This Policy is effective from 1st May 2018.
This policy sets out how LR Consultancy Limited (registered in England 5119705) including its operating subsidiary Ellare, as Data Controllers, collect, store and use information obtained or collected about you including when you use or interact with our websites, www.LRConsultancy.co.uk or www.ellare.co.uk.
LR Consultancy Limited ICO registration ZA340967
Lesley Roberts is designated as the Data Protection Officer and can be contacted as follows:
email@example.com | 07799473402 | 19 Melloncroft Drive, Caldy, Wirral, CH48 2JA
We collect information about you when you provide it to LR Consultancy (by contacting us directly, by completing your contact details in training, online or in a workshop environment including pre course or post course questionnaires/reactionnaires).
When you send an email to the email address displayed on our website we collect your email address and any other information you provide in that email (such as your name, telephone number and the information contained in any signature block in your email) is retained.
When you contact us using our contact form, we collect your name and email address. We also collect any other information you provide to us when you complete the contact form, including any optional information, such as phone number, job title or company name is retained.
We do not record phone calls or use caller ID and are therefore unable to respond to an enquiry by telephone if the information required by our contact form (such as phone number) is not completed.
We are also provided with employee data from client companies/your employer if they have purchased resources from us or have instructed us to be data processors of you information (your name, location of work, telephone number and the information contained relevant to your learning with us).
Totara LMS https://www.totaralms.com/privacy-policy
We use independent Associates in our business (sub processors) and we will share information about you with them as necessary in order for them for them to deliver their obligations to the project we have engaged them in.
Details of Sub Processors acting on behalf of LR consultancy Limited can be provided on request including the Non-Disclosure Agreements we hold with them.
You can reject some or all of the cookies we use on or via our website by changing your browser settings or non-essential cookies by using our cookie control tool, but doing so can impair your ability to use our website or some or all of its features. For further information about cookies, including how to change your browser settings, please visit www.allaboutcookies.org or see our cookies policy.
The servers we use to host our websites are located in the UK and the information we collect from you includes your name, contact details, the IP address you use to access is automatically logged, information from cookies as well as other information about your visit such as the pages accessed, information requested, the date and time of the request, the source of your access to our website (e.g. the website or URL (link) which referred you to our website), and the geographical location from which you accessed our website (based on your IP address), your company or business name and job title.
The information we collect from you is used to administrate our learning programmes, to provide you with relevant information to help you to do your job, to update and invite you to join new programmes and events that are relevant to your role and career ambitions in the new home industry.
Transmission of information over the internet, or by email, is not entirely secure and when you submit information to us over the internet (whether by email, via our website or any other means), you do so entirely at your own risk. We cannot be responsible for any costs, expenses, loss of profits, harm to reputation, damages, liabilities or any other form of loss or damage suffered by you as a result of your decision to transmit information to us.
We will only disclose your information to 3rd parties in relation to the running of our business, for example we will upload your details to our CRM system and email marketing system. Your details will also be held in our Learning Management System thus our service providers will have secure access to your details.
We will never sell your information to 3rd parties unless as part of a business, asset sale or acquisition by us, a merger or similar business combination event, whether actual or potential.
We will share your information with our insurers where it is necessary to do so, for example in relation to a claim or potential claim we receive or make or under our general disclosure obligations under our insurance contract with them. Our insurers are Axa Insurance UK plc, www.axa.co.uk/privacy-policy.
We will where required by law or to enforce our legal rights disclose your details if we suspect that criminal or potential criminal conduct, fraud or a cybercrime has occurred, we will contact appropriate authorities. We will generally only need to process your information for this purpose if you were involved or affected by such an incident in some way.
We will keep your information securely for no longer than necessary, taking into account any legal obligations we have (e.g. to maintain records for tax purposes), any other legal basis we have for using your information (e.g. your consent, performance of a contract with you or our legitimate interests as a business). Where is possible to define specific retention periods, they are set out below.
- We do not access log data from our website server. Our third-party website hosting provider Zen collects and stores server logs for a maximum of 1 month, however this is increased on occasion if needed for long term diagnosis. Zen collects and stores server logs to ensure network and IT security and assure that the server and website remain uncompromised. This includes analysing log files to help identify and prevent unauthorised access to our network, the distribution of malicious code, denial of services attacks and other cyber-attacks, by detecting unusual or suspicious activity.
- Unless we are investigating suspicious or potential criminal activity, we do not make, nor do we allow our hosting provider to make, any attempt to identify you from the information collected via server logs.
- When you place an order with us, we retain that information for seven years following the end of the financial year in which you placed your order, in accordance with our legal obligation to keep records for tax purposes.
- When you make an enquiry or correspond with us for any reason, whether by email, via our contact form or by phone, we will retain your information for as long as it takes to respond to and resolve your enquiry, and for 24 months after which point we will delete your information.
- When you sign up for one of our programmes or related automated communications (blogs, newsletters, and market data) will keep your information for as long as you remain subscribed or if we decide to cancel any aspect of our eCommunications.
- In any other circumstances, we will retain your information for no longer than necessary, taking into account the purpose(s) and use of your information both now and in the future this includes performing our obligations under a contract with you and the levels of risk, cost and liability involved with us continuing to hold the information.
We store your information on secure servers and only grant access to your information where necessary.
In certain circumstances we may transfer your information outside of the European Economic Area. Where we do so, we will ensure appropriate safeguards are in place.
In accordance with the latest data processing requirements, you have the right to take the following action at any time:
- To have your information corrected and/or completed
- To have your information deleted
- To request a restriction on the use of your information
- To receive your information in a portable format
- To object to the use of your information
- To withdraw your consent to the use of your information
- To complain to a supervisory authority
We do not knowingly or intentionally collect sensitive personal information from you, and we ask that you do not provide sensitive personal information to us.
‘Sensitive personal information’ is information about an you that reveals your racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic information, biometric information for the purpose of uniquely identifying you as an individual, information concerning health or information concerning a natural person’s sex life or sexual orientation.
If, you inadvertently or intentionally transmit personal information to us, you will be considered to have explicitly consented to us processing that sensitive personal information under Article 9(2)(a) of the General Data Protection Regulation. We will use and process your sensitive personal information for the purposes of deleting it.
In order to efficiently run and manage our businesses, we will share information with our accountants for tax purposes. We share invoices issued and received for the purpose of completing tax returns and our end of year accounts. Our accountants are The Priory Practice Limited, 1 Abbots Quay, Monks Ferry, Birkenhead, Wirral CH41 5LH https://www.the-priory.co.uk.
You may exercise your right to object to us using or processing your information for direct marketing purposes by
- Clicking the unsubscribe link contained at the bottom of any marketing email we send to you
- By sending an email to Lesley Roberts, Data Protection Officer
- firstname.lastname@example.org, 07799473402, 19 Melloncroft Drive, Caldy, Wirral, CH48 2JA
- Emailing email@example.com and asking that we stop sending you eCommunications or by using OPT OUT in the email subject line