These days people are rightly becoming more concerned about the amount of detailed information companies have been gathering about us and how it is being traded and used to control the information we see and the choices we make.
We have thought carefully about this. Changing Behavious does not trawl for data to trade with other commercial companies but we do need some information to enable us to provide a good service. For example, we need contact details to contact you with information about your training or developments in our courses. We need to share these with the post office or courier services if we send you letters or parcels. Your data is stored in locked cabinets at the office.
This Privacy Notice explains in detail the types of personal data we at Changing Behaviour may collect about you when you interact with us in various ways. It also explains how we’ll store, handle and protect that data.
We want you to be fully informed about your rights, and how Changing Behaviour uses your data, so we have included quite a lot of information here. We hope the following sections will answer any questions you have but if not, please do get in touch with us.
Changing Behaviour is a training provider based in the UK.
The law on data protection sets out a number of different reasons why a company may collect and process your personal data.
A variety of data may be collected..
We collect your personal data to enable us to process your orders and comply with our legal obligations. Your details may need to be passed to a third party to supply or deliver the product or service that you ordered, and we may keep your details for a reasonable period afterwards in order to fulfil any contractual obligations such as refunds, guarantees and so on.
Training may be delivered on our behalf by independent contractors who are also responsible for complying with GDPR.
We need to keep records to inform future communications (for example to respond to queries, refund requests and complaints and, more commonly, to provide references, advice and support).
We do this on the basis of our contractual obligations to you, our legal obligations and our legitimate interests in providing you with the best service.
We also need to protect our business and your account from fraud and other illegal activities. This includes using using your personal data to maintain, update and safeguard your account.
If we discover any criminal activity or alleged criminal activity through our use of CCTV, fraud monitoring and suspicious transaction monitoring, we will process this data for the purposes of preventing or detecting unlawful acts. We aim to protect the individuals we interact with from criminal activities.
Data security matters to all our customers. We treat your data with the utmost care and take all appropriate steps to protect it.
Whenever we collect or process your personal data, we only keep it for as long as is necessary for the purpose for which it was collected.
At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data, so that it can be used in a non-identifiable way for statistical analysis and business planning.
Changing Behaviour retains business records, training summary evaluations, course registration documents and contracts for a period of 7 years after they expire.
We sometimes need to share your personal data with trusted third parties. For example, delivery couriers, consultants visiting you, and trainers all need your contact details. We provide only the information they need to perform their specific services. They may only use your data for the exact purposes we specify in our contract with them. We work closely with them to ensure that your privacy is respected and protected at all times.
If we stop using their services, any of your data held by them will either be deleted or rendered anonymous. Examples of the kind of third parties we work with are:
For further information please contact our Data Protection Officer – Clare Edmondson.(email@example.com)
You have the right to request access to the personal data we hold about you, free of charge in most cases. You are also able to correct any of your personal data on the website if it is incorrect, out of date or incomplete. For example, when you withdraw consent, or object and we have no legitimate overriding interest, or once the purpose for which we hold the data has come to an end.
You have the right to request a copy of any information about you that Team-Teach holds at any time, and have that information corrected if it is inaccurate. To ask for your information, please email firstname.lastname@example.org If we choose not to action your request we will explain to you the reasons for our refusal.
If you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent.
In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.
You can contact them by calling 0303 123 1113, or go online to www.ico.org.uk/concerns.
By using our services or providing your personal data to us, you expressly consent to the processing of your personal data by us or on our behalf. Of course, you still have the right to ask us not to process your data in certain ways, and if you do so, we will normally respect your wishes.
Many IT providers store data in servers which are located outside of the UK. (For example, iCloud, Dropbox, and Amazon Web Services). Sometimes we’ll need to transfer your personal data between countries to enable us to supply the goods or services you’ve requested. In the ordinary course of business, we may transfer your personal data from your country of residence to ourselves and to third parties located in the UK. By dealing with us, you are giving your consent to this overseas use, transfer and disclosure of your personal data outside your country of residence for our ordinary business purposes.
This may occur because our information technology storage facilities and servers are located outside your country of residence, and could include storage of your personal data on servers in the UK.