MSP Verosa Limited Privacy Policy

This Privacy Policy is issued by MSP Verosa Limited, registered in England and Wales No. 14486814 and whose registered office is 27/28 Eastcastle Street, London, W1W 8DH.

Our contact details:

Name: MSP Verosa Limited

Address: 27/28 Eastcastle Street, London, W1W 8DH

Phone Number: 0207 637 5216


We understand how important your personal data is and are committed to protecting and respecting your privacy.  This privacy policy aims to give you information on how MSP Verosa Limited collects and processes your personal data.

‘Personal Data’ means any information relating to or which identifies you.  This can include items such as your full legal name, home address, email address, phone number, date of birth, copies of ID documents (passport, driving licenses, birth and marriage certificates), location data or online identifiers, national insurance number, payment information, working hours, bank details, deposit certificates, tax codes, court orders, medical certificates, student and personal loans. Personal data can be held electronically or in certain paper records.

The General Data Protection Regulation (GDPR) regulates the processing of personal data.  The GDPR regulation seeks to protect your rights to your personal data by setting out, amongst other things, the conditions under which the processing of personal data is lawful, the rights of data subjects and the standards that organisations handling personal data must adopt.

To enable us to provide our services we need to collect and process personal information. This makes us a “Data Controller” for any personal information you provide to us for which we are responsible for complying with data protection laws. This includes deciding how and why we hold and use personal data about you.

Information we collect about you: 

  • If you register for and / or attend a course run by MSP Verosa, we will collect personal data, including your name, work details and contact information (including your telephone number and email address). We may also collect dietary requirements and accessibility requirements where applicable.
  • If you contact us electronically, we will collect details about the date and time of contact, and the contact details such as your email address and / or telephone number.
  • If you book a course run by MSP Verosa, we will collect data necessary to process your payment. This might include payment instrument number (such as card number) and the associated security code. In some cases, payments are processed via Square, whose privacy notice can be found here: com/gb/en/legal/general/privacy-no-account.
  • If you use our website, we will collect information about how you logged on and off our website, including your IP address, information about your visit, your browsing history, your device information and how you use our website. Our Cookie Policy can be found here.

How we receive your information

Most of the personal information we process is provided to us directly by you for one of the following reasons:

  • You have registered for a course we are running;
  • You visit our website and consent to our use of cookies;
  • You have made a complaint or enquiry to us;
  • You have applied for a job with us;
  • For other business purposes including data analysis and tracking.

We also receive personal information indirectly:

  • From other companies in MSP Organisation;
  • Through referrals from other third-party businesses (such as your employer);
  • If an employee of ours gives your contact details as an emergency contact or a referee
  • From the third-party companies who facilitate the hosting of our online pages (eg website analytics)

How and why we share your information:

We may share this information with external third parties as follows (but not limited to):

  • Other companies in MSP Organisation;
  • The third-party service providers we use to help us run our business, such as IT suppliers, auditors, lawyers, marketing agencies, document management providers, outsourced business process management providers, our subcontractors and tax advisers;
  • Insurers who provide our insurance and companies who arrange such insurance;
  • The police and other third parties or law enforcement agencies where reasonably necessary for the prevention or detection of crime;
  • Medical professionals in the event of an emergency to protect your vital interests;
  • Third parties who undertake analysis for the purposes of service improvement.

We will only transfer your personal information to trusted third parties who provide sufficient security guarantees and who demonstrate a commitment to compliance with applicable law and this policy.  Where external third parties are processing personal information on our behalf, they will be required to agree, by contractual means, to process the personal information in accordance with the applicable law. This contract will stipulate, amongst other things, that the third party and its representatives shall act only on our instructions, or as permitted by law.

Personal data may be shared outside of the European Economic Area (EEA) and the European Union (EU).

Third Party Links

Our website and email correspondence may sometimes contain links to third party websites. Accessing such pages may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. We therefore encourage you to read the privacy notice of every website you visit.

Why we process your data

Under the UK General Data Protection Regulation (UK GDPR), the lawful bases we rely on for processing this information are:

(a) Your consent. You may remove your consent at any time. You can do this by contacting

(b) We have a contractual obligation.

(c) We have a legal obligation.

(d) We need it to perform a public task.

(e) It is necessary to ensure your vital interests.

We use your information for the following purposes:

Purpose for processing Legal grounds for using your personal information
To set you up as a client or customer. It is necessary to enter into your contract.

We have a relevant legal obligation.

To facilitate your invitation and attendance at a course you are registered to attend. It is necessary to enter into your contract.

We have a legitimate business purpose (to use your information to fulfil our contractual duties and deliver our services when you are attending a course).

