Privacy policy

Mayden House Limited trading as iO Academy (We or Us) is committed to protecting and respecting your privacy.

This Policy explains when and why We collect personal information about individuals who visit our website, how We use it, the conditions under which We may disclose it to others and how We keep it secure. It applies to information We collect about visitors to our websites, surveys and job applications. We may change this Policy from time to time so please check occasionally to ensure that you are happy with any changes. We will publish any changes to this Policy on our website, and where practicable will inform you of significant updates before they take effect via our website. By using our website, you are agreeing to be bound by this Policy and our Terms and Conditions. If you do not accept this Policy, you should stop using our website immediately.

Any questions regarding this Policy and our privacy practices should be sent by email to info@mayden.co.uk or by contacting our Data Protection Officer at:

Mayden House Ltd, The Old Dairy, Melcombe Road, Bath, BA2 3LR


01249 701100.

iO Academy provides technical training to both businesses and individuals, with a focus on technology and supporting people changing careers into the tech industry. The registered address is 1 Widcombe Crescent, Bath, BA2 6AH.

We are registered with the Information Commissioner’s Office as a data controller (which means we make decisions about what personal data we collect from you, and how we use it) under registration number Z5351045.

This Privacy Policy sets out the basis on which any personal information that We collect from you, or that you provide to Us, will be processed by Us. Some of this information will be personal data, which is specifically protected under Data Protection Legislation.

To the extent that you supply Us with personal data about third parties (for example, your employer) you are confirming that you are entitled and authorised to disclose such data to Us and that We are entitled to use such information in the same way that we use information about you as described in this Privacy Policy.

There are a number of ways in which you may provide iO Academy with your personal information. We must have a lawful basis (which means we must have a legal reason) for collecting and using your personal data. There are six legal justifications which organisations can rely on under UK and European law. The most relevant of these to Us are where we use your personal data to:

  • pursue our legitimate interests (our justifiable business aims) but only if those interests are not outweighed by your other rights and freedoms (e.g. your right to privacy); and
  • comply with a legal obligation that we have.

The table below sets out the lawful basis we rely on when we use your personal data. If we intend to use your personal data for a new reason that is not listed in the table, we will update our privacy notice and notify you.

Purpose Category of personal data Lawful basis
Responding to your correspondence with us when you request information about our training courses through a ‘contact us’ form. Identity data 

Contact data

Communication data

Legitimate interest (necessary to provide our services and for product and service improvement purposes)
Progressing your application when you complete the application form to apply for one of our courses, such as the Full Stack Track. Identity data 

Contact data

Profile/image data

Communication data

Legitimate interest (necessary to provide our services)
Responding to, and fixing faults, when you contact Us to make general requests or report faults. Identity data 

Contact data

Communication data

Legitimate interest (necessary for product and service improvement purposes)
Details of your visits to our website (and your computer) allow us to observe where things went right or wrong, and administer, maintain and update our website in order to provide you with a better user experience. Identity data 

Contact data

Profile/image data

Technical data

Legitimate interest (necessary to provide our services and website, monitor and improve network security and prevent fraud)
Taking steps to enter into a contract with you, when you apply for one of our courses and sign up to our terms and conditions. Identity data 

Contact data

Communication data

Legitimate interests (necessary to conclude our contract with our customer and obtain contact details for key personnel)
Providing our services to you (i.e. our courses). Identity data 

Contact data

Communication data

Legitimate interests (necessary to fulfil our service contract with our customer)
Processing payments and collecting and recovering monies owed to us. Identity data 

Contact data

Communication data

Financial data

Legitimate interests (to receive payments or recover monies owed to us)
Sending marketing communications. Identity data 

Contact data

Communication data

Legitimate interests (necessary to promote our services and grow our business)
Notifying you about changes to our privacy policy. Identity data 

Contact data

Communication data

Legal obligation (necessary to comply with our obligations under data protection law)
Retaining information to enable us to bring or defend legal claims. Identity data 

Contact data

Profile/Image data

Communication data

Feedback data

Technical data

Financial data

We collect the following personal information:


When you apply online for a course through the iO Academy website your application is automatically sent as an email to our student assessment team.

