fbpx

Privacy Policy

Definition of Data Protection Terms 

Data is recorded information whether stored electronically, on a computer, or in certain paper-based filing systems. 

Data subjects for the purpose of this policy include all living individuals about whom we hold personal data. A data subject need not be a UK national or resident. All data subjects have legal rights in relation to their personal information. 

Personal data means data relating to a living individual who can be identified from that data (or from that data and other information in possession of the company). Personal data can be factual (such as a name, address or date of birth) or it can be an opinion (such as a performance appraisal). It can even include a simple e-mail address. It is important that the information has the data subject as its focus and affects the individual’s privacy in some way. Mere mention of someone’s name in a document does not constitute personal data, but personal details such as someone’s contact details or salary would still fall within the scope of the Data Protection Act (2018) and the General Data Protection Regulation (GDPR) 2016 (“the Acts”).

Data controllers are the people or organizations who determine the purposes for which, and the manner in which, any personal data is processed. They have a responsibility to establish practices and policies in line with the Acts.

Data Users include employees whose work involves using personal data. Data users have a duty to protect the information they handle by following the company’s data protection and security policies at all times.

Data Processors include any person who processes personal data on behalf of a data controller. Employees of data controllers are excluded from this definition but it could include suppliers which handle personal data on the company’s behalf. 

Processing is any activity that involves use of the data. It includes obtaining, recording or holding the data, or carrying out any operation or set of operations on the data including organising, amending, retrieving, using, disclosing, erasing or destroying it. Processing also includes transferring personal data to third parties. 

Sensitive Personal data includes information about a person’s racial or ethnic origin, political opinions, religious or similar beliefs, trade union membership, physical or mental health or condition or sexual life, or about the commission of, or proceedings for, any offence committed or alleged to have been committed by that person, the disposal of such proceedings or the sentence of any court in such proceedings. Sensitive personal data can only be processed under strict conditions, including a condition requiring the express permission of the person concerned. 

How we use your information 

In the course of fulfilling our contractual obligations to you, we may gather and process the following personal data:

Name, email address and telephone number – we will use this to contact you in the course of our agreement, or (with your permission) to send you updates from National Compliance Solutions such as legislation changes, new services offered or changes to services offered.

We use this data solely for the purposes of communicating with you in the course of a contractual arrangement or business interests.

Your data will only be kept as long as it is required to deliver your contractual requirements, or until you request us to remove it, whichever is soonest.

Our website 

You can use our website to contact us or to sign up to our newsletter.

You may also use our website to sign up for eLearning courses. All payment transactions are carried out through our third party payment provider PayPal – your payment details are not processed on our systems in any way. Your information provided will be used in accordance with this policy at all times.

How we use cookies 

A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences. 

We use traffic log cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system. 

Overall, cookies help us provide you with a better website by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. 

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website. 

Links to other websites

Our website may contain links to other websites. However, once you have used these links to leave our site, you should note that we may not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

Our Commitment

In line with the requirements of the Acts, we commit to the following:

  • Your data will only be used as you intended it, to deliver your contractual requirements and any additional requests which come from you or your organisation 
  • Your data will never be bartered or sold 
  • Your data will only be given to law enforcement when legal process has been followed 
  • Your data will never be given to advertisers

Your rights 

Under the GDPR, you have the following rights, which we will honour at all times: 

  • The right to be informed – this privacy policy outlines how and why we process your data 
  • The right of access – you may request a copy of all your personal data held by us at any time 
  • Right to rectification – if you believe any data we hold is incorrect you may request we update it
  • Right to erasure – you have the right to request your information be removed from our systems at any time. We will fulfil this request as long as it does not conflict with legal or contractual requirements 
  • Right to restrict processing – you may limit what data of yours we process and how, at any time, as long as it does not conflict with legal or contractual requirements 
  • Right to data portability – we are obliged to make your information available in a legible format to your chosen company if you choose to leave us 
  • Right to object – at any time you may object to the processing of your data, details how are below in section 8 
  • Rights related to automated decision making – we do not use automated decision making platforms 

Contact Us 

Any questions concerning this policy should be sent to info@nationalcompliancesolutions.co.uk, or our registered address. 

If you would like to make a complaint or request access to your data you can use these contact details also. Our complaints and subject access request policies are available on our website or on request. 

Complaints 

If you are unsatisfied with how we’ve handled a complaint in regards to your personal data, you can contact the Information Commissioner’s Office https://ico.org.uk/