DATA PROTECTION POLICY STATEMENT

 

Hornbill Industrial Training Ltd is committed to a policy of protecting the rights and privacy of candidates in accordance with the Data Protection Act. Hornbill Industrial Training Ltd needs to process certain information about its candidates and other individuals it has dealings with for administrative purposes (e.g. to administer courses, to record progress, to agree awards, to collect fees, and to comply with obligations to external agencies). To comply with the GDP Regulations 2018, information about individuals must be collected and used fairly, stored safely and securely and not disclosed to any third party unlawfully.

The policy applies to all candidates. Any breach of the Data Protection Act 1998 or Hornbill Industrial Training Ltd Data Protection Policy is an offence, and, in that event, Hornbill Industrial Training Ltd disciplinary procedures will apply. As a matter of good practice, other agencies and individuals working with Hornbill Industrial Training Ltd, and who have access to personal information, will be expected to have read and comply with this policy. It is expected that departments/sections who deal with external agencies will take responsibility for ensuring that such agencies sign a contract agreeing to abide by this.

 

Data Protection Principles:

If you are processing/collecting personal information covered by the Act, you must comply with the General Data Protection Regulations 2018.

 

The Data Protection Act 1988 governs the use of personal information through the eight data protection principles.

 

These principles require that personal information is:

• Processed fairly and lawfully

• Processed for one or more specified and lawful purposes, and not further processed in any way that is incompatible with the original purpose

• Adequate, relevant and not excessive

• Accurate and, where necessary, kept up to date

• Kept for no longer than is necessary for the purpose for which it is being used

• Processed in line with the rights of individuals

• Kept secure with appropriate technical and organisational measures taken to protect the information

• Not transferred outside the European Economic Area (the European Union member states plus Norway, Iceland and Liechtenstein) unless there is adequate protection for the personal information being transferred

 

Russell Scaplehorn

Managing Director

January 2018