GENERAL DATA PROTECTION REGULATION (GDPR)
We are committed to respecting your privacy. This Privacy Notice has been written to inform participants of LifeWise Technologies Limited (“Lifewise”) about what we do with your personal information before, during and after your working relationship with us. This notice does not form part of any contract to provide services.
a. your correspond with us by phone, e-mail or in some other way
b. your use of the Lifewise website and education portal, including any data you may provide through the Lifewise website when you make an enquiry or purchase a product or any course/programme (whether online, face to face or distance learning) and whether on behalf of yourself or as an employer client (“Services”)
c. your registration for, purchase of or use of any Lifewise products and/or Services (including but not limited to courses or programmes (in any medium))
d. your use of any Lifewise social media channel; and
e. your sending of personal data to Lifewise by any other means.
We also may collect personal information through other sources such as;
- Including but not limited to LinkedIn and other social media platforms such as Facebook
- personnel recommendations and referrals
- through the use of business development tools, including but not limited to public data
- Department for Education (DfE)
- Education and Skills Funding Agency (ESFA)
- Local Education Authority
- Referrals through our partner and sponsorship programmes
This Policy will also inform you of what we do with personal data, how we look after personal data and tell you about your privacy rights and how the law protects you.
2. WHO ARE WE?
LifeWise Technologies Limitied with company registration number 12938214 , for the purposes of the Data Protection Act 1998 and as defined by Article 4 (7) of GDPR, are registered as a ‘data controller’ for personal data processed by Lifewise and other third parties contracted to process data for LifeWise Technologies Limited. This means that we determine the purposes for which, and the manner in which, your personal data is processed. We have a responsibility to you and your personal data and will only collect and use this in ways which are compliant with data protection legislation.
Lifewise Data Protection registration can be viewed on the Information Commissioner’s website.
Lifewise does not knowingly solicit personal information from children under the age of 13 or send them requests for personal information.
3. CONTACT DETAILS
FAO of the Data Protection Officer
LifeWise Technologies Limitied
2-4 Packhorse Road, Gerrards Cross, Buckinghamshire, England, SL9 7QE
Email address: firstname.lastname@example.org
Furthermore, you have the right to make a complaint at any time to the Information Commissioner’s Office (“ICO”), the UK supervisory authority for data protection issues (www.ico.org.uk).
4. IMPORTANT INFORMATION ABOUT THIS POLICY
6. THIRD-PARTY LINKS
7. USES MADE OF THE INFORMATION
We are committed to protecting your privacy and will only use your personal information in accordance with applicable data protection legislation, including the Data Protection Act 1998 and (once applicable) the General Data Protection Regulation and the UK implementing legislation. Most commonly, we will use your personal information in the following circumstances:
- where we need to perform, or take preparatory steps to perform, the contract we have entered/shall enter into with you.
- where we need to comply with a legal obligation; and
- where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. These legitimate interests are to formulate and manage our relationship with you as a potential or actual customer, determine our respective rights and obligations and to properly conduct our business.
We may also use your personal information in the following situations, which are likely to be rare:
- where we need to protect your interests (or someone else’s interests); and
- where it is needed in the public interest.
There are more limited circumstances where we process personal data pursuant to your consent. The situations in which we will process your personal information are listed below.
- where you have provided us with/we have collected your personal information directly from you;
- to analyse your profile and preferences;
- to match you with the best available service;
- where your personal information has been sourced indirectly from a third party, to contact you with information regarding our services that may be of interest to you;
- administering any account(s) you have with us and managing our relationship with you including dealing with any support enquiries made by you;
- arranging an interview/introduction
- ensuring that we maintain proper business records;
- dealing with any legal disputes involving you;
- for staff training purposes in order to improve the services we provide;
- to receive payments from you;
- to send you marketing information we think you might find useful or which you have requested from us, including information about our services and any events we are running, provided you have indicated that you are happy to be contacted for these purposes;
- to conduct data analytics studies and market research to review and better understand market trends within the industry;
- storage of records relating to you.
Some of the above grounds for processing will overlap and there may be several grounds which justify our use of your personal information.
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
8. DISCLOSURE OF YOUR PERSONAL INFORMATION
We may share your personal information where it is necessary to administer the working relationship, or we have a legitimate interest in so doing. We may also disclose your personal information to third parties if we are under a duty to disclose or share your personal information in order to comply with any legal obligation, or in order to enforce or apply such other terms as apply to our relationship, or where we have a legitimate interest in doing so. This includes exchanging information with other companies and organisations for the purposes of fraud protection.
