Practical CSM Privacy Policy 

Who we are

Our website address is:


  • Cookies are small pieces of data stored on your device. For instance, your computer or other mobile device.
  • Data Protection Legislation includes all applicable data protection and privacy legislation in force in the UK.  For instance, the General Data Protection Regulation ((EU) 2016/679) and the Data Protection Act 2018.  The Privacy and Electronic Communications Directive 2002/58/EC (as updated by Directive 2009/136/EC). In addition, the Privacy and Electronic Communications Regulations 2003 (SI 2003/2426), as amended.
  • Personal Data has the meaning given to it in the Data Protection Legislation.
  • Data Subject – Any living individual using our Service and is the subject of Personal Data.
  • Usage Data collected by us, which is automatically generated by the use of the Service. Alternatively, from the Service infrastructure itself.  For instance, it relates to the conduct and frequency of users, utilising the Service.  For example, how long a user’s session lasts.
  • Google Analytics is a web analytics service provided by Google, which tracks and reports website traffic.
  • Data Controller means the natural or legal person who determines the purposes.  Further, as outlined in the Data Protection Legislation, the manner in which it will be processed. For the purpose of this Privacy Policy, we are a Data Controller of your Personal Data.
  • User means any individual who utilises the Service.
  • Data Processors (or Service Providers) means any natural or legal person who processes the data on behalf of the Data Controller.  We may use the services of various Service Providers to process your data more effectively.

What personal data we collect and why we collect it


When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: After approval of your comment, your profile picture is visible to the public in the context of your comment.


If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms & Communication

We may use your Personal Information to contact you with newsletters, marketing or promotional materials and also send direct transational messages.


If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

We use, but not limited to the following Cookies:

  • Session Cookies collect Usage Data about an individuals’ use of the services.  For example, the duration of time spent using the Service.
  • Preference Cookies remember your preferences and the various settings of your internet.
  • Security Cookies collect data about the security of the Services.  For instance, any potential or attempted security breaches by third party servers.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Usage Data

For instance, Usage Data may include your computer’s Internet Protocol address (e.g. IP address).  Secondly, the browser type and version. Thirdly, the pages of our Service you visit.  For example, the time spent on those pages and the time and date of your visit. In addition, unique device identifiers and other diagnostic data.

We may collect Usage Data when you access the Service through a mobile device. For instance, this Usage Data may include the type of mobile device you use.  Secondly, your mobile device’s unique ID and IP address.  Thirdly, the mobile operating system and Internet browser you use.  In addition, unique device identifiers and other diagnostic data.

GDPR Compliance

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

The reasons for keeping this information are the following:

  • Legal requirements (accounting) for 7 years
  • Marketing with consent for 2 years
  • Information provision with consent for 2 years
  • Email Correspondence for 1 year

If you would like your email removed from our email database please email for removal.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Your Data Protection Rights Under General Data Protection Regulation (GDPR)

As we are operating within the European Union, you have certain data protection rights.  Most importantly, these are covered under the Data Protection Legislation. Practical CSM aims to take reasonable steps to allow you to exercise these rights in relation to your Personal Data.

Complete a Data Access Request to find out what of your Personal Data we hold.  In addition, if you want us to remove it from our systems.

In certain circumstances, you data protection rights include:

  • Access, update or to delete the information we have on you.  You can access, update or request deletion of your Personal Data. Complete a Data Access Request to do so.
  • The right to rectification. You have the right to have your information rectified.  For instance, if that information is inaccurate or incomplete.
  • Right to object. You have the right to object to our processing of your Personal Data.
  • The right to restriction. You have the right to request that we restrict the processing of your personal information.
  • Right to data portability. You can obtain and reuse your information, including personal data. Certainly, in a safe, secure and easy way. For instance, in a structured, machine-readable and common format.
  • The right to withdraw consent.  You have the right to withdraw your consent.  Most importantly, where Practical CSM relied on your consent to process your personal information.
  • Before responding to such requests, we may ask you to verify your identity.
  • You have the right to complain about our collection and use of your Personal Data.  You can do this by making a complaint to a Data Protection Authority. Contact your local data protection authority in the European Economic Area (EEA) for more information.

Community Guidelines

  1. This group is for all current, previous and potential future students.
  2. This is a mutual support group for the students, to discuss the material, encourage each other and generally share the journey.
  3. Treat everyone with respect. Healthy debates are natural but be kind and do not make personal attacks. Hate speech and bullying will lead to an immediate ban. 
  4. Spam, advertising, fundraising and referral links are not permitted; if you are unsure about posting a link, ask the admin. Anyone who blocks admin will automatically be removed.
  5. Do not post copyright material, test/quiz questions or solutions. If you want to post something your tutor has provided you with, you should seek explicit permission first. Personal details of tutors should not be mentioned; if you need to refer to a specific tutor, use initials only.
  6. If you experience any problems or issues, reach out to site admin via helpdesk widget or directly via email
  7. For module-specific groups only:
    1. Please only discuss Test scores on the specific thread which will be posted by the admin. Do not share actual or planned answers.
    2. General discussion around the themes of an assignment question is allowable, but no discussion of planned or actual answers