Privacy NOTICE

PRIVACY POLICY

This privacy notice is a public declaration of how Knowledgepool (Part of Capita plc) apply the Data Protection Principles & Rights afforded under the General Data Protection Regulation (GDPR) and Data Protection Act (DPA) 2018 to the personal data that we process.

We are committed to complying to the principles relating to the processing of personal data under the GDPR in all that we do. These principles are:

  • Lawfulness, fairness & transparency
  • Purpose limitation
  • Data minimisation
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality
  • Accountability

WHAT INFORMATION WE COLLECT ABOUT YOU

We may collect personal data from our website, via phone, email, online portals or other data links supplied by our Clients. The data collected includes:

  • We may collect your name, contact information such as address, email address and telephone number, as well as your date of birth, national insurance number (or other tax identification number) and your passport number or national identity card details, country of domicile and your nationality. We may also allocate you a unique ID number.
  • Information relating to your enrolments for learning courses, we may collect details about the courses or events you have or intend to attend and/or completed, dates of study and examination results. We may also keep records relating to assessments of your work, details of examinations taken and actual examination results, and other information in your learner record history.
  • Employment records and history.
  • We may record telephone calls and on occasion video calls for training and monitoring purposes; in certain circumstances call may be transcribed and where possible we endeavor to anonymise the data captured.
  • Any other information as required under the contract with our client.
  • We may also collect sensitive personal data (otherwise known as special category data) and information including:
    • Any medical or impairment conditions
    • Mobility or learning difficulties (e.g. disability)
    • Ethnicity
    • Political beliefs

 

HOW WE USE THE INFORMATION ABOUT YOU

Any personal information you submit to us will be used for the purposes specified in this privacy statement which may include:

  • Delivery of educational and training courses including:
    • The provision of our core teaching, learning and apprenticeship services (e.g. registration, assessment, attendance, managing progress, certification and accreditation)
    • Maintaining Learner records
    • Maintaining Trainer/ Associate skills
    • Conduct internal training to improve services
    • To enable third party trainers/suppliers to deliver courses.
  • Non-educational matters in support of our core services, including:
    • Event management and attendance
    • Safeguarding and promoting the welfare of learners
    • Ensuring learners safety and security
    • Managing the use of social media
    • Assisting with careers transitions through consultation.
  • Administering finance (e.g. invoicing, purchase orders, payments)
  • Other administrative purposes, including:
    • Recruitment including pre-employment screening data
    • Associate Management
    • Carrying out research and statistical analysis and reporting
    • Carrying out audits (e.g. to ensure compliance with our regulatory and legal obligations)
    • Providing operational information (e.g. providing IT support, information about building closures or access restrictions on site or safety advice)
    • Recording any near miss and actual accidents/injuries or incidents to comply with Health and Safety or other legal obligations as necessary
    • Dealing with grievances and disciplinary actions
    • Dealing with complaints and enquiries.
  • Understanding your needs and provide you with a better service
  • If you choose to download our reports or white papers or to register for news, events and alerts, we will use the information you provide us to:
    • Send you the content requested
    • Inform our marketing strategy
    • Enhance our thought leadership content
    • Promoting our services
    • Send you related information that we believe will be of interest to.

You will be able to unsubscribe at any point for these services.

We will not without your express consent provide your personal information to any third parties for direct marketing.

Where we are processing your information on behalf of clients and they are identified as the data controller, then you should refer to their privacy notices in the first instance to understand how your data is processed.

LEGAL BASIS FOR PROCESSING INFORMATION

We collect and use your personal data for legitimate business purposes to;

  • Interact with you as a Learner, as part of the Learner enrolment process (e.g. to send you a prospectus or answer enquiries about our courses)
  • To deliver our learning services responsibilities as per our client’s service contract which may include conducting audits on data collected and producing reporting info
  • To communicate with you to deal with your enquiries, fulfilling your requests for services and information, sending you communications which you have requested, notifying you of changes to our services, processing payment from you where applicable and monitoring behaviour on our website to improve your browsing experience, help us to improve our website and make our marketing campaigns more relevant
  • Provide worker seeking services to match workers with the relevant client work
  • Undertake pre-employment screening.

We may also use your personal information where you give us your express consent, for example when you provide consent to receive marketing materials.

We may also process your personal data for our compliance with our legal obligations, for example reporting accidents and incidents for the Health & Safety Executive (HSE), Ofsted or Education and Skills Funding Agency (ESFA).

For any other processing not covered by the above, we will obtain consent before using any of your personal data.

WHERE WE SHARE INFORMATION ABOUT YOU

We may share information about you to any of our employees, officers, Clients or suppliers insofar as reasonably necessary to fulfil our obligations for the purposes as set out in this privacy statement.

We may share limited information with other Capita Businesses for legitimate purposes as part of our necessary obligations for internal reporting, processing of invoices and payments, and to update existing customers of service and product updates or opportunities available within Capita plc Group.

In addition, we may disclose your personal information:

  • To the extent that we are required to do so by law
  • Regarding any legal proceedings or prospective legal proceedings
  • To establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk)
  • To the purchaser (or prospective purchaser) of any business or asset which we are (or are contemplating) selling and
  • We may disclose to clients for work seeking services to allow us to match you to appropriate supplier opportunities.
  • To any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information.