The third parties we share your personal information with where required by law are courts and governmental agencies.
We may also share your personal information with the following third parties:
- third party service providers in relation to the following activities: email marketing specialists, payment processors, data analysis, business development tool providers and IT services (including CRM, website, video- and teleconference services);
- All our third-party service providers and entities in the Endorsed group are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
- We may share your personal information with other third parties, for example in the context of the possible sale or restructuring of the business. We may also need to share your personal information with a regulator or to otherwise comply with the law.
In certain cases, the disclosure of your personal information to a third party as described in this paragraph 8 may involve your personal information being transferred outside of the United Kingdom. This may be to:
- a country in the European Economic Area or that is otherwise considered to have data protection rules that are equivalent to those in the United Kingdom; or
- a country which is not considered to have the same standards of protection for personal data as those in the United Kingdom, in which case we will take all steps required by law to ensure sufficient protections are in place to safeguard your personal information, including where appropriate putting in place contractual terms approved by the relevant regulatory authorities.
- For more information about the circumstances in which your personal information may be disclosed to third parties and the safeguards we put in place to protect your personal information when we do so, please contact us as described in paragraph 9.
9. DATA SECURITY
- We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
- We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
- You should take all reasonable steps to keep your personal information held on out IT systems secure, including choosing a secure password if you have an online account with us and not disclosing your passwords to anybody else.
10. YOUR RIGHTS AND RETENTION, UPDATING AND REMOVAL OF YOUR PERSONAL INFORMATION
- The duration for which we retain your personal information will differ depending on the type of information and the reason why we collected it from you. However, in some cases personal information may be retained on a long-term basis. For example, personal information that we need to retain for legal purposes will normally be retained in accordance with usual commercial practice and regulatory requirements. Generally, where there is no legal requirement, we retain all physical and electronic records for period of 6 years after your last contact with us. Exceptions to this rule are:
- Telephone and videoconferencing recordings which are held for no more than 30 days unless we need to preserve the records for the purpose of prevention and detection of crime; and
- Information that may be relevant to any discrimination claims may be retained until the limitation period for those types of claims has expired.
- It is important to ensure that the personal information we hold about you is accurate and up-to-date, and you should let us know if anything changes, for example if you change roles, your phone number or email address. Alternatively, you can contact us using the details in paragraph 9.
Under certain circumstances, by law you have the right to:
- request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it;
- request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected;
- request the erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to stop processing personal
- information where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground;
- request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it;
- object to the processing of your personal information based on legitimate interests, but not if we have a compelling reason to process it;
- request the transfer of your personal information to another party.
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please use the contact details in paragraph 3.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
11. COOKIES AND OTHER TECHNOLOGIES
Lifewise’s website, online services, interactive applications, email messages, and advertisements may use “cookies” and other technologies such as pixel tags and web beacons. These technologies help us better understand user behaviour, tell us which parts of our websites people have visited, and facilitate and measure the effectiveness of advertisements and other web technologies as non-personal information.
As is true of most internet services, we gather some information automatically and store it in log files. This information includes Internet Protocol (IP) addresses, browser type and language, Internet service provider (ISP), referring and exit websites and applications, operating system, date/time stamp, and clickstream data.
We use this information to understand and analyse trends, to administer the site, to learn about user behaviour on the site, to improve our product and services, and to gathe demographic information about our user base as a whole. Lifewise may use this information in our marketing and advertising services.
12. CHANGES TO THIS PRIVACY NOTICE
We reserve the right to alter this privacy notice at any time. Such alterations will be posted on our intranet. You can also obtain an up-to-date copy of our privacy notice by contacting us as described in paragraph 3. Should you object to any alteration, please contact us.
13. OPTING OUT
You can ask us to stop sending you marketing messages at any time by contacting us directly with the details set out under paragraph 3 or by following the opt-out links on any marketing message sent to you. Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of you entering into a contract with us.
14. FURTHER INFORMATION
We hope that the contents of this privacy notice address any queries that you may have about the personal information we may hold about you and what we may do with it. However, if you do have any further queries, comments or requests, please contact us as described in paragraph 3 above.
Whilst this privacy notice sets out a general summary of your legal rights in respect of personal information, this is a very complex area of law. More information about your legal rights can be found on the Information Commissioner’s website at https://ico.org.uk/for-the-public/.