DM Scuba Training - Privacy Policy
DM Scuba Training ("We") are committed to protecting and respecting your privacy. This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. Any changes we may make to our privacy policy in the future will be posted on this page. For the purpose of the Data Protection Act 1998 (the “Act”), the data controller is DM Scuba Training.
GDPR - PRIVACY NOTICE
DM Scuba Training comply with GDPR Data regulations and we need to know your data in order to effectively operate our business and work with you or your company. We hold and process data in order to efficiently complete contracts, our Privacy Notice is available as below and will be supplied on request.
GDPR imposes strict new rules on controlling and processing people’s data and seeks to give individuals more control over how organisations use their data, please find our Privacy Notice herewith.
Why we need it?
We need to know your data in order to effectively operate our business and work with you or your company. We hold and process data in order to efficiently complete contracts operating our business and are satisfied that there is no other reasonable way. To achieve that purpose. nothing within the contract relieves the processor of its own direct responsibilities and liabilities under the GDPR.
How we store it?
We may store your data in the following places: Our filing system / on paper files, In Microsoft Office documents, email systems, CRM Systems, third party systems such as email hosting, online banking etc.
Our IT systems
Our IT systems have been audited and staff trained on the GDPR regulations to ensure understanding and compliance. The Controller and Processor have a Data Protection regime in place to oversee the effective and secure processing of your personal data. We have liaised with our data hosting company with regards to their security. They have confirmed that the data they hold on their servers is held securely.
What we do with it?
All personal data is processed in the UK by us and our suppliers and only in connection with our ongoing business relationship. Third parties, suppliers and others involved in our normal business dealings have access to your personal data only to perform the role they fulfil in the overall process.
DM Scuba Training does not carry out any DPIA Processing, nor are we a Public Authority, we have no appointed Data Protection Officer. Data is processed under the supervisory authority of the United Kingdom. We do not transfer your data outside of the European Union, unless you are carrying out training in another country with us outside the EU, in which case, data will be shared as required. We only work with reputable companies and partners.
How long do we keep it?
We retain your personal data for as long as your Controller has a relationship with you and the data is required to support our mutual business relationship. If our business relationship ends, we will retain your details for 6 years then delete them from our records.
Breach of Data
Should there be a breach of our data, we will investigate and assess if the breach is likely to result in a high risk of adversely affecting individuals’ rights and freedoms and if necessary we will inform those individuals without undue delay and the relevant supervisory authorities within 72 hours of becoming aware of the breach. A record will be kept of any data breach reported, regardless of whether notification is required.
What are your rights? (Right to be forgotten)
If at any point you believe the information we process on you is incorrect, you can request to see this information and have it corrected, deleted or withdraw consent for it to be used. If you wish to raise a complaint on how your personal data is handled, you can write to us at the address above or email [email protected] to investigate the matter, we will do this within 4 weeks of receipt in a clear and concise manner. If you are not satisfied with the response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office (ICO).
If you hold data for our company, we expect you to do this in compliance with the GDPR and Data Protection Act 1998.
Contact: Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to [email protected]
GDPR - PRIVACY NOTICE
DM Scuba Training comply with GDPR Data regulations and we need to know your data in order to effectively operate our business and work with you or your company. We hold and process data in order to efficiently complete contracts, our Privacy Notice is available as below and will be supplied on request.
GDPR imposes strict new rules on controlling and processing people’s data and seeks to give individuals more control over how organisations use their data, please find our Privacy Notice herewith.
Why we need it?
We need to know your data in order to effectively operate our business and work with you or your company. We hold and process data in order to efficiently complete contracts operating our business and are satisfied that there is no other reasonable way. To achieve that purpose. nothing within the contract relieves the processor of its own direct responsibilities and liabilities under the GDPR.
How we store it?
We may store your data in the following places: Our filing system / on paper files, In Microsoft Office documents, email systems, CRM Systems, third party systems such as email hosting, online banking etc.
Our IT systems
Our IT systems have been audited and staff trained on the GDPR regulations to ensure understanding and compliance. The Controller and Processor have a Data Protection regime in place to oversee the effective and secure processing of your personal data. We have liaised with our data hosting company with regards to their security. They have confirmed that the data they hold on their servers is held securely.
What we do with it?
All personal data is processed in the UK by us and our suppliers and only in connection with our ongoing business relationship. Third parties, suppliers and others involved in our normal business dealings have access to your personal data only to perform the role they fulfil in the overall process.
DM Scuba Training does not carry out any DPIA Processing, nor are we a Public Authority, we have no appointed Data Protection Officer. Data is processed under the supervisory authority of the United Kingdom. We do not transfer your data outside of the European Union, unless you are carrying out training in another country with us outside the EU, in which case, data will be shared as required. We only work with reputable companies and partners.
How long do we keep it?
We retain your personal data for as long as your Controller has a relationship with you and the data is required to support our mutual business relationship. If our business relationship ends, we will retain your details for 6 years then delete them from our records.
Breach of Data
Should there be a breach of our data, we will investigate and assess if the breach is likely to result in a high risk of adversely affecting individuals’ rights and freedoms and if necessary we will inform those individuals without undue delay and the relevant supervisory authorities within 72 hours of becoming aware of the breach. A record will be kept of any data breach reported, regardless of whether notification is required.
What are your rights? (Right to be forgotten)
If at any point you believe the information we process on you is incorrect, you can request to see this information and have it corrected, deleted or withdraw consent for it to be used. If you wish to raise a complaint on how your personal data is handled, you can write to us at the address above or email [email protected] to investigate the matter, we will do this within 4 weeks of receipt in a clear and concise manner. If you are not satisfied with the response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office (ICO).
If you hold data for our company, we expect you to do this in compliance with the GDPR and Data Protection Act 1998.
Contact: Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to [email protected]