As part of general marketing activities, OSP’s Legitimate Interest is to collect your personal data when you visit this website.
  • Consent. Once you have agreed to this Privacy Notice & the Cookie Policy of our Terms & Conditions, we will process your personal data on the basis of Consent.
  • Contract. Once you have started the process of booking a course or event, we will process your personal data on the basis of a Contract, even if the process hasn’t been completed.
Categories of Personal Data Processed.   The information we hold should be accurate and up to date. The personal information which we hold will be held securely in accordance with our internal security policy and the law.  The type or categories of personal data we will collect about you includes your:
  • Name;
  • Postal address;
  • Email address; and
  • Credit / debit card details. You card details are not stored on our website, or elsewhere. They are used only when entered at the time of ordering to process the transaction, however they are stored securely by PayPal.
Category of Recipients of Personal Data.  Your name, email and postal address will be passed to venue hosts as part of training courses that you have booked to attend for the purpose of administration, safety and security.  This may include supplementary information regarding any dietary requirements that you may have.
Transfer of Personal Data Outside the EEA (European Economic Area).  Personal data will only be transferred outside the EEA or other areas of adequacy determined by the EU, to support the administration of training taking place in those countries.  If this is required, consent will be explicitly requested from you.
Sensitive Personal Data.  We will never collect sensitive personal data about you without your explicit consent and a clear explanation why it is required.
Sale or Passing of Personal Data to Third Parties.  We will not sell or pass your personal data to any company.
Retention of Personal Data.  We will retain your personal data to support our records for 3 years to support our obligations to HMRC, and for reference of attendance and quality assurance of courses.  Once this period is reached we will securely dispose of your personal data.
Data Subject’s Rights.  Under the Act and in even more so under the GDPR you have a number of Rights which we have outlined below:
  • Right of Access. You are entitled to access your personal data so that you are aware of and can verify the lawfulness of the processing.  This is achieved through the mechanism of Subject Access Rights (SAR) and you have the right to obtain:
    • Confirmation that your data is being processed;
    • Access to your personal data (a copy); and
    • Other supplementary information, which corresponds to the information in this privacy notice.
Fees and Timings.  Under GDPR and from 25 May 2018, this information will be provided without charge; without delay and within one month.  If an extension is required or requests are considered manifestly unfounded or excessive, in particular because they are repetitive, OSP may choose to: charge a reasonable fee taking into account the administrative costs of providing the information; or refuse to respond.  The reasons for this will be formally notified to you and your rights to appeal to the appropriate supervisory authority will be highlighted.
Identify Verification.  To protect your personal data, OSP will seek to verify your identity before releasing any information, which will normally be in electronic format.
  • Right of Rectification. You are entitled to have personal data rectified if it is inaccurate or incomplete. OSP will respond within one month of your request. In the unlikely event OSP does not take action to the request for rectification, OSP will inform you of your rights to complain or seek judicial remedy.
  • Right of Erasure. You may request the deletion or removal of personal data where there is no compelling reason for its continued processing. The Right to Erasure does not provide an absolute ‘right to be forgotten,’ especially once the processing is based upon a contract.  However, you do have a right to have personal data erased and to prevent processing in specific circumstances:
    • Where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed;
    • When you withdraw consent (and this is the basis of processing);
    • When you object to the processing and there is no overriding legitimate interest for continuing the processing;
    • The personal data was unlawfully processed;
    • The personal data has to be erased in order to comply with a legal obligation; and
    • The personal data is processed in relation to the offer of information society services to a child, which OSP does not provide.
  • Right to Restrict Processing. Under the Act, you have a right to ‘block’ or suppress processing of personal data. The restriction of processing under the GDPR is similar. When processing is restricted, OSP is permitted to store the personal data, but not further process it.  In this event exactly what is held and why will be explained to you.
  • Right to Data Portability. You may request to obtain and reuse your personal data for your own purposes across different services.  This allows you to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability. The Right to Data Portability only applies:
  • To personal data you have provided to OSP;
  • Where the processing is based on your consent or for the performance of a contract; and
  • When processing is carried out by automated means.
In these circumstances OSP will provide a copy of your data in CSV format, free of charge, without undue delay and within one month.   If there is a delay to this, you will be informed.
  • Right to Object. You have the right to object to:
    • Processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);
    • Direct marketing (including profiling); and
    • Processing for purposes of scientific/historical research and statistics.
OSP do not participate in the first and third activities, however do conduct marketing activities as explained above.
  • Automated Decision Making and Profiling. OSP does not employ any automated decision-making or conduct profiling of Data Subjects.  However, if you have consented to be held on our Customer Relationship Management (CRM) data base we may periodically send you marketing information so that you are informed of upcoming events, training and updates to information within the membership forum.  These will be automated but they do not involve automated decision-making or profiling.
Our Policies

DETAILED PRIVACY POLICY In this Privacy Policy (“Policy”), we describe the information that we collect from users of our Site. This Policy applies to our website www.ospcyberacademy.com (the “Site”) and the Products that we offer or make available through the Site. By using the Site and purchasing a Product, you agree that your personal information will be handled as described in this Policy, which is incorporated by reference into the OSP Terms and Conditions, available to view here.

