Moreton Sports Centre

Untitled

01608 812163

London Road, Moreton-in-Marsh, GL56 0RH

© 2019 by Fire Service College    |    Privacy Policy    |   UK Modern Slavery Act

Privacy Policy

Introduction

 

This privacy notice tells you what to expect when the Fire Service College Sports Centre (FSCSC) at the Fire Service College (FSC) collects personal information.

This privacy notice is a public declaration of how the FSCSC/FSC (Part of Capita Group plc) applies the Data Protection Principles & Rights afforded to individuals by the GDPR, to the personal data that we process.

FSCSC is committed to complying with the 6 principles relating to the processing of personal data under the GDPR in all that we do. These principles are:

  1. Lawfulness, fairness & transparency

  2. Purpose limitation

  3. Data minimisation

  4. Accuracy

  5. Storage limitation

  6. Integrity and confidentiality

How we collect your information

 

We may collect your personal data in a number of ways, for example:

  • From you when you join the centre and fill in the application forms

  • From the information you provide to us when you interact with us before arrival, for example via email enquiries or over the telephone

  • When you apply to train at FSC and fill out the indemnity forms to use the gym

  • When you communicate with us by telephone, email or via our website, for example to make enquiries or raise concerns

  • When you complete the PAR-Q forms prior to doing a fitness test.

The types of information we collect

We may collect the following types of personal data about you:

  • Your name, and contact information such as address, email address and telephone number, as well as your date of birth, national insurance number (or other tax identification number) and your passport number or national identity card details, country of domicile, your nationality and when providing work seeking opportunities, your CV.

  • Information relating to your enrolments, the courses or events you have or intended to attend and/or completed, dates of study and examination results. We will also keep records relating to assessments of your work/courses, details of examinations taken and actual examination results and other information in your learner record

  • Sensitive personal data and information including:

    • Information concerning your medical conditions or Mobility Impairment (e.g. disability)

    • Dietary Requirements

How we use your information

 

Visitors to our websites

When someone visits www.fireservicecollege.ac.uk we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.

 

Use of cookies by the FSCSC

You can read more about how we use cookies on our Cookies page: https://www.fireservicecollege.ac.uk/cookies/

Links to external websites

FSCSC/FSC website contains links to other websites. Please note that these links are intended for your convenience only.

 

Links to third party websites do not constitute endorsement, sponsorship or approval by the FSCSC/FSC of the content, policies or practices of those third-party websites.

 

This privacy notice does not cover the links within this site linking to other websites, if you have any concerns regarding your privacy when visiting a linked third party, you should ensure that you check the privacy statement/policies of those websites.

 

How we use information about our Users

 

The purposes for which we may use personal data (including sensitive personal data) we collect during a user’s association with us include:

  • Full filling usage contract enabling users to use the centre, for example sending direct debit information to Debit Finance Collections (DFC) so that monthly subscriptions can be collected

  • Maintaining user records

  • Safeguarding and promoting the welfare of users

  • Ensuring users safety when using our facilities and equipment and security

  • Managing the use of social media – Facebook and twitter

  • Managing car parking on site

  • Administering finance (e.g. direct debits, membership payments)

  • Other administrative purposes, including:

    • Recruitment

    • Carrying out research and statistical analysis

    • Carrying out audits (e.g. to ensure compliance with our regulatory and legal obligations)

    • Providing operational information (e.g. providing IT support, information about building closures or access restrictions on site or safety advice)

    • Promoting our services (e.g. providing information about leisure centre or other events happening on and off site)

    • Preventing and detecting crime

    • Recording any near miss and actual accidents/injuries to comply with Health and Safety legal obligations

    • Dealing with grievances and disciplinary actions

    • Dealing with complaints and enquiries.

The lawful basis for processing your information and how we use it

 

We may process your personal data due to a legitimate business interest with your organisation/employer or you, or in order to meet our contractual obligations. In this respect, we use your personal data for the following:

  • To interact with you before you use the centre, as part of the learner enrolment process (e.g. to send you a prospectus or answer enquiries about our courses)

  • Once you have joined, to provide you with information about the centre, for example changes to opening times

  • To deal with any concerns or feedback you may have

  • For any other purpose for which you provide us with your personal data.

We may also process your data due to the contractual basis that the FSCSC is used under, by entering the centre and paying either FSC or FSCSC for usage of the sports centre you enter a contract for the appropriate period of time. During this time we need your data to fulfil this contract and ensure the safe running of the FSCSC.

