GDPR Rulings

Print Friendly, PDF & Email

Day First Aid Ltd General Data Protection Regulation Policy (GDPR)

We take data protection very seriously and respect the privacy of our customers. We are committed to protecting and respecting your privacy, in accordance with the General Data Protection Regulation (“GDPR”).

What information do we collect from you?

Once we book you onto a course we collect the following information from you, for our own records only:

  1. ·         Your full name;
  2. ·         Your contact telephone number;
  3. ·         Your email address;
  4. ·         Your contact postal address;
  5. ·         Your mobile telephone (If Provided)
  6. ·         Company you work for

We will also collect the following information :-

  1. ·         Which courses you have undertaken with Day First Aid Ltd
  2. ·         The date you attended the course
  3. ·         Your next course renewal date
  4. ·         Any discount you have accumulated for being a previous customer

How is your information held?

Once collected, your personal information is held on our office computer systems, for office use only.

How will we use your information?

GDPR says that we are allowed to use personal information only if we have a proper reason to do so which may be:

  1. ·         To fulfil a contract we have with you; or
  2. ·         When it is our legal duty; or
  3. ·         When it is in our legitimate interests; or
  4. ·         When you consent to it.

A legitimate interest is when we have a business or commercial reason to use your information. But even then, it must not unfairly go against what is right and best for you. If we rely on our legitimate interests, we will tell you what that is.

We may use your personal information for the reasons and in accordance with the legal basis below:

Purpose of Processing

Your Personal Information

Legal Basis

 

Account administration purposes, for example:

  1. To contact you regarding your future training ;
  2. To let you know your current rate of discount;
  3. To process your purchases if booked a course.
Necessary for the performance of Day First Aid Ltd as a training provider. We will contact you before your current certification expires, and let you know the next available course for you to attend. We may also contact you to make you aware of any discount you may have accumulated as a loyal customer.
We may select the products that we believe you may be interested in based upon the information that we collect about how you use Day First Aid Ltd Necessary for Day First Aid Ltd to continue to deliver your continued training support.

How long will we hold your information for?

We will continue to store your details on our system as documentation of courses you have previously booked with us, and / or any quotes we have previously been requested to provide you. We will happily remove this information upon request.

We will from time to time review our retention periods but we will only ever hold your personal information for as long as we believe is necessary for reasons set out above

Only processing the personal information that we need to

Your personal information will only be processed to the extent that it is necessary for the specific purposes we tell you about.

Who has access to your information?

We reserve the right to pass any or all of your personal information to the police or any other law enforcement agency for the purposes of:

  1. Compliance with any of our legal obligations;
  2. Crime detection or prevention
  3. Your misuse, or suspected misuse, of our website.

Where your contact relates to any legal proceedings or prospective legal proceedings against us, we may need to pass your personal information onto our insurers and legal advisers for the purposes of assessing any such proceedings. We may also be required to share your personal information if we are under duty to do so in order to comply with any legal obligation to protect our rights, property or the safety of our business, customers, suppliers or employees. This includes exchanging information with other companies and organisations for the purposes of fraud protection.

We also pass your details on to Qualsafe, Our awarding body for all of our First Aid Courses, but this is for certification purposes only.

Apart from the circumstances set out above, we will not disclose your personal information to any third parties without your consent, unless we are satisfied that they are legally entitled to the information. Where we disclose your personal information to a third party, we will have regard to the data protection principles.

We will not:

  1. Sell your personal information to third parties; or
  2. Share your personal information with third parties for marketing purposes (unless you have given your consent for us to do so).

How can you find out about and update your information?

You have the right to ask for a copy of the personal information that we hold about you.

If you wish to do so, please contact us:

  1. By email at info@dayfirstaid.co.uk;
  2. By post for the attention of the Data Protection Team, Day First Aid Ltd, 3 Estcourt Street, Goole, East Riding Of Yorkshire, DN14 5AS
  3. By clicking “HERE” and completing the contact us form.

In order to fulfil your request, we may need to first verify your identity.

Any questions regarding this Privacy Notice can be sent to us using the same contact details above.

The accuracy of your information is also important to us.  If you change contact details or if you believe that any of the other personal information we hold is inaccurate, incomplete or out of date, please contact us:

  1. By email at info@dayfirstaid.co.uk;
  2. By post for the attention of the Data Protection Team, Day First Aid Ltd, 3 Estcourt Street, Goole, East Riding Of Yorkshire, DN14 5AS
  3. By clicking “HERE” and completing the contact us form.

In addition to your rights set out elsewhere in this Privacy Notice, you also have the right to:

  1. Request details from us of the recipients of your personal information or the categories of recipients of your personal information, if it is supplied by us to any third parties;
  2. In certain circumstances have the processing of your personal information restricted;
  3. In certain circumstances be provided with the personal information that you have supplied to us, in a portable format that can be transmitted to another company;

In certain circumstances not to be subject to a decision that is based solely on automated processing which would have a legal or significant impact on you.

If you wish to exercise any of the rights set out above, you must make the request in writing addressed to the “Data Protection Team” using one of the methods set out in the “How can you find out about and update your information?” section of this Privacy Notice.

Withdrawal of consent

If you have provided your consent for us to process your personal information, you have the right to withdraw your consent at any time. This will not affect the legality of our consent based use before you withdrew your consent.

If you wish to exercise your right to withdraw your consent, you must make the request in writing addressed to the “Data Protection Team” using one of the methods set out in the “How can you find out about and update your information?” section of this Privacy Notice.

The right to object and deletion

You have the right to object to our use of your personal information, or to ask us to delete, remove, or stop using your personal information if there is no need for us to keep it. This is known as the “right to be forgotten”.

There may be legal or other reasons why we need to keep or use your information, but please tell us if you think that we should not be using it.

If you object to our processing of any of your personal information, you must make the request in writing addressed to the “Data Protection Team” using one of the methods set out in the “How can you find out about and update your information?” section of this Privacy Notice.

How we keep your data secure

We and our third party suppliers use reasonable and up to date security methods to keep your data secure and to prevent unauthorised or unlawful access to your information.

Transferring your personal information outside the European Economic Area (“EEA”)

We will not transfer your personal information outside the EEA unless such transfer is compliant with the GDPR. This means that we cannot transfer any of your personal information outside the EEAunless:

  1. The EU Commission has decided that another country or international organisation ensures an adequate level of protection for your personal information; or
  2. The transfer of your personal information is subject to appropriate safeguards, which may include:
  3. Binding corporate rules; or
  4. Standard data protection clauses adopted by the EU Commission; or
  5. One of the derogations in the GDPR applies (including if you explicitly consent to the proposed transfer).