Privacy Policy

The Literacy Company Ltd Privacy Policy as a Data Controller

Aim

The Literacy Company aims to ensure that all data collected is stored and processed in accordance with the General Data Protection Regulation (GDPR) that came into force in May 2018.

This policy applies to all data, regardless of whether it is in paper or electronic format.

Legislation and Guidance

This policy meets the requirements of GDPR, and is based on guidance published by the Information Commissioner’s Office..

Definitions

Personal Data: Data from which a person can be identified, including data that, when combined with other readily available information, leads to a person being identified

Special Category Data: Data such as:

  • Contact details
  • Racial or ethnic origin
  • Political opinions
  • Religious beliefs, or beliefs of a similar nature
  • Where a person is a member of a trade union
  • Physical and mental health
  • Sexual orientation
  • Whether a person has committed, or is alleged to have committed, an offence
  • Criminal convictions

Processing: Obtaining, recording or holding data

Data subject: The person whose personal data is held or processed

Data Controller: A person or organisation that determines the purposes for which, and the manner in which, personal data is processed

Data Processor: A person, other than an employee of the data controller, who processes the data on behalf of the data controller

Data Protection

Principles

  • processed lawfully, fairly and in a transparent manner
  • collected for specified, explicit and legitimate purposes (‘purpose limitation’);
  • adequate, relevant and limited to what is necessary
  • accurate and, where necessary, kept up to date
  • kept in a form which permits identification of data subjects for no longer than is necessary
  • processed in a manner that ensures appropriate security of the personal data

Your rights

  • Your right of access – You have the right to ask us for copies of your personal information
  • Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete
  • Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances
  • Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances
  • Your right to object to processing – You have the right to object to the processing of your personal information in certain circumstances
  • Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Please contact us at online@theliteracycompany.co.uk if you wish to make a request.

Roles and Responsibilities

The directors have overall responsibility for ensuring that The Literacy Company complies with its obligations. Day-to-day responsibilities rest with the directors. They will ensure that all staff are aware of their data protection obligations, and oversee any queries related to the storing or processing of personal data.

Privacy/Fair Processing

We hold Personal Data about our clients and potential clients.

We will only retain the data we collect for as long as is necessary to satisfy the purpose for which it has been collected.

We may share data with third parties to support the operational needs and smooth running of our company. These third parties may include, but will not be limited to, facilities providers and specialist software providers. We will not share information with anyone without consent unless the law and our policies allow us to do so. Individuals who wish to receive a copy of the information that we hold about them should make their request in writing to online@theliteracycompany.co.uk

Data Storage and Security

Paper based records, digital records and portable electronic devices, such as laptops and hard drives that contain personal information, are compliant with GDPR and are regularly assessed by our DPO. Destruction and archiving of Personal Data procedures are also aligned to GDPR.

How to Make a Complaint

If you feel that we have mishandled your or your Personal Data at any time you can make a complaint to the directors by emailing online@theliteracycompany.co.uk by or phoning 01244 445050

Alternatively, you can contact the Information Commissioners Office by visiting their website (https://ico.org.uk/make-a-complaint/) or by calling their helpline on 0303 123 1113.

Review of this Policy

We keep this Policy under regular review. This Policy was last updated in September 2023

v.6 September 2023 The Literacy Company Ltd

Search TLC