What personal information do we collect from people? We operate a ‘privacy by design’ policy, and will only ask you for the minimum information required to deliver a service to you. When registering on one of our sites you may be asked to provide some of the details listed below:
- Personal information: this may include your name, email address, first language, employer details, phone numbers, previous qualifications and experience, your photograph and signature
- Credentials: these are details for logging in to something. For example, secure website login details
- Customers: as a customer we need to collect both contact and billing information from you which allows us to meet our contractual obligations with you. If we invoice you, we’ll collect an invoice address, email address for your finance function and purchase order numbers, where applicable
- Enquiries: to allow us to provide you with further information about our services, we need to collect contact information from you
When do we collect information? We collect information from you when you fill out an enrolment form or enter information onto one of our sites. We also collect information automatically when you log into one of our sites (including location information) and complete training and/or an assessment on one of our sites. If you contact us, we may also keep a record of that correspondence.
How do we use your information? We may use the information we collect from you in the following ways:
- To identify your assessment records when completing online tests, either as part of recruitment & selection processes or employer assessments at our customer’s sites.
- To identify your training records, evaluate progress and provide evidence of learning when undertaking one of our training courses.
- To provide technical support when accessing our Learning Management Systems.
- To create licence agreements, invoices and other contractual documentation as part of providing services to our customers.
- To follow up after correspondence (email or phone enquiries).
- To personalise your experience and to allow us to deliver the type of content and information in which you are most interested.
- To allow us to better service you in responding to your customer service requests.
- To send periodic emails regarding our services.
How long do we retain your data?
- Assessment and course data: may be retained for up to 2 years from its data of completion, after which time data will be deleted.
- Enquiries: When you contact us with an enquiry, we may retain this data for up to 1 year, after which time data will be deleted.
- Customers: As a customer of ours, we are legally obliged to retain your details as part of our company record keeping. We will retain records for 7 years.
How do we protect your information? We take the handling of your personal data very seriously. All our websites have a valid SSL certificate. This means when you enter your personal details on one of our sites, there is a secure connection between your computer and our website. You can be certain our website is served over SSL when you see the padlock in the corner of the web address bar. Our laptops are also encrypted and password protected and where possible two factor authentication is used.
Do we share your data with third parties? We do not sell any of your information.
To enable us to provide a service to you, we do need to share your information with some third parties as described below;
- Employees and contractors: We may disclose information about you to our employees and contractors who need the information. We require all employees and contractors to follow this privacy notice.
- Third party vendors: To provide a service to you, we share your information with third party vendors. We have broken down these vendors to categories below:
- Learning Management System software
- Time tracking software
- Web hosting
- Cloud storage
- Communication tools including our email provider
- Accounting software
- Qualification Awarding Bodies & Training Providers
- As required by law: we may disclose information about you in response to a court order, or other governmental request.
What would happen if there was a Data Breach? If a data breach were to occur, we would follow this procedure:
- Notify the affected parties as soon as possible.
- Fix the issue that lead to the breach.
- Produce a post-mortem of the incident detailing:
- What went wrong.
- What we did to fix it.
- How we are going to protect against something similar happening in the future.
Contacting Us: If you have any questions regarding this policy or would like to make a request to access your personal data, you may contact us via telephone or in writing on:
Interventions Consulting Ltd
125 Main Street
Tel: 0113 4931943
Handling rights of access requests: If you request access to your personal data we will aim to respond to you within 10 working days and never more than 1 month from the date your request is received. You have the right to complain to the ICO if you feel there is a problem with the way we are handling your data.