Except as provided in this privacy statement, we will not provide your information to third parties without your prior consent.

INTERNATIONAL DATA TRANSFERS

Information that we collect may be stored, processed and transferred between any of the countries in which we operate in or supply from to enable us to use the information in accordance with this privacy statement. International transfers outside of the EU, e.g. Capita India and the US will be managed under Privacy Shield agreed terms or via other adequate security assessments and data protection controls (including EU model clauses) to enable us to carry out our service obligations to our clients, suppliers and business partners.

There is no systematic transfer of data outside of the EU for any other purpose than outlined above.

SECURITY OF YOUR PERSONAL INFORMATION AND RETENTION

Knowledgepool takes information security extremely seriously.

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

Knowledgepool retains your personal information in line with Capita and Knowledgepool specific retention periods and if stipulated within client contracts and does not seek to retain data for any longer than necessary to carry out our service and fulfil our statutory and contractual obligations. For further details on retention periods on your personal data please use the contact details below.

JOB APPLICANTS, CURRENT, FORMER AND ASSOCIATES OF KNOWLEDGEPOOL

Knowledgepool is the data controller for the information you provide during the process unless otherwise stated. If you have any queries about the process or how we handle your information please contact us at: gdprhelp@knowledgepool.com

LINKS TO OTHER SITES

Our website may contain links to other websites which may not be covered by our privacy notice or security measures, therefore you should exercise caution and look at the privacy statement applicable to the website in question.

YOUR RIGHTS AND ACCESS TO YOUR INFORMATION

Knowledgepool recognises the rights of data subjects under the GDPR which include;

  • The right to be informed
  • You have the right to be informed about the personal data we collect, how Knowledgepool process personal data, how long we retain the data and who we share that data with
  • The right of access
  • You have the right to access your personal data and supplementary information this allows you as the individual to be aware of and verify the lawfulness of the processing.  This can be requested through a “Subject Access Request” SAR in writing to: gdprhelp@knowledgepool.com
  • The right to rectification
  • You are entitled to have your personal data amended (rectified) if this is inaccurate or incomplete, and if this information has been shared with a third party
  • The right to erasure
  • This is also known as the ‘right to be forgotten’, you can request for your personal data to be deleted or removed where there is no compelling reason for its continued processing
  • The right to restrict processing
  • You have the right to ‘block’ or ‘suppress’ the processing of your personal data. When processing is restricted, Knowledgepool is permitted to store the personal data but we may not carry out any further processing and we can only retain enough information about the individual to ensure that the restriction is respected in future
  • The right to complain to the Supervisory Authority – Information Commissioner’s Office
  • Rights related to automated decision making and profiling
  • You have the right not to be subjected to automated decision making and profiling, this can only be carried out be us when necessary for the entry into or performance of a contract; or authorised by Union or Member state law applicable to the controller; or based on your explicit consent.
  • The right to data portability

This allows you to obtain and re-use your personal data for your own purposes across different services. It allows you to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability

  • The right to object
    You have the right to object to:
    • processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling)
    • direct marketing (including profiling) and
    • processing for purposes of scientific/historical research and statistics

For further information on your rights as an individual please refer to the ICO website – https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

GOOGLE ANALYTICS

When someone visits www.Knowledgepool.com we use a third-party service, Google Analytics. We use Google Analytics to collect information about visitor behaviour on our website. Google Analytics stores information about what pages you visit, how long you are on the site, how you got here and what you click on.

We have also implemented Google Analytics Demographics and Interest Reporting. This is used to gain an insight into the age, gender and interests of our users to help us make decisions on how to improve the website in the future. Users can opt out of this reporting by visiting Google Ads Settings.

You can find out more about Google’s position on privacy as regards its analytics service at https://support.google.com/analytics/answer/6004245?hl=en-GB

Visitors may choose to opt-out of Google Analytics tracking with the Google Analytics opt-out browser add-on.

COOKIES AND WEB BEACONS

Cookies are small text files which are planted by this website on your computer’s hard drive. They enable our site to “remember” who you are.

Cookies are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.

For further information on how we use cookies please refer to our “Cookies and Web Beacons” Policy

HOW TO CONTACT US OR COMPLAIN

Please contact us if you have any questions about our privacy policy or any information we have of you:

  • By phone: +44(0)800 0294500
  • Email: gdprhelp@Knowledgepool.com
  • Or write to us at Capita Knowledgepool, Reading Bridge, Reading, Berkshire, RG1 8LS, United Kingdom

If you are unhappy with our response, you have the right to complain to the Supervisory Authority, the details of which are below:

Supervisory Authority: Information Commissioner’s Office (ICO)

Website: https://ico.org.uk/concerns/

Email: casework@ico.org.uk

DATA CONTROLLER

Knowledgepool in certain instances will be the data controller or joint data controller of your information, however in most occasions we will be a data processor and our client (your employer or hiring company will be the data controller). In such circumstances, you should check with your employer’s or hiring company’s privacy notices on how your personal data is used and retained.

The data controller responsible in respect of the information collected on this website is Knowledgepool.

ICO Registration Number: Z8720317

STATEMENT AMENDMENTS

Latest amendment – April 2020.

We may update this privacy statement from time-to-time by posting a new version on our website. You should check this page occasionally to ensure you are happy with any changes.

We may also notify you of changes to our privacy statement by email.