At Impact inFocus we are committed to protecting and respecting your privacy.
This policy sets out the base on which any personal data we collect from you, or that you provide to us, will be administered by us. Please read the following carefully to understand our practices regarding your personal data and how we will deal with it.
We acknowledge and agree that any personal data of yours that we manage will be handled in accordance with all applicable data protection laws in force from time to time. Currently, the Data Protection Act 2018 (DPA 2018) applies after it was written into UK law via the Data Protection Bill on 23 May 2018. DPA 2018 includes GDPR after it became EU law on 25 May 2018.
- 1. Process personal data reasonably and lawfully;
- 2. Process personal data only where this is truly necessary for legal and regulatory purposes, or for legitimate organisational purposes;
- 3. Guarantee that personal data is only used for the purposes that it was originally obtained, or for other compatible purposes;
- 4. Ensure that that personal data is appropriate and not excessive in relation to the purpose or purposes for which it is processed;
- 5. Certify that personal data is accurate and, where necessary, kept up to date;
- 6. Ensure that personal data is only retained for the time necessary to meet the organisation’s fair requirements;
- 7. Provide clear information about how personal data will be used and by whom;
- 8. Ensure that personal data is processed in alliance with the rights of data subjects –
- a. access to personal data;
- b. right to withdraw information;
- c. right to restriction of the handling of personal data;
- d. opposing to adverse automatic decisions;
- e. compensation for breaches of statutory obligations;
- f. right to data manageability;
- 9. Implement suitable organisational measures against unauthorised or unlawful use of personal data, and against accidental loss or destruction of personal data;
INFORMATION WE MAY COLLECT FROM YOU
For the purpose of registering for our services through our website for either an eLearning course, webinar or to join our impact community, we may receive and manage the following data about you:
- Your name
- Your country of residence
- Your email address
- Organisation name
- Your job title
- Other information about your job role and organisation
HOW WE USE YOUR DATA
We use the data we collect exclusively to provide the services for which we provide to every customer who is part of our learning community.This includes:
- To provide you with a personalised eLearning experience
- To provide advice and guidance on the IMM training courses
- To notify you about changes to our service
- To contact you to provide you with information regarding upcoming or previous training opportunities
- Send you marketing emails if you have opted out to receive such communications from us
- Sell your data to any third party
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report cumulative information. This is numerical data about our users’ browsing actions and patterns, and does not identify any individual.
LEGAL BASES FOR PROCESSING
We collect and manage information about you only where we have legal bases for doing so under appropriate EU laws. The legal basis depends on the services you use and how you use them. This means we collect and use your data only where:
- We need it to provide you the services, including to operate the services, provide customer support and personalised features.
- You give us consent to do so for a specific purpose
- We need to process your data to comply with a legal obligation.
If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place.
WHERE WE STORE YOUR PERSONAL DATA
The data that we collect from you is only stored on data centres located inside the European Economic Area (“EEA”). The data is stored within our online system and is not shared with any third parties.
DISCLOSURE OF YOUR INFORMATION
We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
We may disclose your personal information to third parties:
- 1. If Impact inFocus or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
- 2. If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our licence and other agreements; or to protect the rights, property, or safety of Impact inFocus, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
In the event of any of the above, inFocus will make all reasonable effort to notify all individuals concerned.
From 25 May 2018, new regulation (GDPR) written into EU and UK law and the Data Protection Bill, requires us to gain your clear consent to receive marketing communications from us. When registering on any of our sites, you will be asked if you would like to opt-in to our marketing communications. We do not send any marketing communication to people who do not opt in.
Under data protection regulation, data subjects have a number of specific rights over the personal data which relates to them when held by or on behalf of Impact inFocus and its subsidiaries. This includes data held by both data processors and data controllers.
The Subject Access Request (SAR) Process exists to allow data subjects to implement the rights listed under point 8 of our principles in a timely and informed approach. To submit such a request, please contact email@example.com.
Where we are using your information because we or a third party (e.g. your employer) have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer using the services.