Belfast Skills Development Limited/BSD Training is a company registered in Northern Ireland (hereinafter referred to as "We", "Our" or "Us").
Maintaining the security of your data is of paramount importance to us and we are committed to respecting your privacy rights.
This notice, which including without limitation applies when using the website: www.bsdtraining.com and/or providing us with your information via registration forms, emails, telephone conversations or other means to provide you with our services. This notice provides you with information about:
- How we use your data
- What personal data we collect
- Who we share your data with
- How we ensure your privacy is maintained; and
- Your rights relating to your personal data
Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
For the purpose of the General Data Protection Regulation (EU Regulation 2016/679, when applicable, the “GDPR”), and the EU Data Protection Directive (Directive 95/46/EC), the data controller is Belfast Skills Development ltd, 98F Carryduff Road, Temple, Lisburn, BT27 6YL..
Uses made of the Information
We use information held about you in the following ways:
- To provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes.
- To carry out our obligations arising from any contracts entered into between you and us. For example, we pass your details to awarding bodies for the purposes of certificate and/or card printing and issuing.
- To notify you about changes to our service.
- If you are an existing customer, we will only contact you by electronic means with information about goods and services that we offer.
- If you are a new customer, we will contact you by electronic means if you have consented to this.
- We may use your personal information to contact you if there are any urgent safety notices to communicate to you where we otherwise reasonably believe that the processing of your personal information will prevent or reduce any personal harm to you. It is in your vital interests for us to use your personal information in this way.
- To comply with our legal obligations to disclose information and/or CCTV images to assist the prevention, investigation and detection of crime, fraud or anti-social behaviour and prosecuting offenders, including working with law enforcement agencies.
Information we may collect from you and other sources
Although the precise details of the personal information collected will vary according to the specific purpose for which we are collecting the information, we may collect and process the following data about you:
- Information that you provide by filling in forms on our social media pages or on our website. This includes information provided at the time of registering to use our website, subscribing to our service, purchasing goods, posting material or requesting further services. We may also ask you for information when you report a problem with our website.
- If you contact us by phone, email or otherwise and is provided voluntarily, we may keep a record of that correspondence or to enable us to provide quotations or process bookings.
- We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
- Details of transactions you carry out with us and of the fulfilment of your contract with us
- Details of your visits to our website including, but not limited to, traffic data, location data and the resources that you access.
- We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users' browsing actions and patterns, and does not identify any individual. We collect some of this information using Cookies, see below.
- We will also collect information from you on forms that you complete as part of the course registration process on each course you attend with us.
- We will collect information through our e-Reception Book to record visitors and customers that are on our premises at any one time for health and safety purposes.
- CCTV is used around our premises at 98F Carryduff Road, Temple, Lisburn, BT27 6YL for the purposes of deferring crime, identifying offenders and for the monitoring delivery of the CITB Health, Safety and Environment to detect or prevent malpractice and fraud.
For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer's hard drive. They help us to improve our website and to deliver a better and more personalised service. They enable us:
- To estimate our audience size and usage pattern.
- To store information about your preferences, and so allow us to customise our website according to your individual interests.
- To speed up your searches.
- To recognise you when you return to our website.
Measuring website usage – Google Analytics
Disclosure of your Information
In order to make certain services available to you, we may need to share your personal data with third parties.
We may disclose your personal information to
- Our trusted service providers acting on our behalf who provide services such as: web hosting, web analytics and integration, order fulfilment, data analysis including data personalisation, infrastructure provision, email marketing data, review sites of our services, auditing services and other services to enable them to provide services
- Awarding Body organisations to facilitate the delivery of our contract with you. These Awarding body organisations can include, CAWBI, CITB, City and Guilds, CPCS, CSR, DVSA, IOSH, IPAF, ITSSAR, JAUPT, LANTRA, PASMA, Pearson VUE, Qualsafe, UKATA
- Third party suppliers who manage our secure payment platform and credit card processing.
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If Belfast Skills Development substantially sell all of its assets or are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets
It is sometimes necessary for us to share your data outside of the European Economic Area (EEA). This generally occurs when our service providers are located outside of the EEA or you are based outside of the EEA.
If this happens, we will ensure that the transfer will be compliant with the relevant data protections laws including the GDPR.
If your data is transferred to the United States, we will ensure that the service providers have signed up to the EU-US Privacy Shield which is a framework designed to protect the fundamental rights of anyone in the EU whose personal data is transferred to the United States for commercial purposes.
