LEARNER PRIVACY POLICY

Nuco Training Learner Privacy Notice

Nuco Training Ltd (Nuco) will process your personal data, and special category data (for the purpose of reasonable adjustments),  in accordance with the General Data Protection Regulation (GDPR) and any regulatory requirements as specified by Nuco’s  Regulatory Bodies.

Nuco will only process and store your data for the purposes of the delivery, assessment and award of the qualification/course you have chosen to undertake and for no other purpose.

Nuco will not sell, pass on or make available your personal, or special category data, to any other person or body outside of the administration and award of the qualification/course you have chosen to undertake.

Nuco will undertake the following administrative activities in relation to the processing and transfer of your personal and special  category data:

< >Nuco collect your name, date of birth and email address for the purposes of administrating and awarding/certificating the qualification/course you have chosen to undertake. Your gender and postcode will also be collected and processed if you request that your achievement is uploaded to your Personal Learning Record.Nuco offers you the ability to apply for a reasonable adjustment should you have a disability, learning need or medical condition that may affect your ability to undertake the qualification’s assessment. The data collected for this purpose is called special category data. Nuco will only collect and process this special category data when it is provided by you and for the purposes of recording and awarding reasonable adjustments for the qualification/course you are undertaking at the time of providing the data. Such personal data and special category data will not be used by Nuco for any purpose other than the delivery, assessment, administration and quality assurance of the qualification/course undertaken and for maintaining appropriate records in line with Regulatory Body requirements. Personal data and special category data is collected within course paperwork/documentation during course delivery. The data  will be transferred to Nuco’s online administration system, and all records will be maintained/disposed of in line with the Nuco Training Data Protection Policy. The transfer of learner data to NucoPlus is required as part of the process of administrating and awarding qualifications.Where a certificate is issued by an awarding body, normally in the case of a regulated qualification, we will be required to securely transfer your personal data to the awarding body for them to issue your certificate. The data will only be used for this purpose and for anonymised statistics requested by the Regulatory Bodies. Nuco is required to respond to information requests from Regulatory Bodies. Should your data be required to be transferred to the Regulatory Body, Nuco will do so in line with its Data Protection Policy. The same process will be used if Nuco is legally required to transfer data as part of a legal investigation to a legal authority.If you have not reached the age of 16, you may first wish to discuss this Privacy Notice with your parent, guardian or carer. Nuco will retain your personal and special category data indefinitely to provide confirmation of your achievement at any point in the future, should it be required.  An individual can request that their data is deleted at any stage. Under the GDPR you have certain rights in respect of your personal and special category data. Not all GDPR rights are applicable due to the limited way in which Nuco holds and processes your data, but the following rights are appropriate:Right to access to the information we hold on you. This will be provided to you free of charge within one calendar month of  your request. Right to rectification. Should any of the data Nuco hold on you be incorrect you have the right for this to be rectified. Nuco will always strive to enter data accurately, but should you notice an error please contact Nuco and we will rectify any inaccuracies.Right to erasure. Nuco are required to process your personal data (name, email address and date of birth and gender and postcode if given), and special category data (in the case of a reasonable adjustment being awarded due to a medical condition, disability or learning need), to administrate the award of your qualification/training. Nuco are also required to maintain the records of your training.  Should you wish for your data to be deleted Nuco will do so upon reasonable request providing it is no longer required to maintain a record of your training.  08.05.2018

​

Nuco Training Ltd, Barton House, Central Treviscoe, St Austell, Cornwall PL26 7QP      

Tel: 03456 444999    |    Fax: 03300 886669

Email: enquiries@nucotraining.com    |    Web: www.nucotraining.com

Company Registration No: 03684918    |    VAT Registered: 737 0561 35

​

APPROVED BY FIRST AID AWARDS LTD AND REGULATED BY OFQUAL AND SQA ACCREDITATION

​

Data Protection Policy

​

1. General Policy Statement

1.1 People Care Training recognises the legal requirements of the General Data Protection Regulation (GDPR) and is committed to safeguarding personal data. In particular:

1.2 Personal data will be processed fairly and lawfully and, in particular, will not be processed unless -

a) at least one of the conditions set out in Section 2 below is met, and

b) in the case of special category data, at least one of the conditions in Section 3 below is also met.

1.3 Personal data will be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes.

1.4 Personal data will be adequate, relevant and not excessive in relation to the purpose(s) for which they are processed.

1.5 Personal data shall be accurate and, where necessary, kept up to date.

1.6 Personal data processed for any purpose(s) will not be kept for longer than is necessary.

1.7 Personal data will be processed in accordance with the rights of data subjects under the GDPR.

1.8 Appropriate technical and organisational measures will be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.

1.9 Personal data will not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.

2. Conditions For Processing Personal Data

2.1 Unless a relevant exemption applies, at least one of the following conditions must be met whenever we process personal data:

a) The individual has consented to the processing of their personal data.

b) The processing is necessary: in relation to a contract which the individual has entered into; or because the individual has asked for something to be done so they can enter into a contract.

c) The processing is necessary because of a legal obligation that applies to you (except an obligation imposed by a contract).

d) The processing is necessary to protect the individual’s “vital interests”. This condition only applies in cases of life or death, such as where an individual’s medical history is disclosed to a hospital’s A&E department treating them after a serious road accident.

e) The processing is necessary for administering justice, or for exercising statutory, governmental, or other public functions.

f) The processing is in accordance with the “legitimate interests” condition.

3. Conditions For Processing Special Category Data

3.1 At least one of the additional conditions listed below must also be met whenever we process special category data:

a) The individual has consented explicitly to the processing of their special category data.

b) The processing is necessary to comply with employment law.

c) The processing is necessary to protect the vital interests of: • the individual (in a case where the individual’s consent cannot be given or reasonably obtained), or • another person (in a case where the individual’s consent has been unreasonably withheld).

d) The processing is carried out by a not-for-profit organisation and does not involve disclosing personal data to a third party, unless the individual consents. Extra limitations apply to this condition.

e) The individual has deliberately made the information public.

f) The processing is necessary in relation to legal proceedings; for obtaining legal advice; or otherwise for establishing, exercising or defending legal rights.

g) The processing is necessary for administering justice, or for exercising statutory or governmental functions. h) The processing is necessary for medical purposes, and is undertaken by a health professional or by someone who is subject to an equivalent duty of confidentiality.

i) The processing is necessary for monitoring equality of opportunity, and is carried out with appropriate safeguards for the rights of individuals.

3.2 In addition to the above conditions – which are all set out in the GDPR itself – regulations set out several other conditions for processing special category data. Their effect is to permit the processing of special category data for a range of other purposes – typically those that are in the substantial public interest, and which must necessarily be carried out without the explicit consent of the individual.

3.3 Examples of such purposes include preventing or detecting crime and protecting the public against malpractice or maladministration.