 

We may also process your personal data because it is necessary for the performance of our tasks carried out in the public interest or because it is necessary for our or a third party's legitimate interests. In this respect, we may use your personal data for the following:

  • To monitor and evaluate the performance and effectiveness of the FSCSC, including by training our staff or monitoring their performance

  • To maintain and improve the educational, corporate, financial, estate and human resource management of the FSCSC

  • To promote equality and diversity at the FSCSC

  • To seek advice on our rights and obligations, such as where we require our own legal advice

  • Recovering monies you owe to us

  • For fundraising purposes.

We may also process your personal data for compliance with our legal obligations. In this respect, we may use your personal data for the following:

  • To meet our compliance and regulatory obligations, such as compliance with anti-money laundering laws and safeguarding requirements

  • For the prevention and detection of crime

  • Reporting accidents and incidents for the Health & Safety Executive (HSE)

  • In order to assist with investigations (including criminal investigations) carried out by the police and other competent authorities.

We may also process your personal data where:

  • It is necessary for medical purposes (e.g. medical diagnosis, provision of health or social care or treatment, or a contract with a health professional)

  • It is necessary to protect your or another person’s vital interests, or

  • We have your specific or, where necessary, explicit consent to do so.

Sharing information with others

 

For the purposes referred to in this privacy notice and relying on the bases for processing as set out above, we may share your personal data with certain third parties. Unless an opt-out is in place, we may disclose limited personal data to a variety of recipients including:

  • Our employees, agents and associate trainers where there is a legitimate reason for their receiving the information, including:

    • Associate trainers in relation to attendance logging, learner assessments and feedback

    • Catering company in relation to dietary requirements

  • Those with an interest in tracking learners progress and attendance, including:

    • Current or potential employers (to provide references and, where learners are sponsored by their employer and/or where you take part in a placement, to provide details of progress/attendance);

  • Professional and regulatory bodies (e.g. RLSS, STA) in relation to the confirmation of qualifications, professional registration and conduct and the accreditation of courses Government departments and agencies where we have a statutory obligation to provide information (e.g. HSE)

  • Partner organisations or businesses that enable users to fulfil payments of signed up contracts like DFC.

  • Crime prevention or detection agencies (e.g. the police, the Department for Work and Pensions and Trading Standards)

  • Parents, guardians, and next-of-kin (where there is a legitimate reason for disclosure).

 

Capita Sharing

We may share limited information with other Capita Businesses for legitimate purposes as part of our necessary obligations for internal reporting, processing of invoices and payments and to update existing customers of service and product updates or opportunities available within Capita plc Group.

Data Transfers outside of the EEA/EU and data portability

Information that we collect may be stored, processed and transferred between any of the countries in which we operate in or supply from in order to enable us to use the information in accordance with this privacy statement. International transfers outside of the EU, e.g. Capita India and the US will be managed under Privacy Shield agreed terms or via other adequate security assessments and data protection controls (including EU model clauses) to enable us to carry out our service obligations to our clients, suppliers and business partners.

 

How long your information is kept

 

Subject to any other notices that we may provide to you at the time of collecting your data, we may retain your personal data for a period of seven years after your association with us has come to an end or in accordance with our Data Retention periods. Where data is captured under a consent basis it will confirm the period specified at time of capture.

 

FSCSC/FSC only keeps data for as long as is necessary. Once the data has reached the end of its retention period the data is deleted. For further details on the Data Retention, please contact us using the details at the end of this document.

 

FSCSC will keep member details for 2 years after the last recorded usage, financial details for 6 years and any testing related to employment for 6 year after the date of the test.

What do we use your data for?

 

FSCSC offers various services to the public. We have to hold the details of the people who have requested the service in order to provide it. However, we only use these details to provide the service the person has requested and for other closely related purposes. For example, we might use information about people who have requested an information leaflet to carry out a survey to find out if they are happy with the level of service they received. When people do subscribe to our information services, they can cancel their subscription at any time and are given an easy way of doing this. We may also pass your details where required onto either employers or the Health and Safety department where it fulfils a requirement of the role and to comply with FSC safety policies. For example, a fitness test to allow BA wearing on the fire ground.

Security of your personal information

 

FSCSC takes information security extremely seriously. Significant investment has been made in all our systems to create the most secure environment possible.

