The following is a broad description of the way this organisation/data controller processes personal information. To understand how your own personal information is processed you may need to refer to any personal communications you have received, check any privacy notices the organisation has provided or contact the organisation to ask about your personal circumstances.
Reasons/purposes for processing information
We process personal information to enable us to provide consultancy and advisory services, provide education and training to our customers and clients, to promote our services, to maintain our own accounts and records and to support and manage our employees.
Type/classes of information processed
We process information relating to the above reasons/purposes. This information may include:
family, lifestyle and social circumstances
business activities of the person whose personal information we are processing goods and services provided
We also process sensitive classes of information that may include:
physical or mental health details
offences and alleged offences
racial or ethnic origin
religious or other beliefs of a similar nature
Who the information is processed about
We process personal information about our customers, clients and employees, complainants and enquirers, suppliers, advisers and other professional experts.
Who the information may be shared with
We sometimes need to share the personal information we process with the individual themself and also with other organisations. Where this is necessary we are required to comply with all aspects of the Data Protection Act (DPA). What follows is a description of the types of organisations we may need to share some of the personal information we process with for one or more reasons.
Where necessary or required we share information with:
business associates and other professional advisers
family, associates and representatives of the person whose personal data we
current, past or prospective employers
educators and examining bodies
suppliers and services providers
traders in personal data
Consulting and advisory services
Information is processed for consultancy and advisory services that are offered. For this reason the information processed may include name, contact details, family details, financial details, and the goods and services provided. This information may be about customers and clients. Where necessary this information is shared with the data subject themselves, business associates and other professional advisers, current, past or prospective employers and service providers.
It may sometimes be necessary to transfer personal information overseas. When this is needed information is only shared within the European Economic Area (EEA). Any transfers made will be in full compliance with all aspects of the data protection act.
New Data Protection Legislation came into force in the UK on 25th May 2018. The General Data Protection Regulation (GDPR), is EU wide legislation, and is enacted into UK law as the 2018 Data Protection Act.
This legislation affects every business that handles personal data for clients, customers or staff. Personal data has been defined by the act as ‘any information relating to an identifiable person who can be directly or indirectly identified’.
The data we collect on you
The personal data we collect may include information relating to your name, address, date of birth, and wider contact details. We will also collect data relating to your training with us which may include information about any relevant health, disability or learning issues.
This data is shared with the the processing team of MHFA England in the case of anyone completing the MHFA mental health first aid course, for the purposes of course feedback and to receive any certifications direct from the MHFA. We will only use your data for the purpose for which it was collected, to enable us to administer training and provide professional membership services.
We will retain your data for only as long as is necessary.
You have the Individual Rights under the Data Protection act 2018
To be informed about the personal data we hold on you
To access your personal data
To object to the processing of your personal data
Restrict the processing of your personal data
To rectify your personal data
To erase your personal data
You can exercise your Individual Rights at any time without charge. However, if your request is considered repetitive, unfounded or excessive a reasonable administration fee can be charged.
We will take all appropriate technical and organisational steps to protect the confidentiality, integrity, availability and authenticity of your data.