In this policy Online Safety Training Ltd can be referred to as “OST”, “the Company”, “our”, “us” or “we”.
Personal data means any information relating to any living individual (also known as a ‘data subject’) who can be identified (directly or indirectly) by reference to an identifier (e.g. name, IP address, reference number, email address, physical features etc.). Personal data can be both factual (e.g. contact details or date of birth), or an opinion about a person’s actions or behaviour, or information that may otherwise impact on that individual. It can be personal, or business related.
‘Processing’ personal data means any activity that involves the use of personal data (e.g. obtaining, recording or holding the data, amending, retrieving, using, disclosing, sharing, erasing or destroying). It also includes sending or transferring personal data to third parties.
Online Safety Training Ltd, registered office Suite 7, The Eco Centre, Hebburn, NE31 1SR is the “controller” for the purposes of data protection law. This means that we are responsible for deciding how we hold and use personal data about you.
We hold and use various types of personal data about you, including, for example: name, job title, contact information (including email address), demographic information (such as post code) and any other information you provide us with.
We hold and use your ordinary personal data for a number of reasons and Data Protection law specifies the legal grounds on which we can hold and use personal data. Most commonly, we rely on one or more of the following legal grounds when we process your personal data:
In some cases, we will also ask for your consent to process your personal data. If this is the case, it will strictly be done on an “opt-in” basis and will involve ticking a box, or some other affirmative action. This will generally be done when you first register to purchase one of our products or services but can be done at any time.
Sometimes, you might provide us with another person’s personal data – e.g. to sign one of your employees up for a course. In such cases, we require you to inform the individual what personal data of theirs you are giving to us. You must also give them our contact details and let them know that they should contact us if they have any queries about how we will use their personal data. Any actions you take should also be in line with any Data Protection Policies or rules your organisation has.
We will only share your personal data with third parties where we have an appropriate legal ground under data protection law which permits us to do so. This could include complying with our contractual duties (e.g. to provide your details to a certification body so they can issue you with a certificate after completing training.), or where it is necessary in our legitimate interest (e.g. to our IT service provider to resolve IT issues). We may also share your data with any other 3rd party when we are legally or contractually obliged to do so.
We only ask you to provide personal data when we have a good reason and there may therefore be consequences if you do not provide particular information to us. You have the right to choose not to provide us with personal data, however, if you do so, this will limit the services we can provide you.
We will not keep your personal data for longer than we need it for our legitimate purposes. We take into account the following criteria when determining the appropriate retention period for personal data:
In situations where we no longer need to process your personal data for any purposes described in this policy, we will delete it from our systems. We can also delete your data upon request where permissible to do so (see Your Rights section for information)
We implement appropriate technical and organisational safeguards to protect against unauthorised or unlawful processing of Personal Data and against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Data. Please be advised, however, that we cannot fully eliminate security risks associated with the storage and transmission of Personal Data.
We do not knowingly collect or process any Personal Data from any children aged under 16 years. If you think a child has provided us with personal data, please contact our support team immediately. If we discover a child has provided us with personal data, we will take steps to remove that data.
A cookie is a small file, which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system. Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website or the courses we offer.
You have a number of legal rights relating to your personal data, which are outlined here:
If you would like to exercise any of the above rights, please contact us in writing at Suite 7, The Eco Centre, Hebburn, NE31 1SR. Note that these rights are not absolute and in some circumstances, we may be entitled to refuse some or all of your request.
Note too that you have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. Details of how to contact the ICO can be found on their website: https://ico.org.uk