Encompass Training SW Ltd
Great Potheridge House
Updated: May 2018
We take your privacy seriously and we respect your privacy and data protection rights. This privacy notice aims to give you information on how and what data we collect, and how we use your personal data when you book with us. It also describes options we provide for you to access, update or otherwise take control of your personal data that we hold.
Please take time to read this privacy notice in full and if you have questions you may reach our Data Protection Officer (“DPO”) by contacting us at firstname.lastname@example.org.
Information we collect about you
When you book with us or work for us, inquire or provide an evaluation the following personal data may be collected directly from you.
- Identity Data: Name, Email Address, Organisation, Job Title etc.
- Contact Data: Billing Address, Email Address, Telephone Numbers
- Financial Data: Bank Details for refunds, changes for payments
- Password recovery Data: Security Question/ Answer for password retrieval
- Transaction Data: Details of bookings made, date and time, when payment was received.
- Technical Data: Where you came to our website from, how often you visit and use our website, the devices you used, relevant IP address, operating system and version, web browser and version, and geographic location
How we utilise your information
We will use your personal data for the following purposes:
When booking the centre to:
- Enter into a contract with the customer when a booking is made in accordance to our terms & conditions
- Make sure we have been paid in full for a booking
- Charge for any subsequent repairs following a stay
- Be able to refund money for cancellations or changes in bookings in accordance with our terms and conditions
- Contact the customer in relation to their booking
- With consent, and optionally ask them for feedback about the service that we offer
Our lawful bases for handling your personal data in the above ways are: (1) because it is necessary for performance of a contract with you; (2) because it is a legal obligation upon us; or (3) because we have obtained your consent. Where we are relying upon your consent, you have right to withdraw such consent at any time by contacting us at email@example.com.
Why we process your information
- We process personal information to enable us to:
- Enter into a booking contract with you
- Provide a service to you or have a service provided for us
- Manage our employees
- Maintain our own accounts and records
- Fulfil our legal obligations
How we share your information
We may share your personal information (as appropriate) with the following:
- Our employees
- A subset is shared with employees and contractors, as required, working at the centre
- Our book keeper/accountant and auditor who prepares our accounts and returns the data to us once completed
- Debt collection services
How you can access, update or delete your data
Most of personal information held by us is kept locked away or stored on password protected computers. Updates and deletion requests to personal data can be done by contacting our office firstname.lastname@example.org. Changes are completed within approx 48 hours.
If you make a request to delete your personal data and that data is necessary for a booking, the request will be honoured only to the extent it is no longer necessary or required for our legitimate business purposes or legal or contractual record keeping requirements
How we secure and store your data
We follow generally accepted standards to store and protect the personal data we collect, both during transmission and once received and stored, including utilisation of encryption where appropriate.
- Online on our secure server
- Online in excel spreadsheets
- By using secure email services
- Hard copy documents are stored in filing cabinets in a locked office at the centre
- Data that is no longer required is archived regularly
How long we keep your personal data
We only retain customer personal data for as long as necessary and only for legitimate legal purposes and to maintain adequate and accurate business and financial records.
What are your rights?
As a Data Subject, you have the following rights:
- The right to request a copy of all personal data we hold about you
- The right to request correction of personal data we hold about you if it incorrect or incomplete
- The right to deletion of personal data we hold about you where there is no compelling reason for us to continue to hold it
- The right to restrict our data processing activities
- The right to request transfer of your personal data to a third party
- The right to object to processing if the lawful basis is legitimate interest or performance of a task in the public interest
The right to file a complaint with the ICO (www.ico.org.uk) If you wish to raise a complaint or have a query on how we have handled your personal data, you can contact our DPO who will investigate the matter on email@example.com.