How we use your personal information …
As data protection specialists you would expect us to take privacy issues very seriously, and you are absolutely right. The Griffin House Consultancy (GHCL), are 100% committed to protecting your personal information and we shall always be transparent with you about how we are using your details.
How do we obtain your information & why?
In 99% of cases you will volunteer your personal details to us. We will always tell you before we capture your information why we need the information and how we will use it.
Learners - if you have enrolled onto one of our training courses then we will need to know your name, company address and contact details, and in order to support you in your learning experience we may need to ask for other specific information. We ask if you have any dietary requirements to accommodate your catering requirements on the day, and may ask if you require any particular assistance with learning materials or additional help in taking the exam. Finally we ask for your ethnicity so that we can provide statistical analysis to the relevant authorities.
The last three elements of information, will not be electronically stored against your name, but held anonymously and only referred to in the event of a query. We shall also record details of your pass mark.
As we need your information to provide a certified course to you, we shall keep a copy of the data for a minimum of 10 years, but we will remove the entry if you request us to do so.
If you have made contact with us, or if we have made contact with with you, whether that be through networking, via social media or in person, we shall add your name, company and contact details to our CRM together with appropriate relevant notes, such as details of our discussions, meetings, marketing contacts etc.
If you are a learner or business contact we will ask you if you would like to receive regular communications from us, and we shall do this within any guidelines with the DPA or PECR Regulations. You can change your preferences at any time, and if you ask us to stop communicating with you, we shall action this request immediately.
How we store your information
All client information and files are retained on cloud servers hosted within the EU, and any files containing commercially or personally sensitive information are encrypted before saving to the server. We store our marketing information in a robust CRM system, and ensure that only basic contact information, as stated above, is stored. Only authorised members of the team have access to your personal information, and we back it up regularly to prevent against loss or damage. This CRM is hosted in the USA.
Files are encrypted before they are backed up, but backups may be stored in the USA.
Who do we share with?
Let me assure you that we will never sell your information, or share it with any third party, save those detailed below, or with any government agency or other party entitled to this information by law, statute or court order.
However, if in the event that the Griffin House Consultancy Limited is ever sold as a going concern, or enters into administration, the database of clients and prospects shall be deemed an asset of the company, and the consents and permissions provided by the data subject shall be transferred to the new owners.
For learners, we will share your personal details with any awarding body as necessary to facilitate the awarding of your certificate or qualification. We may from time to time sub-contract elements of our operation to data processors, such as a mailing house, or market research company, but they will be working as a data processor on behalf of GHCL who shall at all times remain responsible for the confidentiality of the data. Any data processor will be vetted and sufficient contracts will be in place to protect the integrity and privacy of your data.
Where possible data will remain on servers within the EEA, in a third country listed on the EU's approved country list, or on servers within the United States if the company is part of the approved Privacy Sheild scheme.
The Data Protection Act 1998 and GDPR (from 25th May 2018) provides an individual rights which are listed below for your convenience:-
You have the right to access a copy of the personal information we hold about you by making a Subject Access Request (SAR) in writing or by email to Griffin House, for attention of the Mike Martin.
You have the right of rectification to amend or update your personal information and ensure we maintain accurate and up to date records and or data about you.
You have the right to erasure, also known as ‘the right to be forgotten’.
The broad principle underpinning this right is to enable an individual to request the deletion or removal of personal data where there is no compelling reason for its continued processing by Griffin House.
You have the right to ‘block’ or suppress the processing of your personal data. Processing of your personal information may be restricted in the event it is no longer essential to support the use of services provided to you and or not part of any contractual, legal or financial requirement to do so. Griffin House is permitted to store the personal data, but not further process it.
Griffin House may retain just enough information about you to ensure that any restriction is respected in future.
You have the right for data portability which allows individuals to obtain and or reuse their personal data for their own purposes across different services. It allows you to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability.
You have the right to object to the processing of your personal information based on legitimate interests or the performance of a task in the public interest or exercise of official authority including profiling activity, direct marketing including profiling activity; and processing for purposes of scientific and or historical research and statistics.
You have right to be made aware of any automated decision-making, that made without any human involvement, and or profiling of your personal information by Griffin House (of whihc there are none).
You have an absolute risght to ask us to stop sending you direct mail or email.
Fiinally, if you are unhappy with the way we are processing your information you can request compensation for any distress you are caused or loss you have incurred. You can find out more information from the ICO’s website http://ico.org.uk/for_the_public/personal_information
We do not store any personal data in the cookies that we use, and store the cookie information anonymously to assist us in both the running of the site, and also for monitoring the activity and traffic both to and through our website. To do this we use Google Analytics cookies.
Depending on the browser you use, you should be able to control what cookies are placed on your device through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org
If you have any questions, do not hesitate to contact us.
Data Protection Register Entry Details
Data Controller: Griffin House Consultancy Limited
Tel: 01673 885533
Registration Number: ZA081014