The aim of this policy is to comply with relevant legislation in regard to the keeping of employment records and customer data. The Company requires personal information relating to each individual in order to manage its business in an efficient and effective manner; this data is subject to the new GDPR (General Data Protection Regulations). The Company wishes to act and comply with the principles of this Act.
Data: includes computerised data, manual data and any other form of accessible record that includes personal information held by the Company.
Personal data: is that which relates to a living individual who could be identified by the data.
Data Subject: A data subject is an individual that is the subject of any personal data.
Investors in Veterans Ltd trading as Investors in Veterans (We) collect, use and are responsible for certain personal information about you. When are so we are regulated under the General Data Protection Regulation which applies across the European Union (including in the United Kingdom).
We are committed to complying with the provisions of the Data Protection Legislation and ensuring that the personal data we hold is processed fairly and lawfully. This Privacy Notice has therefore been prepared to tell you about the way we collect information from you and what we do with that information. This Privacy Notice explains the legal basis for this and the rights you have over the way your information is used.
This Privacy Notice explains how we collect information from organisations or individuals who use our website and applications, who attend our events, who complete one of our assessment surveys or with whom we contract for the delivery of services. It also explains how this information is then used. Please read this Privacy Notice carefully and re-visit this page from time to time to review any changes that may have been made.
For the purposes of the Data Protection Legislation we are the data controller and we will process any personal information we collect about you in accordance with the Data Protection Legislation.
If you have any questions about this statement or your personal information that we may collect from you, please contact us at email@example.com
WHAT PERSONAL INFORMATION IS COLLECTED, AND HOW IS THAT INFORMATION THEN USED?
Information collected by us:
We collect personal information in a number of ways:
When you complete an online registration.
When your organisation signs up to one of our services.
When you register for one of our events.
When your organisation provides your contact details for the purposes of completing a survey.
When we ask you to provide us with feedback on our products and services.
When you make a purchase from our shop.
Information collected from other sources:
We also obtain personal information from other sources as follows:
When your organisation provides your contact details to one of our Progression coaches for the purposes of engaging services or completing a survey.
When you use third party websites or allow us indirectly to access your information via third party website, if you gave prior permission to that third party.
How we, the Progression Coaches may use the personal information:
To contact you to provide any further information you or your organisation has requested.
To deliver products and services as per the contract with your organisation (e.g. carry out an IIV assessment or raising invoices).
To contact you to complete a survey.
To let you know about related products and services that may be of benefit to you or your organisation (provided you have not opted out from receiving this type of communication from us).
To measure and analyse behaviour when you are using our platforms or website in order to monitor, maintain and improve our services or features of those platforms.
To personalise or customise the user experience of people using our platforms and services.
To prevent or fix service, security, support or technical issues.
To create anonymised and aggregated data for benchmarking, public relations and marketing purposes.
Reasons why our collection and use of your personal information is consistent with the current data privacy directives:
The use of your information for the purposes set out above should be considered lawful because one or more of the following processes applies:
Where you have provided information to us for the purposes of receiving information about us, we rely on legitimate interests as the lawful basis on which we collect and use your personal data. Our legitimate interest is to provide details of our services to you.
It is necessary for us to hold and use your information so that we can carry out our obligations under a contract entered into with you or your organisation or to take steps you ask us to prior to entering into a contract. We also rely on this being in our interest in delivering on our obligations to you, at your request, or that of your organisation. Our services to you may be delivered via a third party.
It is necessary to comply with our legal obligations. e.g. for the purposes of fraud prevention or through the court of law.
Undertaking an IIV Online Survey:
Your organisation will inform you of why they are undertaking the survey and how this will be used to inform business improvement.
In order for you to complete one of our surveys, we collect:
your name and email addresses so that you can be invited to participate in the survey.
other details which may include, role, department or site where you work.
As a participant, you may be asked to submit the following information when completing the survey:
views about your organisation, your age, managerial level, gender, or length of service.
The information provided by your organisation is the minimum needed for the contractual services which your organisation has asked to be provided. They do this because it is in their legitimate interests as your employer. This does not affect your individual rights and freedoms as you may object to this processing at any time and:
choose not to respond to the survey.
object to the processing of personal data through your organisation.