Category of personal data Type of personal data Received from
Identity data Full name 


Background (school leaver, career changer etc)

Study confirmation:

  • Residency (Based in UK),
  • Age confirmation (over 18)
Contact data Email address 

Phone number(s)

Communication data Any correspondence we have with you during the progress of your application for an online course. You



If you are invited to attend an assessment, you will be asked to provide further information, as set out below, and undertake an aptitude test where Information will be generated by you and Us. For example, you might complete a written test or We might take interview notes.

Category of personal data Type of personal data From who
Identity data Full name You
Contact data Email address 

Phone number(s)

Communication data Any notes we take from a conversation or interview we conduct with you during an assessment You


Onboarding and graduate outcomes:

Category of personal data Type of personal data From who
Identity data Full name 

Copy of Photo ID

Profile/image data Student profile form includes: 


Gender pronoun

Date of birth

Phone number(s)

Email address

Home address

Emergency contact details (Name, relationship to you, Phone number(s), Email address, Home address

Taster session attendance

Support needs
Allergies, medication, and dietary requirements

Data consent form includes:

Marketing data consent


Guardian name

Biographical information




Financial data Payment Amount 

Payment Date

Payment Status

Communication data Any correspondence we have with you when onboarding you onto one of our courses. You
Feedback data Any correspondence we receive from you when you complete a survey or review, for example: 

  • the company you work for
  • your role with that company
  • your starting salary with that company
  • the location of that company


General website use:

Category of personal data Type of personal data From who
Identity data Created By (User Id) 

Entry Id

Transaction Id

Post Id

User agent

Technical data Source URL
User IP addressUser operating system and browser type. This is statistical data about your  browsing actions and patterns and is collected for system administration purposes and is not personalised to you. This is carried out using Google Analytics.
You (via cookies and other similar technologies)
Communication data Any correspondence we have with you when you use our website or communicate with us via the ‘contact us’ form or a chatbot. You

We do not collect more information than we need to fulfil our stated purposes and will not retain it for longer than is necessary. The information We ask for in relation to our courses is used to assess your suitability for completing a course. You don’t have to provide what We request but it may affect your application if you don’t.

If you are successful but do not attend the course, the information you provide during the application process will be retained by us for a period of two years from when you last applied.

If you are successful and complete the course, we will retain your information indefinitely unless otherwise requested.

If you are unsuccessful at any stage of the process, the information that you have provided until that point will be retained for six months from the date of the application.

Information generated throughout the assessment process, for example interview notes, is retained by us for six months following the closure of the campaign.

We keep personal data that we collect from your general use of our website for 3 months.

The anonymous information generated by Google Analytics cookies about your use of this website is transmitted to Google. This statistical information is processed to compile statistical reports on website activity for this site. This information helps us to optimise our content to better meet the needs of our customers.

We confirm that We do not provide, sell or otherwise disclose personal information We hold about you, including but not limited to for marketing purposes, to third parties unless we have your express permission or where we are under a duty to do so by applicable law.

We may, however share your personal information with our corporate sponsors that we partner with to provide online and in-person courses.

We usually store your data in Europe on secure cloud storage.

We may send to, and store data about you in a destination outside the United Kingdom (“UK”) or European Economic Area (“EEA”) which may be processed by staff operating outside the UK or EEA who work for Us or for one of our suppliers (third parties). We will ensure that the appropriate due diligence and safeguards are in place with the relevant third parties to protect your data in accordance with applicable laws.

You have a choice about whether or not you wish to receive information from Us. If you do not want to receive direct marketing communications from Us about our products and services, then you can opt out by ticking the relevant boxes situated on the form on which We collect your information. If you wish to stop receiving marketing communications from Us by email you have the option to unsubscribe at any time by clicking the ‘unsubscribe’ link in the footer of any email we send you.

