GDPR Policy

Objectives

 

The objectives of this policy are

  1. To comply with The General Data Protection Regulation (GDPR) (EU)

2016/679.

  1. To process personal data safely, and in line with current requirements

iii. To ensure consistency across the business in relation to how and why

individuals are contacted

  1. To provide transparency to individuals about the data we hold relating to

 

them, and allow them the opportunity to have certain aspects removed

where necessary.

 

Personal Details

 

PERSONAL DETAI LS HELD BY THE CENTRE

 

Below is a list of the personal details we currently hold on all registered

students.

 

• Full name, including prefix and middle names where applicable

• Previous surname (where applicable)

• Date of Birth

• Address

• Contact telephone number

• Email

• Registration number with awarding organisation (if applicable)

• If you feel personally feel that you have restricted learning abilities

• Emergency contact and telephone number

• Medical conditions, medication or allergies, including GP name and

contact number

• Disabilities

• Learning difficulties

 

 

We also ask for permissions for the following:

• If you are happy for photographs/videos to be taken and used as evidence

or for training purposes

• If you are happy for photographs/videos to be taken and used for

advertising by our business only (no third parties or advertising rights sold)

• If you are happy for your details to be stored and monitored for

registration, certification and quality assurance purposes

• If you are happy to be contacted during or after your course to review your

experience.

 

This information allows us to ensure our learners are registered on a suitable

qualification that meets their career objectives, and allows them to learn in a

way that enables achievement and a supportive learning environment.

 

PERSONAL DETAI LS WHI CH MAY BE SHARED

 

For the purpose of certification for regulated qualifications, we have to share

some of the personal details we hold about learners with our Awarding

Organisations. Below is a list of the details we may share, and with whom.

 

Information shared in all cases:

• Full name, including prefix and middle names where applicable

• Previous surname (where applicable)

• Date of Birth

• Address

• Contact telephone number

• Email

• Registration number with awarding organisation (if applicable)

 

Information shared in some cases, and always in agreement with the individual

prior to sharing:

 

• If you feel personally feel that you have restricted learning abilities

• Medical conditions, medication or allergies, including GP name and

contact number

• Disabilities

• Learning difficulties

• Highest and current qualifications, preferred learning style and abilities

with core educational tasks

• Career plans

 

Who we share information with:

 

Awarding organisations are regulated bodies that approve centres to offer their qualifications after a strict approval process. These are government recognized bodies and qualifications.

These organisations use your information for the purpose of certification, and qualification regulation only. These bodies have their own GDPR policies.

 

Funding companies – where application has been completed by the learner, as the learners own decision, and as an external and separate application to the centre. When a learner applies for funding options to help with part or their entire course costs, it may be necessary to send information regarding the learners progress and achievements to the funding source.

 

Accreditation bodies are other industry related bodies that have approved our own qualification content, and they may use your information differently, depending on the service they offer. We are less likely to need to share your personal information with these companies. On occasion, we may need to confirm your position on a training programme with us. Please refer to their own GDPR statements for how they may process your information

 

VTCT www.vtct.org.uk +44 (0) 23 8068 4500

BEAUTY GUILD www.beautyguild.com 01332 224830

 

Both of which are GDPR compliant.

 

Obtaining consent

 

We will always explicitly ask you on more than one occasion to give consent for

us to store your data.

 

If you do not give us consent to storing your data, we may not be able to

continue with the service offered, due to the nature of our record keeping

requirements.

 

ASKI NG FOR CONSENT

We will ask you to consent to us storing your data during the following activities:

 

• Enrolling onto a training program

• Being put onto a specific mailing list including

o Latest training course dates

o Waiting lists for specific courses

o Updates to our terms, conditions and any accreditation/approval

changes

 

REMOVI NG YOUR CONSENT

As a company, we want you to be happy with the information processes we

adopt. We will ensure the following:

 

• You have an easy opt out of mailing lists

• You are able to request a copy of the personal information we hold on you

Please be aware that we are not able to delete your information and remove it

from our centre records if you have enrolled and started any training program

with us, even if you have only attended an induction. For our own insurance and

responsibilities to our awarding/accrediting and funding organisations, we must

store all relevant information for 7 years.

Please see ‘Storing information’ for details on which information is considered

relevant.

 

 

Storing information

 

To maintain our processes within awarding organization and accrediting bodies requirements, we must keep ‘relevant’ records of learners for up to 7 years, depending on the type of information.

 

The information considered relevant, and their storage time is listed below.

 

Kept for 7 years

 

 

Information  Storage requirements

Full name, including prefix and middle names

where applicable

Previous surname (where applicable)

Date of Birth

Address

Contact telephone number

Email

Registration number with awarding organisaton

(if applicable)

 

Duration of the course

 

 

If you feel personally feel that you have

restricted learning abilities

Emergency contact and telephone number

Medical conditions, medication or allergies,

including GP name and contact number

Disabilities

Highest and current qualifications,

Preferred learning style and abilities with core

educational tasks

Career plans

 

Learning difficulties Duration of course, or

7 years if reasonable adjustments were applied

to assessment

 

 

 

 

 

 

 

All information supplied to us is stored online using a safe and GDPR compliant system.

All online storage is password protected, with appropriate levels of log in for other staff directly affected by the information.

 

Data is not saved on individual computers, and access is limited to the Data

Controller, or appointed staff who have a direct need for information to be able

to complete their task safely and to regulated standards.

