Our use of data is governed by our registration under the 2018 Data Protection Act. We collect no information about you, other than information automatically collected and stored (see below), when you visit our web site unless you choose to provide that information to us.
INFORMATION AUTOMATICALLY COLLECTED AND STORED
When you browse through any web site, certain personal information about you may be collected. We automatically collect and temporarily store the following information about your visit:
- The domain name you use to access the Internet
- Date/time of your visit
- Pages you visited
This information is used for statistical purposes and to help us improve the usefulness of our website to visitors. Unless stated otherwise, no additional information will be collected about you.
You do not have to give us personal information to visit our web site. However, all communications addressed to Learning Unlimited and The Chesterfield College may be stored for reference purposes. Learning Unlimited and The Chesterfield College do not disclose, sell, give or transfer any personal information about our visitors, unless required by law.
Data Protection Law controls what the Chesterfield College Group does with the personal information provide by individuals who work for us, study with us or access services we provide.
Chesterfield College Group also operates as Learning Unlimited, our apprenticeship and commercial training offer, and through our companies, Learning Unlimited ATA Ltd, Training Services 2000 Ltd, Recruit Unlimited and Chesterfield College Enterprises Ltd.
Our Privacy Statements describe what we do with the personal information we are provided with by members of the public. You may be asked to give us personal information to answer an enquiry you have, when become an applicant or student, a client or to use the services we offer across our College group.
If you provide us with information, it will only be used in the ways described in our Privacy Statements. Our statements will be updated from time to time and the latest version is always published here on the website.
Chesterfield College Group is a Data Controller registered with the Information Commissioner’s Office (ICO) (Registration number Z4716003).
All written correspondence in relation to Data Protection should be addressed to:
The Data Protection Officer
The Data Protection Officer, appointed by the Corporation Board to provide independent assurance over the governance and management of data protection is;
Interim Vice Principal, Business Excellence
Subject Access Requests
The Data Protection Act (2018) and our Data Protection Policy, gives any individual the right to obtain confirmation if their data is being processed by us, and where this we are, to have access to the personal data. The right of access to this information is referred to as Subject Access Request (SAR).
We will endeavour to provide access to personal data within one month of receipt of a subject access request. If a request is complex, an extension of up to a further two months may be requested from the individual making the request. The Data Protection Officer, or a member of their team, will communicate regularly with individuals where this is the case.
A copy of the information will be provided free of charge. However, a reasonable fee may be charged if a request is unfounded or excessive, or where information is requested repeatedly.
Who can make a Subject Access Request?
Subject access requests will be accepted from:
A. The individual whose data is requested (also known as the Data Subject).
B. A representative of the Data Subject who has written consent (e.g. solicitor; a court appointed representative if the Data Subject could no longer manage his or her own affairs; a person with enduring Power of Attorney).
C. The parent or guardian of a child under 16 years of age: In cases where the child agrees, or it was in the child’s best interest for access to the data to be granted.
How can I make a Subject Access Request?
Please complete the form below or download a copy of the Subject Access Request Form and send it to firstname.lastname@example.org.
Please note that Chesterfield College Group will use reasonable means to verify the identity of the individual making the request, but may require individuals to visit one of our campus locations or training centres with proof of their identity in order to receive copies of information request responses.
Requests to delete personal data
One of the key principles which underpins UK Data Protection Law is the right of an individual to request the deletion or removal of personal data where there is no compelling reason for its continued processing. This is also known as the ‘right to be forgotten’.
Individuals may have a right to have personal data erased and to prevent processing in specific circumstances such as:
• Where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed.
• When the individual withdraws consent.
• When the individual objects to the processing and there is no overriding legitimate interest for continuing the processing.
• Where the personal data was unlawfully processed (i.e. otherwise in breach of the Data Protection Act).
• The personal data must be erased to comply with a legal obligation.
Please note that the right to erasure does not provide an absolute ‘right to be forgotten’. Under Data Protection Law the college can refuse to comply with a request for erasure where the personal data is processed for particular reasons. This will always be explained to you by our Data Protection Officer if your request cannot be carried out.
How can I make a request to have my personal data deleted?
Please complete the form below or download a copy of the Request for Erasure of Data Form and send it to email@example.com. Each request will be dealt with on a case by case basis.