Privacy Policy
LAST UPDATED: 29-01-2024
Introduction
This Privacy Policy explains in detail the types of personal data we may collect from you when you interact with us. It also explains how we store and handle your data and how we protect it.
We have included a considerable amount of information on this Privacy Policy, as we think it’s important that you’re fully aware of your rights, and how Building Pathways Community Interest Company (CIC) uses your data. When you are using our website, Building Pathways CIC is the data controller.
We hope the following sections will pre-empt any questions that you may have. However, if you require any further information, please contact us.
It’s likely that we’ll occasionally need to update this Privacy Policy. We’ll notify you about any significant changes, but you’re welcome to come back and refer to it regularly.
Explaining The Legal Bases We Rely On
The law on data protection sets out several different reasons why a company may collect and process your personal data, including:
Consent
In specific situations, we can collect and process your data with your consent.
For example, when you send us a request using the contact form/s on our website.
We’ll always make it clear to you which personal data we’re collecting in relation to a particular service.
Contractual Obligations
In certain circumstances, we need your personal data to comply with our contractual obligations.
For example, when you register for one of our services or enrol on one of our courses or programmes.
Legal Compliance
We may need to collect and process your data if the law requires us to do so.
For example, forwarding personal data to a regulator or law enforcement body in regard to investigations of fraudulent or criminal activity.
Legitimate Interest
In specific situations, we require your data to pursue our legitimate interests in a way that might reasonably be expected and as a part of running our CIC. This does not materially impact your rights, freedom, or interests.
For example, if we identify a potential course, programme or service, we may contact you to advise you of any developments that are likely to benefit you.
Where We Rely On Our Legitimate Interest
In cases where we are processing your personal data on the basis of our legitimate interests, you can ask us to stop for reasons connected to your individual situation. We will adhere to this unless there is an alternative legal basis for us to continue processing your personal data.
Direct Marketing
We may wish to send you information about the services we offer. We will only do this if you have opted-in to receive this information and you may opt-out at any time.
You have the right to discontinue the use of your personal data for direct marketing activity through all channels, or selected channels. We will always comply with your request. Simply contact us using the details below to opt out or amend your marketing preferences.
Checking Your Identity
To protect the confidentiality of your information, we may ask you to verify your identity before proceeding with any request you make.
If you have authorised a third party to submit a request on your behalf, we may ask them to prove they have your permission to act.
When Do We Collect Your Personal Data?
- Whenever you visit our website.
- When you use the contact form/s on our website.
- When you make an enquiry regarding our services.
- When you instruct our services or enrol on our courses or programmes.
- When you contact us through any means with queries, complaints etc.
- When you choose to complete any surveys that we send to you.
- When you provide a testimonial.
- When you’ve given a third-party permission to share information with us that they hold about you.
- When you have given your consent to share information or where the information is made public as a matter of law.
- You may be introduced to us by companies recommending our services because they complement their own. We have no obligation to accept introductions from such companies and we act entirely separately from any company recommending our services.
What Sort Of Personal Data Do We Collect?
- Your name, company name, postal address, email address and date of birth.
- Nationality, ethnicity, gender.
- Contact telephone number/s.
- Emergency contact details (name, address, relationship, contact number and email)
- Your employment status or job title.
- Education and training history (prior attainment).
- Eligibility data such as, but not exclusive to your birth certificate, passport, visa or home office letter, Driving Licence, NI Number, Identity card issued by the Home Office, P60, payslip, contract, or letter from your employer.
- We may also collect information via a third party such as from your employer or the organisation who will instruct our services or enrol you on a course.
- Details of your interactions with us through telephone, email or in writing.For example, we retain notes from our conversations with you, details of any complaints or comments you make, details of the relevant course or service, web pages you visit and how and when you contact us.
- Information gathered by the use of cookies in your web browser.
- Bank account details (if you provide them) to process any donations, services or courses.
- Calls may be recorded for training and quality purposes.
As is similar to most other websites, the Building Pathways website collects certain information automatically and stores it in log files. The information may include internet protocol (IP) addresses, the region or general location where your computer or device is accessing the internet, browser type, operating system and other usage information about the use of our website, including a history of the pages you view.
We use this information to help us design our website to better suit our users’ needs.
We may also use your IP address to help diagnose problems with our server and administer our website, analyse trends, track visitor movements and gather broad demographic information that assists us in identifying visitor preferences.
Building Pathways website also uses cookies and web beacons. It does not track users when they cross to third-party websites, does not provide targeted advertising to them, and therefore does not respond to Do Not Track (DNT) signals.
