Signed in as:
filler@godaddy.com
Privacy Policy
Policy Statement
The Privacy Notice sets out the process of how Thompson Team aim to process data in compliance with data protection laws.
Scope
This policy is for any person who wishes to gain information about the privacy and security of personal information used by Thompson Team.
Aims
Thompson Team is committed to protecting the privacy and security of personal information.
This privacy notice describes how we collect and use personal information about individuals during and after working with us, in accordance with data protection law, including the General Data Protection Regulation (GDPR).
It applies to all employees, workers and contractors.
Roles and Responsibilities
Thompson Team adhere to the following principles of good practice. These ensure that personal information must be:
· processed fairly, lawfully and in a transparent manner
· adequate, relevant and limited to what is necessary
· processed in a manner that ensures appropriate security
· processed for specified, explicit and legitimate purposes
· accurate and kept up-to-date
· kept for no longer than is necessary
The type of personal information we collect
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). There are "special categories" of more sensitive personal data which require a higher level of protection.
We collect, store, and use the following categories of personal information:
· Personal contact details such as name, title, addresses, telephone numbers, and personal email addresses
· Dates of birth
· Gender
· Age
· Ethnicity
· Marital status
· Details of employment or workplace
The personal data is usually limited to the details required for us to undertake the basic functions of the certification process.
The collection of personal information
Personal information is provided by learners and users themselves through the completion of online forms.
The use of personal information
Thompson Team use personal information for service and business related purposes. For example, this may include things like:
• Personalisation of content, business information or user experience
• Account set up and administration
• Delivering marketing and events communication
• Carrying out polls and surveys
• Internal research and development purposes
• Providing goods and services
• Legal obligations (eg prevention of fraud)
• Certification
• Course information
• Meeting internal audit requirements
The legal basis for processing personal data
Thompson Team process data based on the six legal grounds contained within the GDPR.
• Consent
• Contract
• Legitimate interests
• Vital interests
• Public task
• Legal obligation
Sharing personal data
We do not share information about our workforce members with anyone without consent unless the law and our policies allow us to do so.
The storage and processing of personal data
All data is stored securely. Data is frequently backed up and stored in the provider’s backup recovery facility.
Email data and Microsoft Forms data is stored with Microsoft located in EU data-centres and follows Microsoft standard security and backup processes.
Securing personal data
Thompson Team uses data security and the technologies and procedures to protect personal information. For example, these may be measures:
• To protect data against accidental loss
• To prevent unauthorised access, use, destruction or disclosure
• To ensure business continuity and disaster recovery
• To restrict access to personal information
• To conduct privacy impact assessments in accordance with the law
• To train staff and contractors on data security
• To manage third party risks, through use of contracts and security reviews
Thompson Team rarely holds data physically. However, where this is needed in order to fulfil project requirements, physical access to information is restricted by locking it in rooms, cabinets, drawers, and other storage areas or units, and by ensuring that files and computer monitors are not left open to general or casual view.
Protection from unauthorised access may require mechanisms such as password protection or encryption of digital files and data, and sign-in sheets or request dockets for access to non-digital information.
Where information is stored on a mobile device (e.g. PDA, USB drive, laptop), special care must be taken to ensure that the device is physically protected from theft, loss, or damage.
Retention of personal data
Thompson Team follow GDPR requirements to retain data for no longer than reasonably necessary. We will only retain personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of personal data, the purposes for which we process personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we will anonymise personal information so that it can no longer be associated with individuals in which case we will use such information without further notice.
Your rights in relation to personal data
Under data protection law, you have rights including:
· Your right of access - You have the right to ask us for copies of your personal information.
· Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
· Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
· Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances.
· Your right to object to processing - You have the the right to object to the processing of your personal information in certain circumstances.
· Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
· You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
How we use Cookies
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to meet our customers' needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Cookies help us provide a better website, by enabling us to monitor which pages users find useful and which they do not. A cookie does not give us access to an individual’s computer or any information about individuals, other than the data chosen to share with us.
Session cookies allow us to link the actions of a user during a session. A session starts when a user opens the browser window and finishes when they close the browser window. Session cookies are created temporarily and once users close the browser, all session cookies are deleted.
More detailed information about cookies can be found at AboutCookies.org and AllAboutCookies.org.
Links to other Websites
Our website may contain hypertext links to enable users to visit other websites of interest. Once users have used these hypertext links to leave our site we do not have any control over the linked website. Therefore, we cannot be responsible for the protection and privacy of any information which users provide when visiting hypertext linked sites and the linked sites are not governed by this privacy statement. Please be cautious and look at the privacy policy statement applicable to the website in visited.
How to contact us
To make a request for your personal information, please contact us on 0800 999 1278 or e-mail us at info@thompsonteam.co.uk.
If you have a concern about the way we are collecting or using your personal data, we ask that you raise your concern with us in the first instance. Alternatively, you can contact the Information Commissioner’s Office at https://www.ico.org.uk
Policy Implementation
All staff at Thompson Team are GDPR trained.
This policy is a continual working document which will be reviewed and revised as necessary.