Privacy Policy
Premier Self Defence Ltd
GDPR Policy May 2018
|
GDPR Policy May 2018
Definition of terms used in this policy:
Premier Self Defence Ltd may be referred to as “PSD” Premier Self Defence Ltd may be referred to as “us” or “our” or “we” “Client(s)” refer to self defence students and/or their parents/guardians, schools and venues or staff “You” or “Your” refers to the “client” |
Summary:
New General Data Protection Regulation (GDPR) will come into effect on 25 May 2018. This new EU Directive has been put into place in order to protect your personal data and privacy.
Premier Self Defence Ltd (PSD) are committed to protecting the privacy of our users and clients. The Privacy (GDPR) Policy is intended to inform clients on how we gather, define and utilise information (as detailed below). It applies to information collected by us or provided by the client, whether at one of our venues, over our website or in any other way (such as over the telephone). It is also intended to assist clients in making informed decisions when using our website and/or services. PSD are the controllers of the personal information provided by our clients and staff for the purposes of the GDPR. In summary, the PSD policy states that for all our current clients and/or potential clients, most of whom will have made enquiries with us, we will:
Information on our website and/or social media has either been supplied by the owner with a request to publish or is information already in the public domain. |
GDPR Policy May 2018
Full Policy Statement for Premier Self Defence:
Data Protection Code of Practice:
Our data protection code of practice lays out our procedures that ensure Premier Self Defence Ltd (PSD) comply with the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) When clients or potential clients take up contact with PSD they may provide us with personal information such as name, address, phone numbers, email address, child(ren) name and date of birth, doctor’s name and phone number (encase of emergencies) and any relevant medical or health information relevant to participating in Self Defence. Clients may provide us with information via a number of ways:
|
In summary what data do we store:
Please note: WE DO NOT STORE PAYMENT DETAILS of clients such as card or bank details |
How we use client information:
1.1. We will hold, use and disclose client information for our legitimate business purposes including:
1.2. We may process certain sensitive personal data (known as special category data in the GDPR) where clients include it in information they send to us e.g. if information is included about your/your child(ren)’s/ your employees health/medical history in booking/enrolment requests. We have processes in place to limit our use and disclosure of such sensitive data other than where permitted by law. The legal basis for processing personal data Under GDPR, the main grounds that we rely upon in order to process personal data are the following
Disclosure of information/Consent: à In some circumstances, we may ask client consent to process data in a particular way in order to provide clients with outstanding related services. If this need arises, we will always ask clients for consent prior to sharing any personal data. à Disclosure will take place on a “need to know” basis (only that information that the recipient needs to know will be disclosed). How we may share data: In Certain circumstances there may be a need to share data with other parties. Details of these parties are set out below along with the reasons for sharing it: · Trusted third parties: in order to provide certain services there will be the need to share data with third party service providers such as IT infrastructure companies and email logistics providers. We will not share data with any third party where it is not necessary to do so to provide a service to our clients; nor will we sell data · Regulatory and law enforcement agencies. As noted above, if we receive a request from a regulatory body or law enforcement agency and if permitted under GDPR and other laws we may disclose certain personal data with the new owner(s) of the of the business or company and their advisors; · New business owners. If Premier Self Defence merges with or is acquired by another business or company, we will share personal data with the new owners of the business or company and their advisors. In this event, clients will be sent notice via email. Retaining information: We will only hold client or staff data for as long as is necessary for the purpose(s) for which we have collected it. The criteria that we will use to determine retention periods will be determined by the nature of the data and the purposes for which it is kept e.g. If we receive the data though an enrolment entry, we will retain data for as long as is necessary to administer the enrolment. If we receive data for job applications, we will retain data for as long as is necessary to process the application and maintain application statistics. We will not directly market applicants for longer than three (3) years unless they consent to receive direct marketing by opting in again before the expiry of the three (3) year period. In certain circumstances, once we have deleted or anonymised client/applicant data, we many need to retain parts of it for example an email address, in order to comply with our obligations under the GDPR or other legislation, or for fraud detection purposes. In summary: · All data will be retained for the appropriate lengths of time in compliance with all applicable legal, regulatory and club contractual requirements. All hard copy data will be destroyed by shredding and soft copies permanently deleted Access to records or data: Clients have the right of access to the data that we hold about them. Parents may access their child’s records (if this is in the child’s best interest and not contrary to a competent child’s wishes). Formal applications for access must be in writing to our office email: info@premier self-defence.co.uk and/or to dinachristy@premierself-defence.co.uk Any requests made in accordance with the above will be free of charge. àPlease note: We will require evidence of the client’s identity before we are able to act on the client’s request. à Please also note that we are unable to comply with requests that relate to information or data of others without their consent. Correction or completion of data: If information we hold about clients is not accurate, out of date or incomplete and requires amendment or correction, the client has the right to have the data rectified, updated or completed. The client can let us know by contacting us via email info@premierself-defence.co.uk and/or to dinachristy@premierself-defence.co.uk Right of Erasure: In certain circumstances the client has the right to request that the data we hold about them is erased e.g. If the data is no longer necessary for the purposes for which it was collected, or processed. Agreement to hold data/right to object or cancel: If clients do not wish personal data that we hold about them to be disclosed or used in the way that is set out in this policy and code of practice, please discuss the matter with our office. Clients have the right to object or withdraw their consent, however this may affect our ability to provide the client with the best service. Clients may withdraw their consent at any time by emailing dinachristy@premierself-defence.co.uk Security of information: We take the security of information and data seriously. When clients submit data to us, we use industry standard Secure Sockets layer (SSL) encryption technology to guard the data. We have security procedures in place to protect our paper based systems and computerised databases from loss and misuse, and only allow access to them when it is absolutely necessary to do so, and then under strict guidelines as to what use may be made of the personal data contained within them. Email content & attachments:
Information found on our WEBSITE: Information on our website and/or social media has either been supplied by the owner with a request to publish or with prior consent of the client or is information already in the public domain. Changes to our privacy policy: This privacy policy can be changed and/or updated by us at any time. If we change our privacy policy in future, we will advise clients of material changes or updates to our privacy policy by email, where we are holding the email addresses. Complaints: If clients are unhappy about the way we use the data, clients may contact us via email (info@premierself-defence.co.uk). Clients are also entitled to lodge a complaint with the UK Information Commissioner’s Office using any of the below contact methods: Telephone: 030 123 1113 Website: http://ico.org.uk/conserns/ Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
|