Cookies And Web Beacons
Cookies are pieces of data that a website transfers to a user’s hard drive for record-keeping purposes. Web beacons are transparent pixel images that are used in collecting information about website usage, e-mail response and tracking. Please see our cookie policy for further details.
Automated Decision-Making Or Profiling
We carry out no automated decision-making or profiling on data you provide us. Data subject rights The European Union’s General Data Protection Regulation and other countries’ privacy laws provide certain rights for data subjects. A good explanation of them (in English) is available on the website of the United Kingdom’s Information Commissioner’s Office: www.ico.org.uk
How And Why We Use Your Personal Data
We want to give you the best possible experience. One way to achieve this is by understanding exactly who you are and combining this with the data we hold about you.
The data privacy law allows this as part of our legitimate interest in understanding the people we work with and providing you with the highest levels of service.
Of course, if you wish to change how we use your data, you’ll find more information in the section below, entitled, What are your rights over your personal data?
You can enjoy much of the information on our website without giving us your personal data. Some personal information is necessary so that Building Pathways can supply you with the services you have purchased or requested and to authenticate you, so that we know it is you and not someone else.
We may share your information with third-party providers to enable us to access training funds, awarding bodies to enable certification/s to be awarded, general third parties to enable us to provide you with our services and with UK government entities where we are legally bound to do so.
We have a robust process for selecting and engaging with our third-party providers and we ensure they also have robust DPA 2018 and GDPR 2018 processes in place.
If you wish to find out more about the third parties we share your information with please contact our DPO (Data Protection Officer) at philip@buildingpathways.org.uk
Remember, if you choose not to share your personal data with us, or refuse certain contact permissions, we might not be able to provide you with some of the services that you’ve asked for.
For example, if you ask us to delete your records prior to the completion of a course, this may prevent us from reaching a satisfactory outcome.
Data Sharing
In certain circumstances, we will need to share your information in order to:
- Enrol you on courses or programmes
- Provide you with our services such as consultancy or sponsorship opportunities
- Signpost you for external support
- Provide tutors with information to verify your attendance
- Obtain funding from third-party providers
- Provide notifications of impending expiration for your certification/s
- Keep records of your attendance, grades and certifications
- Notify you of changes to certifications you hold
- Process payments
We will not transfer any information to countries outside the EEA.
From time to time we outsource certain business functions, such as administration services, regulatory compliance support and legal services to provide you with the best possible service. All our outsourced providers are professional in their fields and have their own strict data processing procedures in place.
Data Storage and Retention
If you reside or are located in the EEA we will only store your information for as long as necessary.
Your personal data is stored by Building Pathways CIC on its servers and physical file stores.
Please note that e-mail communications are typically not encrypted and should not be considered secure.
Building Pathways retains data for the duration of the customer’s or business relationship with us.
During the time that we hold your records, we may contact you on a ‘legitimate interest’ basis if new developments occur that are likely to affect you. Particularly if the information we are providing to you will be of benefit.
Personal information to third parties may be disclosed if we sell or transfer all, or a section, of our CIC and/or assets to a third party.
How We Protect Your Personal Data
We know how much data security matters to everyone. With this in mind, we treat your data with the utmost care and take all appropriate steps to protect it.
To help protect the privacy of data and personally identifiable information you transmit through the use of our websites and paper forms, we maintain physical, technical and administrative safeguards.
We update and test our security technology on an ongoing basis.
We provide access to your personal data to our employees/volunteers/affiliates who need to know that information to provide benefits or services to you.
In addition, we train our employees/volunteers/affiliates about the importance of confidentiality and maintaining the privacy and security of your information.
We commit to taking appropriate disciplinary measures to enforce our employees/volunteers/affiliates privacy responsibilities.
What Are Your Rights Over Your Personal Data?
Here’s an overview of your different rights. You have the right to request:
- Access to the personal data we hold about you, free of charge in most cases.
- The correction of your personal data when it’s incorrect, out of date or incomplete.
- That we stop using your personal data for direct marketing.
- That we stop any consent-based processing of your personal data after you withdraw that consent.
You can contact us to request to exercise these rights at any time. Our contact details are below.
If we choose not to action your request, we will explain the reasons for our refusal.
Your Right To Withdraw Consent
Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw your consent. This can be withdrawn by simply contacting us and letting us know.
Any Questions?
We hope this Privacy Policy has been helpful in setting out the way we handle your personal data and your rights to control it.
If you have any questions please contact our Data Protection Officer. The contact options are detailed below:
Email us: philip@buildingpathways.org.uk
In the unlikely event that your query is not resolved satisfactorily, you have the right to lodge a complaint with the Information Commissioner’s Office, telephone: 0303 123 1113 or via email at https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, England, UK.
We are registered with the Information Commissioners (ICO) and our registration number is: C1211806