At Freevacy your privacy is of the utmost importance. We want you to feel informed over the data we collect about you and in control with how we use it.
About this privacy notice
Information that we collect and process
How we collect your personal data
The following outlines what Freevacy may do with any personal data that you give to us and how you remain in control of this information.
We collect personal information about you through the following methods:
- Visiting our website
- Enquiring or booking a training course by phone, email or online form
- Booking a training course online
- Subscribing to a news information service
- Joining the conversation on our social media channels
- Providing a third-party customer review about us
- Using our customer advice helpline
- Making a complaint
- Submitting a job application
Third Party Data
Should Freevacy ever collect personal data from a third party source, we will give you details of that source, including if from publicly accessible sources.
What personal data we collect
- Your name, title, and gender
- Your business contact information including address, phone numbers and email address.
- If you are a Freevacy customer financial information including bank account, credit/debit card details or other payment system information such billing and postal delivery addresses.
- Your browsing activities when using our website or online services.
- Your responses to customer surveys or other offers that we may make available to you.
- Any comments or opinions that you have made about us on customer review sites, forums and social media.
- Anonymous information sent by your browser when you visit our websites, including IP address, operating system, and browser version. If you identify yourself by filling out a form, some data (such as what pages you view on our website) may also be connected to your personal information.
Where you give us consent to use your personal information
Where we process information about you under your consent only, you have the right to remove that consent it at any time.
We only use the data we need
We will only collect and use personal information if we need it to deliver a service or meet a requirement. If we no longer need your personal information for the purpose, it was collected for we will dispose of it.
We don’t sell your personal information to anyone else.
Who we may share your personal data with
We use the information we collect for the delivery of our data protection and information rights training services. To do this successfully, we have partnership arrangements with the following organisations in which we share your personal data with:
- Freevacy is an Accredited Training Provider (ATP) for The Chartered Institute for IT – BCS
- For more information about the information, we share with the BCS and reasons why see section relating to Examination Bodies.
We may also be required to share or collect further data:
- Where we are required to pass on personal data without consent, for example for the prevention or detection of crime, or to produce anonymised statistical data
- To check that the information we hold is accurate and up to date
Should Freevacy transfer your personal data to a third country or international organisation we will supply you with the appropriate or suitable safeguards and how to obtain a copy.
Freevacy Ltd has specific legal obligations regarding personal data of employees regarding PAYE and NI.
Other legal requirements may occasionally be required by the police or any other Law Enforcement Agent, HMRC, DWP, for the prevention or detection of crime, apprehension or prosecution of offenders or the assessment or collection of any tax or duty.
Freevacy will share personal data when expressly required by law.
Information we process about customers
How long we will retain your personal data
We will maintain a record of your contact details for as long as you remain a customer of Freevacy but will remove your details if requested under your ‘right to be erasure’ where consent is the only legal condition enabling us to process it.
Customer or Partner contracted services
If you are a Freevacy customer or partner, we may keep your personal information for the duration of our contract between your organisation and ours. At the end of the contracted term, we typically archive and store details of that contract for an extended period, up to seven years. Other items such as invoices are kept for a period of seven years in accordance with the law.
Where it is necessary to protect someone in an emergency
Training Delegates are given a ‘Contacts Form’ to complete at the start of all public courses held at our training facility in Bedford. This is intended for delegates who are staying in local hotels within the area and not travelling home each evening. We take this precaution to ensure we have an emergency contact should the delegate become incapacitated while away from home. We DO NOT add these contact details to our CRM system or any other IT software application. The manual form is locked away during the course and is then placed in the ‘Secure shredding collection box’ at the end of the course. No details are taken from this form.
Research & Analysis
If we use your personal information for research or analysis as part of our core training services, we will always anonymise the data in the first instance.
In situations where you agree that your personal information can be used for external research purposes, it will be pseudonymised to keep any personal details securely and separately from the research data. We take these steps to ensure those carrying out the research may not have access to or be able to uncover your personal information at a later date.
Please refer to the Marketing & Communications section in relation to our use of Web Tracking & Analytics data for marketing purposes.
You also have the right at any time to make a complaint to the Information Commissioners Office if you believe Freevacy has failed in its dealings with you.
Calling our helpline
When calling our helpline Freevacy will only collect enough information to enable us to respond to your query and log the nature of the query.
These relate to individuals and contain the personal answers of those individuals, we, therefore, maintain strict retentions periods in relation to Principle 5 of GDPR – kept in a manner that permits identification of the data subjects for no longer than is necessary for the purposes which the personal data are processed.
The emails are housed in a specific email folder and are held long enough to mark the papers attached to the email. The papers are then returned to the delegate by email. Once we have confirmation the delegates have received our response we delete all stored copies. It takes around one month to complete the whole process.
Freevacy maintains a record of all delegates exam results including exams dates, to enabled delegates to check their details whenever required.
Information we process about employees
From time to time we may post vacant positions on our site. When applying to work at Freevacy Ltd, we will only use the information supplied to process the application, if we need to disclose information to a third party, for example, to take up a reference we will not do so without the informed consent of the applicant, unless the law requires the disclosure.
Personal information about unsuccessful candidates will be held for 12 months following the recruitment drive. After which time, it will then be destroyed or deleted. We may retain anonymised statistical information to help future recruitment.
Employees (past & present)
Any person taking up employment with Freevacy Ltd will have an employment file created. The information contained in this will be kept secure and will only be used for purposes directly relevant to that person’s employment. Once the employment has ended, we will retain the file in accordance with Employment Law and then delete it.
Freevacy uses Intuit QuickBooks to process salaries.
For more information about how QuickBooks processes data view their Privacy Notice.
Go to IT & Data Security section to see the location of data held within Quickbooks and their Data Security measures.
Who we bank with
Freevacy’s Bank account is currently Santander.
For more information about how Santander processes data, please view their privacy notice.
Freevacy has a Business account with Premier Inn Hotels, Trainers and occasionally other employee’s details may be passed to Premier Inn Hotels to book a hotel room. Premier Inn is a UK based Hotel Group.
For more information about how Premier Inn processes data, please view their privacy notice.
Freevacy work hard to secure our IT systems and your data against cyber attack. We have been awarded Cyber Essentials certification by The National Cyber Security Centre, part of GCHQ and have signed up to the ICO's "Your Data Matters" campaign.