How is the information collected in a Survey used?
We retain ownership on all survey submissions and we are the Data Controller. Responses provided remain anonymous and confidential. Submitted data is stored against the email record for the purposes of debugging and occasionally correcting or deleting user data which has been submitted incorrectly. All data is aggregated and anonymised removing any Personal Identifiable Information (PII) before being shared with your organisation, third parties such as Practitioners, delivery partners and other administrators.
Submissions via an “open account” are not linked to any PII and so can be considered anonymous. For the protection of small groups where data trends could be interpreted and linked back to individual submissions, aggregated group data is not shown until there are at least seven responses in the group in question.
Your rights regarding personal information collected for a Survey:
You have the right to:
Ask what personal information we are holding about you.
Have rectified any mistakes in your personal data.
Request for personal data to be removed from our systems (we will do this by anonymisation removing personal details and replacing with a random unique identifier).
Restrict the way in which your personal information is dealt with and used.
Request that your personal information is provided in a format that is secure and suitable for re-use.
Should you want to act upon any of these rights you may communicate your request through your organisation.
Do we share personal data with other organisations?
All data collected is for the sole purpose of providing services or further information.
We may also engage the services and may share your information with a third party in the following areas:
Contracted Progression coaches to deliver our services (for example advisory or assessment services).
When you visit our website, we may collect, using electronic means such as cookies, technical information. This information may include information about visits to the website, including the IP address of your computer and which browser was used to view the website, your operating system, resolution of screen, location, language settings in browsers, the site you came from, keywords searched (if arriving from a search engine), the number of page views, information entered, and advertisements seen. This data is used to measure and improve the effectiveness of our website and platforms website or enhance the experience for other users. While most of the time this information is depersonalised, if this information relates to an identifiable individual, we will treat this information as personal information.
How long do we keep your information for?
We will only hold your personal information for as long as it is necessary for the relevant activity, including to fulfil our legal obligations.
Client and individual records on CRM
We maintain a CRM database record of your organisation, key employee contact details and details of projects and services your organisation has enquired about or requested – including a copy of the key documents related to services which have been performed (including documents provided to us by third parties in the provision of their services, namely the plans and reports). These records are kept indefinitely to help us manage the history and ongoing accreditation and support given to our clients, as well as to compile information for statistical analysis. The records may be made available to our Practitioners.
If you ask us to stop contacting you with marketing materials, we will keep a record of your contact details and limited information needed to ensure we comply with your request.
Data collected by IIV Progression coaches
As stated above, we engage a number of contracted Practitioners which enables us to implement our symbol and future accreditation scheme. Any personal information they collect and share with us will be dealt with by us in accordance with this Privacy Notice.
How do we store and protect your personal information?
We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it.
Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach when we are legally required to do so.
We will never sell your information to anyone
We do not sell any of your information and we carry out all processing in strict compliance with European privacy laws.
How to complain
We hope that we can resolve any query or concern you raise about our use of your information.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.
Changes to this Privacy Notice
This privacy notice was published on 26/05/18 and last updated on 26/0/5/18.
If we make any changes to this privacy notice these changes will be detailed on our data Protection website page to ensure that you are fully aware of what information is collected, how it is used and under what circumstances it will be disclosed. If we make any significant changes we may advertise this on the website or, contact you directly with the information.
All employees have a role to play in enforcing the policy and are required to deal with any observed or reported breaches. Should employees feel apprehensive about their own safety in regard to addressing any breach, they should seek senior management support.
Failure to comply with this policy may lead to a lack of clarity over job role, learning needs or expected standards of performance, resulting in reduced effectiveness or efficiency, underperformance and putting service delivery at risk.
Any member of staff refusing to observe the policy will be liable to disciplinary action in accordance with the Company’s Disciplinary Policy up to and including dismissal.
Implementation of the Policy
Overall responsibility for policy implementation and review rests with the Company senior management. However, all employees are required to adhere to and support the implementation of the policy. The Company will inform all existing employees about this policy and their role in the implementation of the policy. They will also give all new employees notice of the policy on induction to the Company.
This policy will be implemented through the development and maintenance of procedures for appraisals and one-to-one meetings, using template forms, and guidance given to both managers and employees on the process.