General Data Protection Regulations UK (GDPR UK) GDP UK
As a data controller and processor of data both personal and non personal, we as an organisation are governed by GDPR (UK), GDPR (EU) and DPR (UK)
We hold a registration with the UK ICO.
Under these rules and according to our GDPR policy, we are duty bound to inform all participants how their data is captured, stored and used.
Should you decline use of personal data capture then you would not be eligible to enrol on the course.
The Data of each learner on this course has been captured in accordance with the requirements of Walsall Council and Levelling Up funding. As such:
Data is stored securely in a locked fireproof cabinet
Scanned on to a 164 bit encrypted data drive
Retained by us for a period of seven years in order to comply with funding guidelines
Duplicated and sent to Walsall Council.
As a data controller Ryecroft NRC only retains data in order to comply with funding guidelines as stated above.
Data Controller – Ryecroft NRC / Walsall Working For Change CIC
Data Processor - Dave Taylor (Manager)
Legal basis for collecting data – To comply with funding obligations
Categories of Data – Personal, Sensitive.
Recipient of Data – Walsall Council, Funding organisations upon request.
Transfer outside of the UK – No
Retention period – Seven years
You have the legal right at any time to withdraw consent and complain to the ICO.