What Information Do We Collect About You and Why?  The information we collect from you enables us to fulfil your request for our products – namely, to send you products that you order and receive – to send you information or content in which you may be interested, and keep you abreast of any updates related to our Site. We also use this information to personalise and continually improve our Site.

Information We Collect Directly From You.   You may browse our Site without registering. If you would like to place an order, then we require you to register with us and become a member on our Site so that we can fulfil your request. To register with us, we request your name and email address. As a part of the registration process, we will also ask you to select a password. In certain circumstances, such as when making a purchase, we will request that you provide your credit or debit card information and your billing and shipping address.

Information We Collect Automatically.  On our Site, we may use cookies, web beacons, and other automated devices to collect information about you when you visit our Site and register for the Site. Specifically, we may collect the following information about your use of the Site via these technologies: your domain name; your browser type and operating system; web pages you view; links you click; your IP address; length of time you visit our Site; and the referring URL, or the webpage that led you to our Site.

We may also use automated devices and applications, such as Google Analytics and Facebook Insights, to track usage of our Site. We may use the information gathered through these methods in anonymous or aggregated form to analyse ways to improve our Site. This information may also be associated with your username or email address and may be combined with other information, including personally identifiable information that we collect about you.

Clear GIFs, Pixel Tags and Other Technologies.  Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your computer’s hard drive, clear GIFs are embedded invisibly on web pages. We may use clear GIFs (a.k.a. web beacons, web bugs or pixel tags), in connection with our Site to, among other things, track the activities of Site visitors, help us manage content, and compile statistics about Site usage. We and our third party service providers also use clear GIFs in HTML e-mails to our customers, to help us track e-mail response rates, identify when our e-mails are viewed, and track whether our e-mails are forwarded.

Site Analytics.  As noted, we may use automated devices and applications, such as Google Analytics, to evaluate usage of our Site. We also may use other analytic means to evaluate our Site. We use these tools to help us improve our Site, performance and user experiences.

How Do We Use Your Information?  We use the information that we gather about you for the following purposes:
  • To fulfil your orders or otherwise provide services related to your Account to you, to communicate with you about your use of our Site, your Account and/or products that we offer or make available through the Site, and for other customer service purposes.
  • To respond to any inquiries, you submit to us.
  • To carry out or enforce a transaction or agreement with us.
  • To operate and improve the Site.
  • Where permitted by law, for marketing and promotional purposes; for example, we may use your information, such as your email address, to email you news and our newsletters, special offers, and promotions.
  • To better understand how users access and use our Site and Account, both on an aggregated and individualised basis, for the purposes of improving our Site.

Third Party Website Links. Our Site may contain links to other third party websites. Any access to and use of such linked websites is not governed by this Policy, but, instead, is governed by the privacy policies of those third party websites, and we are not responsible for the information practices of such third party websites.

How We Secure Information About You.  We have implemented commercially reasonable precautions, including, where appropriate, password protection, encryption, SSL, firewalls, and internal restrictions on who may access data to protect our Site and the information we collect from loss, misuse, and unauthorised access, disclosure, alteration, and destruction. Please be aware that despite our best efforts, no data security measures can guarantee 100% security all of the time.

You should take steps to protect against unauthorised access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a password that nobody else knows or can easily guess, and keeping your password private. Also, you should never share your log-in information with others. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorised password activity. To change your Facebook password, you must go to the Facebook site and follow its procedures for changing your password.

Changing Personal Information?  You may modify any personal information that you have submitted by logging into the ‘My Account’ page and updating ‘Edit My Address’. Please note that copies of information that you have updated, modified or deleted may remain viewable in cached and archived pages of the Site for a period of time.

Emails.  We may send periodic emails to interested users regarding various promotions or other information that we believe may be of interest to our users. If we send you any news and newsletters, special offers, promotions or other information we think may interest you, you may tell us to stop sending you such e-mail communications by following the opt-out instructions contained in any such e-mail. Please note that it may take up to ten (10) days for us to process opt-out requests. Please note if you opt-out of receiving emails about recommendations or other information we think may interest you, we may still send you e-mails about your account you have requested or received from us.