 

We continue to take all reasonable technical and organisational precautions to prevent the loss, misuse, or alteration of your personal information.

 

We will store all the personal information you provide on our secure (password- and firewall- protected) servers. All electronic transactions you make to or receive from us will be encrypted. We use Transport Layer Security (TLS) to encrypt and protect email traffic in line with government. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit. We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.

 

Of course, data transmission over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.

You are responsible for keeping your password and user details confidential. We will not ask you for your password (except when you log in to our systems).

 

Job applicants, current and former FSCSC/FSC employees, external assessors

 

FSCSC/FSC is the data controller for the information you provide during the process unless otherwise stated.

What information do we ask for, and why?

The information we ask for is used to assess your suitability for employment. We do not collect more information than we need to fulfil our stated purposes and will not retain it for longer than is necessary.

 

What will we do with the information you provide to us?

All of the information you provide during the process will only be used for the purpose of progressing your application, or to fulfil legal or regulatory requirements if necessary.

 

We will not share any of the information you provide during the recruitment process with any third parties for marketing purposes or store any of your information outside of the European Economic Area. The information you provide will be held securely by us and/or our data processors whether the information is in electronic or physical format.

 

Use of data processors

Data processors are third parties who provide elements of our recruitment service for us. We have contracts in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct.

 

Capita HR Services

If you are employed by FSCSC/FSC, relevant details about you will be provided to Capita HR Services who provide payroll services to FSCSC/FSC. This will include your name, bank details, address, date of birth, emergency contacts, National Insurance Number and salary.

 

How long is the information retained for?

If you are successful, the information you provide during the application process will be retained by us as part of your employee file for the duration of your employment plus 6 years following the end of your employment. This includes your criminal records declaration, fitness to work, records of any security checks and references.

 

If you are unsuccessful following assessment for the position you have applied for, we may ask if you would like your details to be retained in our talent pool for a period of six months. If you say yes, we would proactively contact you should any further suitable vacancies arise.

 

Information generated throughout the assessment process, for example interview notes, is retained by us for 6 months following the closure of the campaign.

 

Equal opportunities information is retained for 6 months following the closure of the campaign whether you are successful or not.

Your rights

 

The FSCSC/FSC recognises the further rights of data subjects under the GDPR which include;

 

  • The right to be informed

  • The right of access

  • The right to rectification

  • The right to erasure

  • The right to restrict processing

  • The right to data portability

  • The right to object

  • More information on Direct Marketing

  • The right to withdraw consent

  • The right to complain to the Supervisory Authority

  • Rights related to automated decision making and profiling

 

You can read more about these rights here – https://ico.org.uk/for-the-public/is-my-information-being-handled-correctly/  

Complaints or queries

 

FSCSC/FSC tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures.

 

This privacy notice was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of FSCSC/FSC’s collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address below.

How to make a complaint to us

 

If you want to make a complaint or query about the way we have processed your personal information, please contact the Compliance Officer using the details found at the bottom of this document.

 

Alternatively, if you are unhappy with our response, you have the right to complain to the Supervisory Authority, the details of which are below:

           

Supervisory Authority: Information Commissioner’s Office (ICO)

Website: https://ico.org.uk/concerns/

Email: casework@ico.org.uk                                                     

Telephone: 03031231113

Subject Access Request Process

 

You may instruct us to provide you with any personal information we hold about you. Provision of such information will be subject to:

 

  • The supply of appropriate evidence of your identity (for this purpose, we will usually accept a photocopy of your passport certified by a solicitor or bank plus an original copy of a utility bill showing your current address).

  • The description of the exact information you are seeking.

 

FSCSC/FSC will work collaboratively with our clients to ensure that we fulfil all obligations under the Data Protection Act and GDPR regarding subject access requests. We may withhold such personal information to the extent permitted by law.

How to contact us

If you want to request information about our privacy policy, if you have a complaint or wish to execute a right, you can contact us by:

 

Writing to:

The Compliance Officer

The Fire Service College

London Road

Moreton in Marsh

Gloucestershire

GL56 0RH

 

Or by email to: ComplianceOfficer@fireservicecollege.ac.uk

 

Or by phoning Reception on: 01608 650831 and asking for FSCSC/FSC Compliance Officer.

The Fire Service College Limited is a registered data processor under the Information Commissions Office – Reg.no. Z3584953

Changes to this privacy notice

We keep our privacy notice under regular review. This privacy notice was last updated on 22nd May 2018.