Last Updated: 31 March 2026
1. Introduction
Welcome to the Skillstats Event Demo platform, operated by Localise (“we”, “us”, “our”). We understand that local councils and public sector organizations demand the highest standards of data protection and privacy.
This policy explains how we collect, use, and protect your personal data when you interact with our platform (https://qr.skillstats.co.uk/) during events such as LGR Camp, in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. Who We Are (Data Controller)
For the purposes of this demo platform, Localise is the Data Controller.
- Company Name: Localise
- Website: https://locali.se/
- Contact Email: hello@locali.se
3. What Data We Collect
When you scan our QR code and take the “Digital Confidence” assessment, we may collect the following data:
- Assessment Data: Your responses to the 27 multiple-choice questions regarding digital skills.
- Technical & Device Data: Your IP address, browser type, operating system, and device type used to access the platform.
- Session Data: Information on how you navigate the site to complete the demo.
4. Why We Collect It & Our Lawful Basis
Under UK GDPR, we must have a valid lawful basis to process your data. We rely on:
- Legitimate Interests (Article 6(1)(f)): To provide the Skillstats demo platform at events, ensuring the site functions securely on your device, and demonstrating how the assessment helps organizations baseline digital skills.
- Consent (Article 6(1)(a)): If we ask you to provide an email address to send your assessment results or further learning resources, we will do so based on your explicit consent. You can withdraw this consent at any time.
5. How We Protect Your Data
We treat all data with the confidentiality expected by UK local government standards. Data entered into the demo platform is encrypted in transit using SSL/TLS protocols. Access to this data is strictly limited to authorized Localise personnel. We also use active Web Application Firewalls (WAF) to prevent malicious access to the platform.
6. Data Retention
Because this is a temporary event demo, we do not hold your data indefinitely.
- Demo Assessment Data: Kept only for the duration of the event lifecycle and subsequent follow-up period (typically no longer than 30 days), after which it is securely deleted or anonymised.
- Cookie Data: Retained according to the lifespans detailed in our Cookie section below.
7. Cookie Policy
Our website uses cookies—small text files placed on your device—to ensure the platform works correctly, remains secure, and maintains your session while taking the assessment.
Under the Privacy and Electronic Communications Regulations (PECR), strictly necessary cookies do not require prior consent. Where cookies are used for preferences or third-party integrations, we manage these via our consent tool.
Cookies in Use on This Site:
| Cookie Name | Provider / Type | Purpose | Lifespan |
PHPSESSID | Essential / Session | Maintains your active session across the site so your progress in the Digital Confidence assessment is not lost as you navigate. | Session |
wordpress_test_cookie | Essential / Core | Checks if your browser has cookies enabled to ensure the platform functions properly. | Session |
blocksy_cookies_consent_accepted | Essential / Compliance | Remembers your preference regarding our cookie consent banner so you are not repeatedly asked. | 1 Year |
wfwaf-authcookie-* (Multiple) | Essential / Security | Set by the Wordfence firewall to authenticate logged-in users (like our administrators) and protect the site against malicious attacks. | 1 Day |
wordpress_logged_in_* & wordpress_sec_* | Essential / Auth | Core WordPress cookies used to recognize logged-in users (primarily our site administrators) and maintain secure connections. | Session |
wp_lang | Preference | Stores language preferences (e.g., en_GB) to ensure the site displays correctly. | Session |
wp-settings-1 & wp-settings-time-1 | Preference / UI | Customizes your view of the user interface and main site dashboard, remembering UI preferences. | 1 Year |
gravatar-user-profile-survey & is-logged-in | Third-Party (Gravatar) | Used by Gravatar (Automattic) to display user profile images (avatars) and check logged-in status on the Automattic network. | Up to 11 Months |
8. Sharing Your Information
We do not sell your personal data. We only share information with trusted third-party service providers who help us run the website (such as our web hosting provider and security firewall providers). These processors are strictly bound by data processing agreements compliant with UK GDPR.
9. Your Rights
Under UK GDPR, you have the following rights regarding your personal data:
- Right of Access: Request a copy of the data we hold about you.
- Right to Rectification: Correct any inaccurate or incomplete data.
- Right to Erasure (Right to be Forgotten): Request that we delete your assessment data.
- Right to Restrict Processing: Ask us to suspend the processing of your data.
- Right to Object: Object to our processing based on legitimate interests.
To exercise any of these rights, please contact us at [Insert Contact Email]. We will respond to all legitimate requests within one calendar month.
10. Complaints
If you have concerns about how we handle your data, we encourage you to contact us first. However, you also have the right to lodge a complaint with the UK supervisory authority, the Information Commissioner’s Office (ICO), at https://ico.org.uk/.