Terms and conditions for use of this website

  • These terms of use tell you the terms on which you may make use of any our websites (www.ospcyberacademy.comwhether as a guest or a registered user. Use of our site includes accessing, browsing or registering to use our site.
  • Please read these terms of use carefully before you start to use our site, as these will apply to your use of the site. We recommend that you print a copy of this for future reference.
  • By using our site, you confirm that you accept these terms of use and that you agree to comply with them.
  • If you do not agree to these terms of use, you must not use our site.
  • The following additional terms, which can be accessed from the home page of our site, will also apply to your use of our site:
    • Our Privacy Policy, which sets out the terms on which we process any personal data we collect from you or that you provide to us. By using our site you consent to such processing and you warrant that all data you provide is accurate.
    • Our Cookie Policy, which sets out information about the cookies on our site.
  • If you purchase goods or services from our site, the transaction will be covered by our Terms and Conditions for Purchasing Goods or Services, which may also be accessed from the homepage of our site; you will be notified of any additional terms and conditions that may apply to specific transactions.
 Information about us

Changes to these terms and our site, and access to our site

  • We may revise these terms of use at any time by amending this page. Please check this page from time to time to take notice of any changes we make as they are binding on you.
  • We may update our site from time to time and change the content at any time. However, please note that any of the content on our site may be out of date at any given time, and we are under no obligation to update it.
  • We do not guarantee that our site or any content on it will be free from errors or omissions.
  • We do not guarantee that our site or any content on it will always be available or be uninterrupted. Access to our site is permitted on a temporary basis. We may suspend, withdraw, discontinue or change all or any part of our site without notice. We will not be liable to you if for any reason our site is unavailable at any time or for any period. You are responsible for making all arrangements necessary for you to have access to our site.
  • In order to ensure that this website remains available to all users, we may monitor network traffic to identify unauthorised attempts to upload or change information, or to otherwise cause damage to the site. Anyone using this site expressly consents to such monitoring.
  • Unauthorised attempts to modify, alter, deface, destroy or corrupt any information stored on this site or this system, to defeat or circumvent any security features, to probe, scan or test for vulnerabilities, to breach security or authentication measures, to forge TCP/IP headers, to install or attempt to install unauthorised software, to mount denial-of-service attacks, or to utilise this system for other than its intended purposes are expressly prohibited and may result in criminal prosecution.
  • Any possible criminal activity will be reported, together with any evidence that may be gathered, to the appropriate authorities.
  • If you choose or are provided with a user identification code, password or any other piece of information as part of our security procedures, you must treat such information as confidential. You must not disclose it to any third party. We have the right to disable any user identification code or password whether chosen by you or allocated by us at any time if in our reasonable opinion you have failed to comply with any of the provisions of these terms of use.

Disclaimer of endorsement

  • This site, and documents posted on it, may contain hypertext links or pointers to information created and maintained by other public and private organisations. We do not guarantee the accuracy, relevance, usefulness, timeliness or completeness of any linked information.
  • The inclusion of links or pointers to other sites is not intended to assign importance to those sites and the information contained in them, nor is it intended to endorse, recommend or favour any views expressed, or commercial products or services offered on those sites, or the organisations sponsoring the sites, by trade name, trademark, manufacture or otherwise.
  • Reference on this site to any specific commercial products, processes or services, or the use of any trade, firm or corporation name is for the information and convenience of the site’s visitors, and does not constitute endorsement, recommendation or favouring by the Company.
  • The views expressed by any individual within any web forum are the views of that individual only and do not reflect or represent in any way the views of the Company.
  • All content on this site, and all content of any documents provided to visitors or clients is our property, or that of another original copyright holder, unless stated otherwise.
  • No user may copy, modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, display, or in any way exploit any of the content, in whole or in part, except with our express written agreement or that of the original copyright holder. These copyright terms apply to all books and other products purchased from this site, or acquired in any format by accessing our sites.
 Limitation of liability
  • Nothing in these terms of use excludes or limits our liability for death or personal injury arising from our negligence, or our fraud or fraudulent misrepresentation, or any other liability that cannot be excluded or limited by English law.
  • To the extent permitted by law, we exclude all conditions, warranties, representations or other terms that may apply to our site or any content on it, whether express or implied.
  • We will not be liable to any user for any loss or damage, whether in contract, tort (including negligence), breach of statutory duty, or otherwise, even if foreseeable, arising under or in connection with:
    • use of, or inability to use, our site; or
    • use of or reliance on any content displayed on our site.
  • If you are a business user, please note that, in particular, we will not be liable for:
    • loss of profits, sales, business or revenue;
    • business interruption;
    • loss of anticipated savings;
    • loss of business opportunity, goodwill or reputation; or
    • any indirect or consequential loss or damage.
  • We will not be liable for any loss or damage caused by a virus, distributed denial-of-service attack, or other technologically harmful material that may infect your computer equipment, computer programs, data or other proprietary material due to your use of our site or to your downloading of any content on it, or on any website linked to it.
  • We assume no responsibility for the content of websites linked on our site. Such links should not be interpreted as endorsement by us of those linked websites. We will not be liable for any loss or damage that may arise from your use of them.
  • Different limitations and exclusions of liability will apply to liability arising as a result of the supply of any goods by use to you, which are set out in our terms and conditions of supply.


Website artwork accreditation:

Designed by Freepik
Designed by Freepik
Designed by Freepik
Designed by Freepik