Who are we?
Tim Musson t/a Computer Law Training provides data protection and GDPR consultancy and training services. After many years running my company, Computer Law Training Ltd in Scotland, I have closed the company and am trading as Computer Law Training. My address is Sapphire House, Main Highway, Laborie, St Lucia. Tel: +44 (0)131 678 6740 E-mail: email@example.com
What personal data do we process?
Computer Law Training Ltd collects, stores and uses information about: - our own employees and prospective employees - our training course delegates / attendees - training course delegate / attendee registration forms for our clients - the employees of potential and current customers - the employees of our suppliers; and - the personal data being processed by our customers to the extent that it is necessary for us to provide our services. As you would expect, we are fully committed to dealing with all personal data in a fair and transparent way and ensure that we have the appropriate security measures in place. This notice sets out what we do with your personal data, why we do it, who we pass it on to and what we do to keep it secure. Telephoning our office When you call our office whether by mobile or landline we collect Calling Line Identification (CLI) information that retains your telephone number (unless you have a withheld your number). We use this information to help improve our efficiency and in order that we may call you back in the event of a ‘missed call’. We will normally ask for your name, email address, and confirmation of your telephone number and where appropriate your business address. Contacting us by e-mail When you email our office for the first time we will, temporarily, store your email address in order to respond to your questions or enquiry. We monitor any emails sent to us, including file attachments, for viruses, phishing and malicious software. Visiting our website Our website uses Google Analytics to collect information and details of visitor behaviour patterns. This helps us understand how many people have visited our site and which pages are visited most often. We do not collect or store personal information in this way and we cannot identify you as an individual through this third-party service. For more information on cookies, see our separate cookie notice. If you complete a “contact us” form on our website, you will be asked to complete your name, email address and telephone number. This will be used to contact you to respond to your enquiry. Visiting our social media sites We use the following social media platforms:
- Linked In
Why do we process this information?
Employees of Customers and Suppliers - We use the personal data of the employees of our customers and suppliers to contact them about the work we are doing for them or the work they are doing for us. We have either a legitimate interest or contractual legal basis to process this information in order to keep doing business and provide the services that we offer. The personal data will generally be limited to employee contact details only. We will use these contact details to send information about other products and services from time to time. This is because we have a legitimate interest in promoting our service but we will always provide the individual receiving the message with the option to opt out of receiving our messages. Employees of Potential Customers - We want to tell people about our services and believe that we have a legitimate interest to do so. We will use the contact details of business contacts to send information about our services and events we hold from time to time. Again, this is because we have a legitimate interest in promoting our service, but we will always provide the individual receiving the message with the option to opt out of receiving our messages. Our training Course Delegates / Attendees - We use the personal data of course delegates / attendees in order to provide our services, consultancy and course delivery. Our legal basis for doing so, is contractual as we deem it as necessary for the performance of a contract entered into by both parties. Training Course Delegate / Attendee Registration forms for our Clients - We use the personal data of our client course delegates / attendees in order to provide our services, consultancy and course delivery on their behalf. Our legal basis for doing so, is contractual as we deem it as necessary for the performance of a contract entered into by both parties. Personal Data we Process as part of our Service - We may occasionally have to use the personal data that is being processed by our customers in order to provide our consultancy services. We will only use this for that purpose and no other purpose. It will be held securely and then returned to our customers as soon as it is no longer required for that purpose.
Who do we share your data with?
We will only share personal data as is necessary to provide our services, or where disclosure is required or permitted by law. Examples of organisations who may require us to disclose your personal data are Government Bodies and Law Enforcement Agencies . Otherwise, data will only be shared with third parties that we trust and only where there are appropriate arrangements in place for sharing data, i.e. data sharing agreements and/or data processing agreements. These parties are; Our cloud storage provider, Our I.T. Support Company, Our Accountants and Auditors, Certification Bodies (for the issue of training certificates), Our Legal Advisors/Law Firm and our partner business, RGDP LLP. All of our data is stored on an internal server and backed up, hourly, on a secure hard drive and in a cloud based storage solution based within the UK.
How long do we keep data?
Employees of Customers and Suppliers - We will hold contact details for as long as we are providing you, or your organisation, with our services or you are providing us with services. If we no longer have a relationship with you, we will delete your data 2 years after the termination of the relationship, aside from any data that we are required to keep in order to fulfil our legal obligations, e.g. invoicing/financial records for 6 years. Employees of Potential Customers - In relation to these business contacts, if you do not engage our services or come to our events, we will hold onto your data for 1 year, after which, it will be deleted. Course Delegates / Attendees - We will hold course delegate details for as long as we are providing you, or your organisation, with our services or you are providing us with services. If we no longer have a relationship with you, we will delete your data 2 years after the termination of the relationship, aside from any data that we are required to keep in order to fulfil our legal obligations. General Retention - We have other retention periods for information, but, generally, this is not personal data – it will relate to our company information and/or records etc.
You have rights in relation to your personal data and you can ask Computer Law Training Ltd to:
- Provide a copy of your personal data
- Correct any mistakes in your personal data
- In certain situations; Delete your personal data
- In certain circumstances; Restrict processing of your personal data, i.e. if you contest the accuracy of the data
- In certain situations; Provide you with a copy of the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party
- At any time to your personal data being processed for direct marketing (including profiling);
- In other situations, to our continued processing of your personal data, e.g. processing carried out for the purpose of our legitimate interests.
- required or permitted by law
- for the purpose of exercising or defending our legal rights
- meeting our legal and/or any regulatory obligations