Mentor Training provides nationwide operator and instructor training

Mentor Training

Privacy Policy

1.0 Context and Overview

Key Details

Policy prepared by: Data Protection Leader
Approved by Board: 01/05/2018
Policy became operational on: 25/05/2018

Introduction

Mentor FLT Training Limited (Mentor) needs to gather and use certain information about individuals.

Information can be held by Mentor relating to customers, suppliers, instructors, business contacts, course delegates, employees and other people that the organisation has a relationship with or may need to contact.

2.0 Personal Data Held and Reasons for Processing

Mentor holds electronic data required to:

Mentor records and stores data on paper forms required to:

CRM

Mentor holds information in its CRM system.

Data can be collected/stored for:

3.0 Data Collection & Storage

Data held on the CRM system consists of:

Company Contacts

Individual's Data

Individuals’ data is collected through the completion of forms known as test sheets and course evaluation forms. These forms are completed by the individual on the course and by a sub-contracted instructor who is authorised as a sub-processor by Mentor.

The forms will include a statement explaining why we need to collect the data and with whom we share it.

Data collected is used to create a certificate for the individual (delegate) which is then either sent to the contact at the individual’s workplace or a central contact, dependent upon the terms agreed in the contract between the company and Mentor.

Individual’s data shared to the following people/organisations

With the company that ordered the training in the form of a certificate and/or badge. This information will only include:

Tracking online activity

Mentor track activity on their website and engagement with their online marketing via cookies and marketing analysis tools, for example Google Analytics. Mentor may contact users if their activity displays legitimate interest. Data retention controls are in place to periodically remove user data over time.

Cookies are also used on the Mentor website. Users can disable any cookies stored on their computer, but this may limit the functionality of the Mentor website.

The following are necessary for the website to function properly – the Mentor website will track:

The website will not share any personal information with third parties.

4.0 Sharing of Data

It is a function of all training companies that they share data about who has been trained with the appropriate accrediting body.

The individual’s data is shared with the appropriate accrediting body as required by Health and Safety Law. This will include:

All the data that we hold on individuals who have done courses with us is classed as low risk. We hold no financial records or home addresses for these individuals.

5.0 Accuracy of Data

Collection of New Contacts and Accuracy of Data

Mentor will endeavour to accurately collect the data it needs and provide clear and transparent justification for doing so, referenced at the point of collection, including a privacy policy that is accessible via the website or the App (once developed).

New contacts and sales leads must be constantly brought in to the company to ensure survival and growth.

Mentor aim to bring in new contacts through the following ways, although this is not an exhaustive list:

Mentor will only market to / contact companies where we believe content will be of legitimate interest to the company / individual but will always provide them the opportunity to opt out via links contained in every email.

Mentor does not use purchased leads to build up its contact database.

6.0 Data Security and Data Breaches

Mentor will protect itself to the best of its ability against data breaches through staff training and by keeping its IT systems up to date with the latest anti-virus, ransomware and firewall protection, and by complying with the latest best practice for data storage and protection. Mentor’s website will also be tested against hackers ensuring that there is no ‘backdoor’ entry to gain access to the IT system and individual’s data. If Mentor do suffer a personal data breach, the Data Protection Leader will notify the ICO and the affected parties within 72 hours of the breach. Mentor consider a breach to be an occurrence involving a loss of data which presents a risk to the rights and freedom of any individuals involved, and could result in:

7.0 Disclosing Data for Other Reasons

In certain circumstances, GDPR allows personal data to be disclosed to law enforcement agencies without consent of the data subject.

Under these circumstances, Mentor will disclose requested data. However, the data controller will ensure the request is legitimate, seeking assistance from the board and from the company’s legal advisers where necessary.

8.0 Providing Information

Mentor aims to ensure that individuals are aware that their data is being processed and that they understand:

To these ends, the company has a privacy statement, setting out how data relating to individuals is used by the company.

This is available on request. A version of this statement is also available on the company’s website.

9.0 Right to be Forgotten

Due to the nature of the industry in which Mentor operates, we believe in the Right to be Forgotten.

10.0 Delegating Data

If a contract ends between Mentor and the customer, Mentor can provide all the personal data that they hold about the customer and the individuals within the organisation, if requested.

Mentor will not delete the associated training records as this data may be requested as evidence of training if for example, an individual has an accident.