We will not contact you for marketing purposes by email, phone or text message unless you have given your prior explicit consent. We will not contact you for marketing purposes by post if you have indicated that you do not wish to be contacted. You can change your marketing preferences at any time by contacting us by email: marketing@io-academy.uk or telephone 01249 475423.

Under Data Protection Legislation, you have certain rights as an individual which you can exercise in relation to the personal information We hold about you.

You have a right to:

  • access and obtain a copy of the personal data that We hold about you and to ask Us to correct your personal data if there are any errors or it is out of date (see Data subject access requests section below).
  • ask Us, in some circumstances, to restrict the processing of your personal data until any errors are corrected.
  • object to the processing of your data where the organisation is relying on legitimate interests as the legal ground for processing.
  • have your personal data erased which is also known as the ‘right to be forgotten’. The right is not absolute and only applies in certain circumstances.
  • ask Us, in some circumstances, to send either yourself or a third party a copy of the personal data we hold about you (in part or in full), which is also known as the ‘right to data portability’.

You can obtain further information about these rights from the Information Commissioner’s Office at: www.ico.org.uk or via their telephone helpline (0303 123 1113).

If you would like to exercise any of these rights you can do this by sending an email message to info@mayden.co.uk or by writing to Us at 1 Widcombe Crescent, Bath, BA2 6AH.

If you believe that We have not complied with your data protection rights, please let us know by emailing info@mayden.co.uk or by contacting our Data Protection Officer at the details provided above.

If you are not satisfied with how We respond to your complaint, you can contact the Information Commissioner’s Office through the details provided above.

The accuracy of your information is important to Us. Mayden complies with all applicable regulation when giving people access to their personal information. You can find out if We hold any personal information by making a ‘subject access request’ under Data Protection Legislation. If We do hold information about you, We will;

  • give you a description of it;
  • tell you why we are holding it;
  • tell you who it could be disclosed to; and
  • let you have a copy of the information in an intelligible form.

If you would like to access any of the information We hold about you or have any concerns regarding the way We have processed your information then please email info@mayden.co.uk.

We are committed to ensuring that your information is secure. We have a number of security measures in place to protect against the loss, misuse and alteration of any personal information We receive from you via this website and through our course application, assessment and onboarding procedure.

We will take all steps reasonably necessary to ensure that your information is treated securely and in accordance with this Policy. For example, our website uses an encrypted connection to make it difficult for unauthorised people to view information travelling between our server and your device.

Unfortunately, the transmission of information via the internet can never be guaranteed to be 100% secure. As a result, while We strive to protect your personal information, We cannot guarantee the security of any information you transmit to Us, and you do so at your own risk. Once We receive information, We make our best effort to ensure its security on our systems. Once We have received your information, We will use strict internal procedures and security measures to try to prevent unauthorised access.

We have ISO27001:2013 and our Information security policies and procedures are subject to regular external assessments by a UKAS accredited certification company.

This website uses cookies to help you personalise your online experience. A cookie is a text file that is placed on your hard disk by a web page server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you, and can only be read by a web server in the domain that issued the cookie to you. They collect statistical data about your browsing actions and patterns and do not identify you as an individual.

One of the primary purposes of cookies is to provide a convenience feature to save you time. The purpose of a cookie is to tell the web server that you have returned to a specific page. This helps Us to improve our website and deliver a better more personalised service.

You have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. Please note that changing cookie settings or rejecting cookies can impact the functionality and accessibility of some parts of the website.

Our website may contain links to other websites run by other organisations. This Privacy Policy applies only to our website, so We encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website.

In addition, if you linked to our website from a third-party site, We cannot be responsible for the privacy policies of the owners and operators of the third-party site and recommend that you check the policy of that third party site.