GDPR
At ALD Hairdressing Training Academy we work with many of training providers, Suppliers,, Students, etc and would love to stay in touch with anyone that has subscribed to our blog.
Our blog provides posts related to our training, products, services as well as useful links to our current policies etc.
If you no longer want to receive our posts please select to unsubscribe and you will be removed from the mailing list.
If you'd like to unsubscribe from e-mail updates you can unsubscribe from comments by email at any time; just click the unsubscribe link in the comment emails you receive. Or, alternatively, you can click the "Unsubscribe" link on the blog's comment page.
Please also read the following for our updated Privacy
ALD Hairdressing
Training Academy Data Protection Policy
1.
Introduction
a.
We are required to process certain information about individuals with whom we
have dealings, for our own administrative purposes and to comply with our legal
obligations. For example, we need to keep personal data about our employees and
students in order to carry out our function a training academy.
b.
We are committed to ensuring that this processing is undertaken with respect
for the rights and privacy of individuals in accordance with current data
protection and privacy law.
2.
2. Some Key Definitions
a.
Data Protection and Privacy Law
i.
This includes the Data Protection Act, the EU General Data Protection
Regulation, the Privacy and Electronic Communication Regulations, the EU
e-Privacy Regulation and other related legislation as may be enacted in parallel
with or to replace these laws.
b. Personal Data
i.
This is information that can identify a living person that is held either
electronically or in paper form. This can include student records, staff
employment details, research datasets and images such as those recorded on
CCTV.
c. Data Controller
i.
The data controller decides how and why personal data is to be used, and is
legally required to comply with the law. Our Training Academy (ALD) is the data
controller for the personal data it uses.
d.
Data Subject
i. This is an identifiable living
individual who is the subject of personal data.
e.
Processing
i. In
relation to personal data, this means obtaining, recording or holding the data
or carrying out any operation or set of operations on the data.
3.
Principles and Duties
a. Transparency
i. Whenever we (ALD) collect personal data, we will take
appropriate measures to provide data subjects with the information required to
ensure they understand the nature of the processing and how to exercise their
rights in relation to that processing.
b. Consent
Where we are relying on consent as a legal
basis for processing personal data, individuals’ consent will be collected in a
manner that ensures it is freely given, specific, informed and unambiguous.
c. Purpose Limitation / Data Minimisation /
Storage Limitation / Accuracy
i.
We will only collect and use personal data for specific legitimate purposes,
and it will be kept only for as long as we need it for those purposes. We will
not collect excessive or irrelevant information. We will ensure that personal
data we collect and process will be accurate and kept up to date, where
necessary.
d. Security
i. We will have appropriate security
measures in place to protect personal data, taking account of the nature of the
data and the harm that might be caused if it was lost. These security measures
will be regularly tested, assessed and evaluated to ensure they maintain an
appropriate level of security for personal data.
e. Rights
i.
Data subjects will be able to exercise fully their rights to access,
rectification, erasure, restriction, portability and objection, and their
rights with regard to automated decision making and profiling.
f. Marketing
i.
Electronic, telephone and other marketing will be carried out in accordance
with the law. Guidance is available for staff to enable them to meet these
requirements.
g. Data Protection by Design and Default
i. We will implement appropriate technical
and organisational measures to ensure that data protection principles are
incorporated into the development and operation of personal data processing
activities.
ii.
Data protection impact assessments will be carried out for any new processing
activity that is likely to result in a high risk to the rights of the data
subjects whose personal data is involved in the processing.
h. Accountability
i.
We will maintain appropriate records to allow us to demonstrate our compliance
with these principles and duties, including records of processing activities
under our control. A Data Protection Officer (Mrs Paula Lowes) will be
designated to fulfil the tasks set out in law. The Data Protection Officer will
be provided with the resources and support necessary to carry out those tasks.
i. International Transfers
i. Transfers of personal data outside of the
European Economic Area will be subject to appropriate safeguards in accordance
with the law.
4
Roles and Responsibilities
a. Data Protection Officer
i. fulfil the statutory tasks of a Data
Protection Officer and report on compliance to the Registrar.
ii. Advise on policy and draw up procedures
and guidance in line with best practice.
iii. Promote and monitor policy compliance.
iv. Coordinate and respond to requests and queries received from data subjects.
v. Facilitate appropriate training for all
relevant staff.
b.. Managers and Data Owners
i. Managers and data owners
have a responsibility for ensuring that data protection issues within their
areas are managed in a way that meets the provisions of this policy. e. All
Staff and Students i. Be aware of data protection requirements and what they
mean to the Training Academy
ii. Follow the policy and
procedures for handling personal data.
iii. Consult with the
Information Security Team for advice and guidance when necessary.
iv. Report data breaches to the Information
Security Team as soon as possible, in line with procedure and guidance.
v. A breach of this policy
could result in disciplinary action.
Paula Lowes –
ALD Hairdressing Training
Academy Limited
109-111 Blythe Terrace,
Birtley. DH3 1DW
Tel: 0191 4111730
Email address: aldhairdressing@gmail.com
Issued 25th May
2018
Reviewed yearly
No comments:
Post a Comment