How do we Protect your Data
We are committed to keeping your personal data safe and secure and employ a number of security measures such as:
- All credit and debit card payment transactions are processed by WorldPay and your details are not stored or recorded by us in any way.
- All information you provide to us is stored SSA16 Type II certified data centres secure servers.
- All information provided is only accessible by the necessary members of staff in order to carry out our contractual or legal obligations or legitimate interests.
- CCTV images are stored on a secure server separate from the main company database. This is only accessible by specified staff members. Our full CCTV Policy is available on request.
We use reasonable, organisational, technical and administrative measures to protect personal information under our control. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Legal Basis for Processing your Personal Data
The personal data that you provide to us in order to purchase services and other personal data generated for transactional agreements is processed as it is necessary for the performance of a contract with you.
All other personal data is processed for our legitimate interests (as set out below) and to comply with our legal obligations.
In general, we only rely on consent:
- to send direct marketing communications to new customers via email or text message
- to contact (and allow for selected third parties to contact) new customers by electronic means.
You have the right to withdraw your consent at any time.
Our legitimate interests
The normal legal basis for processing customer data, is that it is necessary for our contractual and or legal obligations to provide you with the services you require. However there are occasions where our legitimate interests apply to process your data including:-
- Selling and supplying goods and services to our customers
- Protecting customers, employees and other individuals and maintaining their safety, health and welfare
- Promoting, marketing and advertising our products and services
- Complying with our legal and regulatory obligations
- Preventing, investigating and detecting crime, fraud or anti-social behaviour and prosecuting offenders, including working with law enforcement agencies
- Handling customer contacts, queries, complaints or disputes
- Managing insurance claims by customers
- Protecting us and our employees and customers, by taking appropriate legal action against third parties who have committed criminal acts or are in breach of legal obligations to us
- Effectively handling any legal claims or regulatory enforcement actions taken against us; and
- Fulfilling our duties to our customers, colleagues, shareholders and other stakeholders.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
- Right of access – you have the right to request a copy of the information that we hold about you.
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records but only if this is in accordance with the law and with the understanding that this will invalidate the services we provide such as for example providing you with proof of competency. In such cases we can only remove your data from our systems if you agree to surrender such proof.
- Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
- Right of portability – you have the right to have the data we hold about you transferred to another organisation.
- Right to object – you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling – you also have the right not to be subject to the legal effects of automated processing or profiling.
- Right to judicial review: in the event that we refuse your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined below in the "Contact" section.
All of the above requests will be forwarded on should there be a third party involved in the processing of your personal data.
You can also exercise the right at any time by contacting us at Belfast Skills Development Limited by any of the means outlined below.
Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
How long do we keep your data?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
Our procedures to manage data retention is to retain customer data for 6 years 6 months after the date of their course to support verification requests and for the purposes to mitigate against any legal or civil court action that may arise relating to our provision of services to you. However some awarding bodies will dictate their own retention periods for data and these will be relayed to you if necessary depending on the course you are taking with us.
CCTV data is held on secure storage for a 30 day period for the purposes of preventing, investigating and detecting crime, fraud or anti-social behaviour and prosecuting offenders, including working with law enforcement agencies and awarding bodies.
The email marketing unsubscribe function will remove your details from marketing lists and confirmation of your removal will be sent to your email address.
Data back-ups can take up to 60 days to remove specific data from the system.
We will take reasonable steps under Article 17 of the GDPR to meet data subject requests.
Information from Children
Our certification, licencing, and academic admission testing services are not directed to children or anyone under the age of sixteen (16), without prior written consent from a parent or guardian. We will not knowingly collect, maintain or use any personally identifiable information about anyone under the age of sixteen (16), without prior written consent from a parent or guardian.
Any changes we may make to our privacy notice in the future will be made available on our website at www.bsdtraining.com/privacypolicy and, where appropriate, notified to you by e-mail.
If you have any questions about how we use your personal data that are not answered here, or if you want to exercise your rights regarding your personal data, please contact us by any of the following means:
• Email us on: GDPR@bsdtraining.com
• Write to us at: Belfast Skills Development, 98F Carryduff Road, Temple, Lisburn, BT27 6YL.
You have the right to make a complaint at any time to the local data protection supervisory authority which, for the UK, is the Information Commissioner's Office (ICO (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.