|Name of Company||Sarah Wigley Associates Ltd t/a Sarah Wigley Associates|
|Address||189 Beechwood Avenue, Coventry. CV5 6FR|
|Key Contact||Sarah Wigley|
|Contact details||Email: email@example.com|
This privacy notice describes how we collect and use personal information about you during and after your working relationship with us, in accordance with data protection law, including the General Data Protection Regulation (GDPR). We describe the type of data we collect, store and how we use this data. We describe how we will use the data when liaising with third parties and your rights as a data subject. We will comply with data protection law. GDPR outlines several principles. These are
That the information that we collect and hold about you is:
Outline of the information we might collect about our clients for legitimate business interests
|Data||Why we collect this information||Where we keep the data|
How long we keep
Relevant name, email
and work location of relevant personnel
|Legitimate interest||Office 365 mail (password protected).||12 months after the last contact by personnel|
|Company and course details including key organisers||Legitimate interest||Laptop, encrypted||12 months after the last contact by personnel|
|Full names and locations of work of delegates attending courses||Legitimate interest||Office 365 mail (password protected).||Maximum of 12 months|
|Attendance sheets||Legitimate interest||Office 365 mail (password protected). Hard copy is transported to venues||Maximum of 2 weeks|
|Evaluation forms||Legitimate interest||Office 365 mail (password protected. Hard copy is transported securely to office.||Maximum of 12 months|
We do not operate any CRM system, mailing list or newsletter so do not collect or process data for these purposes. For the wider purposes of evidencing outcomes, all identifying data is removed.
We will only use contact information supplied to us via our website “Contact Form” to reply to the query sent. Our website has a SSL certificate
All electronic work devices are accessed through password security. Laptop security is up to date with anti-virus software and regularly scanned. Laptops are stored securely when not in use.
Attendance records are either handed directly to the client in hard copy immediately after the training, or scanned and emailed to the client within 48 hours of the end of the training. Where scanned copies are provided, acknowledgement of receipt is requested and the scan is destroyed within a maximum of 2 weeks.
Evaluations/training feedback sheets where requested are either handed directly to the client in hard copy immediately after the training, or scanned and emailed to the client within 48 hours of the end of the training. Where scanned copies are provided, acknowledgement of receipt is requested and the scan is destroyed within a maximum of 2 weeks. The recipients (clients who commission the training) to whom the personal data has/will be disclosed have a responsibility to comply with data laws.
Anonymised information is retained and used without identifiable data. This is made expressly clear at the time of completion.
Associates adhere to this policy and sign to acknowledge they have read and will comply with the conditions in this policy.
This policy is updated annually as a minimum and updates will be posted on our website.
Access to your personal data
The General Data Protection Regulations (GDPR) gives you the right to access the personal information we hold about you. You have the right to ask us to amend/delete the information we hold about you. Please contact us at firstname.lastname@example.org
You can also contact The Information Commissioner’s Office Telephone on 0303 123 113
This policy is updated at least annually
Updated 14.06.18 by Sarah Wigley
Updated 14.01.19 by Sarah Wigley
Updated 14.01.20 by Sarah Wigley