To process your payment information. We have a legitimate business purpose (to receive payment for the services we are providing).
Communicating with you by telephone and / or email. It is necessary to enter into or perform your contract.

We have a legitimate business purpose to communicate with you.

Resolving any complaints that you might have. It is necessary to enter into or perform your contract.

We have a legitimate business purpose (to send you communications, record and investigate complaints and ensure that future complaints are handled appropriately).

Providing improved quality, training and security. We have a legitimate business purpose (to develop and improve the products and services we offer).
Complying with our legal or regulatory obligations. We have a relevant legal or regulatory obligation.
Managing our business operations such as maintaining accounting records, analysis of financial results, statistical analysis, internal audit requirements, receiving professional advice (e.g. tax or legal advice) and facilitating payment of our services. We have a relevant legal or regulatory obligation.

We have a legitimate business purpose (to effectively manage our business operations).

Reviewing, assessing, tailoring, and improving our service offerings. We have a legitimate business purpose (to develop and improve our services to ensure we provide high customer satisfaction)
Investigating or detecting the unauthorised use of our systems, to secure our system and to ensure the effective operation of our systems. We have a legitimate business purpose (to ensure the integrity and security of our systems).
Transferring or selling part of our business or re-organising our company structure. We have a legitimate business purpose (to manage our business portfolio and re-organise our company).

We have a relevant legal or regulatory obligation.

To market our services. We have a legitimate business purpose (to market our services)
To market other MSP services to you. We have your consent.
Tracing and recovering debt. We have a legitimate business purpose (to trace and recover debt that is owed to us).
To apply for and claim on our own insurance. We have a legitimate business purpose (to ensure that we have appropriate insurance in place).
To share your personal data with third party processors who assist us in the day to day running of our business (eg, IT providers, our solicitors and our accountants). This may include other companies within MSP Organisation. We have a legitimate business purpose (to ensure we can manage our business effectively and engage professional support when required).
To develop personalised marketing and measure its effectiveness; and identify trends and patterns to generate marketing campaigns and collateral.


We have a legitimate business purpose (to market our services)

We have your consent.

If you choose not to give personal information:

We need to collect personal information required by law or under the terms of service you have elected to use.  If you choose not to give us the personal data we need, it may mean that we have to cancel or decline a service that you request or have with us. So that you know what information is optional, we make it clear at the time we collect your personal data.

 How your personal information is stored

We understand how important your personal data is to you and we take its security very seriously. We safeguard your personal data across all our computer systems, networks, websites and offices as much as possible through appropriate procedures and technical security measures.

Please see the following information kept by MSP Verosa Limited, and detail of how it is disposed of:

  • Data is stored on a secure digital platform. It is accessed internally via our staff’s unique username and password, and multi-factor authentication.
  • We will hold data for the duration of 1 year from the start of a course for the purpose of administering a course, or set of courses. After this, the data will be deleted, except if explicit permission has been asked for, and granted, to hold limited personal data (name, email address, company, role, and any course feedback ) for marketing purposes.

Your data protection rights

You have rights in respect of the personal data that we hold about you.  They include the right to request a copy of the information that we hold about you, to know about any automated decisions that are made about you and to change your marketing preferences at any time. Details about all your rights are provided below.

Some of these rights are conditional and depend upon why we are processing your personal data.  This means that we cannot always be able to respond to your request in the way that you want.  For example if you ask us to erase your personal data and we are processing the information because we are required to do so because of a legal requirement, we will not be able to delete your personal data.

 Your right of access – You have the right to ask us for copies of your personal information.

Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.

Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.

Your right to object to processing – You have the the right to object to the processing of your personal information in certain circumstances.

Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.

We review our use of your personal data regularly. In doing so, we can change what personal data we collect, how we keep it and what we do with it. As a result, we can change this Privacy Notice from time to time to keep it relevant and up to date.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you. Please contact us at MSP Verosa Limited, 27-28 Eastcastle Street, London, W1W 8DH if you wish to make a request.

How to complain

If you have any concerns about our use of your personal information, you can make a complaint to us at:

MSP Verosa Limited, 27-28 Eastcastle Street, London, W1W 8DH


You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s address:

Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Helpline number: 0303 123 1113

ICO website:

Privacy Preferences

When you visit our website, it may store information through your browser from specific services, usually in the form of cookies. Here you can change your Privacy preferences. It is worth noting that blocking some types of cookies may impact your experience on our website and the services we are able to offer.

Our website uses cookies, mainly from 3rd party services. Define your Privacy Preferences and/or agree to our use of cookies.