Privacy Policy
Our commitment to privacy
Your privacy is important to us. To better protect your privacy we provide this notice explaining our information practices and the choices you can make about the way your information is collected and used. To make this notice easy to find, we make it available on our web site and at every point where personally identifiable information may be requested.
Lawful basis for processing personal data
Our lawful basis for processing personal data is that of contract. Under Article 6 (1) b of the GDPR our data processing is necessary for the performance of a contract to which the data subject is party. It is clearly necessary for us to collect the data detailed below to perform training of the individuals attending our training courses.
The information we collect:
This notice applies to all information collected or submitted on our website or collected during the operation of our training courses. The types of personal information collected are:
- Name
- Address
- Date of birth
- National Insurance number
- Email Address
- Phone Number
The information we don’t collect:
- Credit/Debit Card Information
The way we use information
We use the information you provide about yourself when booking a training course only to complete that service. We do not share this information with outside parties except to the extent necessary to complete the service and issue certification. We shall only process personal data in accordance with your instructions.
Where any of our staff or instructors have access to personal data, they are subject to a confidentiality clause in their contracts.
We take all measures to process personal data securely in accordance with article 32 of the GDPR. We shall not engage a sub-processor for personal data.
We use return email addresses to answer the email we receive. Such addresses are not used for any other purpose and are not shared with outside parties.
Finally, we never use or share the personally identifiable information provided to us online in ways unrelated to the ones described above without also providing you an opportunity to opt-out or otherwise prohibit such unrelated uses.
Our commitment to data security
To prevent unauthorized access, maintain data accuracy, and ensure the correct use of information, we have put in place appropriate physical, electronic, and managerial procedures to safeguard and secure the information we collect. Information will be retained for a period of 6 years, and then destroyed.
In the event of any data breach we shall immediately notify all appropriate parties, including the Information Commissioner’s office.
How you can access or correct your information
You can access all your personally identifiable information that we collect by calling us or sending us an email. We shall use appropriate technical and organisational measures in the event that we receive a request from an individual to exercise their data subject rights. Amongst other rights granted to individuals by the GDPR, you have a right to complain to the Information Commissioner’s Office if you think that there is a problem with the way we are processing your personal data.
You can correct factual errors in your personally identifiable information by sending us a request that credibly shows error. Should you request deletion of your personal data we shall comply with this request.
To protect your privacy and security, we will also take reasonable steps to verify your identity before granting access or making corrections or deletions.
This policy has been approved & authorised by:
April Hopkins and Victoria Bull