 

Any technology used to access the information is protected by trusted anti-virus

and malware software appropriate to the equipment.

 

 

Data Controller

The company does not exceed the level of data to contract a role specific Data

Controller, however, as a measure of good practice, ETS have registered with

the Information Commissioners Office.

 

The current registered Data Controller/s is/are:

 

Katie Newman- Havering Beauty Academy 01708472727 or info@havering-beauty-academy.com

Other roles within the organisation that may have access to your records:

• Tutor/assessor

• Internal Quality Assurer

• Centre Management

• Learning Support Co-ordinator

RESPONSI BI LI TI ES

The data controller is responsible for the following:

 

• Processing personal data in line with current legislation

• Processing data in a safe and secure fashion

Ensuring as far as practical that passwords for systems storing data

remain secure

• Organising and allocating passwords and appropriate access levels to

others involved in the use of data

• Editing and removing data in line with timescales, client requirements and

consent

• Reporting a breach within 72 hours of the occurrence

• Evaluating, authenticating, approving and supplying copies of requested

data

 

Changes to your data

If you would like to make changes to the data we hold on you, please contact

the Data Controller on admin@essextrainingsolutions.com

You will need to state which pieces of data you would like to change and give

reason or possibly evidence for the change. Please note, this will not mean that

previous data is removed.

 

Requesting a copy of your data

if you would like a copy of the data we hold on you, please contact the Data

Controller, and request a full copy of your data record.

We aim to respond in 3-5 working days.

 

 

Social Media Competition Rules and Terms and conditions

These terms and conditions are for all competitions online or in the premises.

Havering Beauty Academy occasionally runs competitions and giveaways on social media.

Terms & conditions of entry to the Havering Beauty Academy Competitions and Giveaways.

  1. The promoter is: Havering Beauty Academy(on relevant social media platforms)
  2. The competition is open to residents of the United Kingdom and Republic of Ireland aged 18 years or over except employees of any of the prize giving brands/businesses and their close relatives and anyone otherwise connected with the organisation or judging of the competition.
  3. There is no entry fee to enter this competition.
  4. By entering this competition, an entrant is indicating his/her agreement to be bound by these terms and conditions.
  5. Route to entry for the competition and details of how to enter are via all relevant social media platforms and prize giver social and online accounts.
    Multiple entries per person will be accepted if stated on the post.
  6. Each giveaway will run for one to seven days. Closing date for entry will be midnight GMT on the day announced in the social media post. After this time, no further entries to the competition will be permitted.
  7. No responsibility can be accepted for entries not received for whatever reason.
  8. The rules of the competition varies depending on the network and is outlined in the post itself.
  9. The promoter reserves the right to cancel or amend the competition and these terms and conditions without notice in the event of a catastrophe, war, civil or military disturbance, act of God or any actual or anticipated breach of any applicable law or regulation or any other event outside of the promoter’s control.
  10. Any changes to the competition will be notified to entrants as soon as possible by the promoter.
  11. The promoter is not responsible for inaccurate prize details given to any entrant supplied by any prize givers connected with this competition.
  12. The prize for the winner is specified in the social media post and no cash or other alternatives will be offered.
  13. The prizes are not transferable.
  14. Prizes are subject to availability and we reserve the right to substitute any prize with another without giving notice. In the event that no substitute can be found we reserve the right to remove any prize from the competition at any point.
  15. One entrant will be chosen at random  from all entries received each day and verified by the Promoter.
  16. The winner will be notified within 24 hours of the closing date of each giveaway. If the winner can not be contacted or does not claim the prize within 14 days of notification, we reserve the right to withdraw the prize from the winner and pick a replacement winner.
  17. By entering the Giveaway each entrant agrees to release, discharge and hold harmless the promoter, prize-givers their legal representatives, affiliates, subsidiaries, agencies and their respective officers, directors, employees and agents from any damages whatsoever suffered or sustained in connection The Giveaway or the acceptance of the Prize.
  18. The promoter’s decision in respect of all matters to do with the competition will be final and no correspondence will be entered into.
  19. By entering this competition, an entrant is indicating his/her agreement to be bound by these terms and conditions.
  20. The competition and these terms and conditions will be governed by English law and any disputes will be subject to the exclusive jurisdiction of the courts of England.
  21. The winner agrees to the use of his/her name, social media account and image in any publicity material, as well as their entry.
  22. The winner agrees to photograph their prize and share images by tagging Havering Beauty Academy and the prize giving brand on the relevant social platforms.
  23. The winner will receive their prize within 14 days of claiming their prize provided that they respond to correspondence and give their postal address to receive their prize within 14 days of notification. This timeline does not apply where the prize is bespoke, commissioned or requires the winner to choose their prize with vouchers, in all these cases the winner will receive their prize at the discretion of the prize-giving brand. All brands involved will give full disclosure on timescales when they are contacted by the winner.
  24. It will be the prize winners responsibility to contact the prize-giver in the first instance.
  25. Any personal data relating to the winner or any other entrants will be used solely in accordance with current UK data protection legislation and will not be disclosed to a third party without the entrant’s prior consent.
  26. The winner’s name will be available 28 days after closing date by emailing the following address: info@havering-beauty-academy.com
  27. Entry into the competition will be deemed as acceptance of these terms and conditions.
  28. This promotion is in no way sponsored, endorsed or administered by, or associated with any other Social Network.