We are an organisation that has developed and provides a suite of awards and qualifications. As such, we have members who are committed to our purposes.
We process information by storing it within reputable CRM and accounting systems. We maintain minimal information about our members as full details are normally maintained by the organisations which are providing the training and related services required by candidates who wish to attain our awards or qualifications.
We do not provide any information about our contacts to any other organisations or individuals except where we are asked to confirm whether an award or qualification has been attained.
Our lawful basis for maintaining records is as defined in the Information Commissioner’s Office (2018): “Contract: the processing is necessary for a contract you have with the individual, or because they have asked you to take specific steps before entering into a contract.” (p.13).
Our intended purposes for maintaining records include:
managing the provision of assessment services in line with contractual arrangements
advising about potential provision of assessment services that may become contractual arrangements
liaising with universities and other professional bodies to provide and/or confirm such details as may be required by such organisations within our contractual arrangements with them and with individuals
reporting our business results to the relevant authorities (accounts, tax, etc)
other purposes as may arise in order to carry out the usual functions of the organisation
With regard to any contract we have an ongoing commitment to maintain suitable records of assessment services provided, particularly as we are often asked to confirm qualifications some time after the event. We provide this information when requested by the individual or when the individual has confirmed that they wish the information given to a third party.
Information kept by us includes, where relevant and known, the following within our database: name, email address(es), address details, telephone and/or other contact details, status relating to qualifications we offer, assessment services provided, fees agreed, and sometimes notes of conversations that remind us of our discussions with you about current and potential services.
Reference: Information Commissioner’s Office (2018) Guide to the General Data Protection Regulation (GDPR)
https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/ accessed 29 April 2018 (note – living document updated regularly)