Adeva Partners Ltd Privacy Notice for Training Participants
Registered address: 73 Cornhill, London, EC3V 3QQ
This privacy notice was updated on 28th February 2022 and is effective immediately. It tells you everything you need to know about how Adeva Partners Ltd process, control and protect your personal data and the rights that you have in relation to that data. This privacy statement is regularly updated to reflect any changes in the way we handle your personal data or any changes to applicable laws.
Adeva Partners is committed to protecting and respecting your privacy.
The aim of this Privacy Notice is to give you information about how we collect and process your personal data when you receive training services that we provide to you under a contract with your employer or with you directly. When we process your data, we may be either the data controller or the data processor or both depending on the contract we have with your employer or with you directly.
All personal data is collected, stored and processed in accordance with the UK General Data Protection Regulation (UK GDPR), the EU GDPR, the Data Protection Act 2018 (DPA 2018) and the Privacy and Electronic Communications Regulations (PECR).
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.
We may update this notice at any time, and we may provide you with additional privacy notices from time to time.
Data Protection Principles
We will comply with data protection law including the 7 principles of GDPR which are:
- Personal data shall be processed lawfully, fairly and in a transparent manner.
- Personal data shall be collected for specified, explicit and legitimate purposes and shall not be further processed in any manner incompatible with that purpose or those purposes.
- Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.
- Personal data shall be accurate and where necessary kept up to date.
- Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
- Personal data shall be processed in a way that ensures it is appropriately secure.
- Adeva has put in place appropriate technical and organisational measures to prevent unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
Personal Data That We Process
We will collect, store, and use the following categories of personal data about you:
Contact data: name, email address and telephone numbers (if provided)
Participant profile data: as provided by your employer e.g., job title/level, department, country where you work, employee ID, you manager’s details. Occasionally we may keep a record of reports, assessment, resumes and other relevant information that your employer has shared with us.
Training data: information about your training attendance, modules completed, assignments, presentation files, progress, examinations, assessments, results, feedback survey responses. We store copies of assignments and presentations you submit during training.
Audio and visual data: photos and video recordings are occasionally taken during virtual training.
Technical data: includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access Adeva’s learning portal and video conferencing platforms.
How We Collect Your Personal Data
Before training, we receive your personal data from your employer under our contract with them to deliver training. We may collect further personal data about you during your training.
- Through direct interactions and email contact with our training and administration staff
- Through interaction with our learning portal and video conferencing platforms
How We Use Your Personal Data
We will only process your personal data if we have a lawful ground for processing such data. Most commonly, we will use your personal information in the following circumstances:
- Where we need to perform the contract with you or your employer to provide you with training.
- Where we need to comply with a legal obligation
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we have your consent.
Purposes For Which We Process Your Personal Data
||Type of Data
||Lawful Basis for Processing
|To administer and deliver training and related services to you
||Contact data; Participant profile data; Training Data
Technical Data; Audio and Visual Data
|It is necessary for a contract we have with you or your employer
|To communicate with you about your training programme
||It is necessary for a contract we have with you or your employer
|To provide access to our learning portal where you access training materials and activities
||Contact data; Participant profile data; Technical Data
|| It is necessary for a contract we have with you or your employer
|To provide your employer with reporting on attendance, progress and results.
||Contact data; Participant profile data; Training Data
||It is necessary for a contract we have with you or your employer
|To send you post-course learning materials and relevant educational content
||It is necessary for a contract we have with you or your employer or you have provided explicit consent to us
We may from time to time use your personal data without your knowledge or consent where this is required or permitted by law.
Transfers to Third Parties
We may have to share your personal data with third parties, including third-party service providers, because it is necessary to deliver training services to you or where we have another legitimate interest in doing so.
Third party providers may carry out the following services:
- Provide electronic storage services for personal data we collect
- Provide an online learning portal where you can access training materials and other training activities
- Please contact firstname.lastname@example.org to request a list of third parties that may process your data
If applicable, we may share your personal information with a regulator or to otherwise comply with the law.
We require third parties to respect the security of your data and to treat it in accordance with the law. They must act only in accordance with our instructions, and they agree to keep your personal data confidential and secure. We have data protection agreements in place with these parties.
Transfers Outside of the EEA
We may transfer your personal information outside the EEA, e.g., in reports and communications with your employer, if your trainer resides outside of the EEA. If we do, you can expect a similar degree of protection in respect of your personal information.
Where we transfer your personal data to countries where there is no adequacy decision by the ICO in respect of that country, we will put in place certain measures to ensure that your personal data does receive an adequate level of protection, such as contractual clauses that have been approved by the ICO.
The law requires that “special categories” of particularly sensitive personal information require higher levels of protection than other personal data.
We do not routinely collect or process sensitive data and criminal convictions data. Occasionally we may receive gender data from your employer: it is our policy to remove this data from the records we hold about you. If we provide additional support to meet a participant’s accessibility requirements, we may also collect, store and use the following “special categories” of more sensitive personal information:
- Information about any disabilities or learning needs – this information may be provided by you or your employer so that any reasonable adjustments can be made to accommodate participants with disabilities and to ensure that any learning needs are supported. This information is voluntary, but Adeva will not be able to provide you with learning support/reasonable adjustments if you do not provide this information.
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Rights of Access, Correction, Erasure, and Restriction
It is important that the personal data we hold about you is accurate and up to date. Please keep us informed if your personal information changes.
Under certain circumstances, by law you have the right to:
- Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
- Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal information to another party.
In all cases you must provide us with evidence of your identity before we will respond to a subject access request. We would prefer if your request sent to us in an email (see contact information below). We may contact you to confirm the details of your request it in order ensure that we provide the detail that you require.
You will not have to pay a fee to access your personal data or to exercise any of the other rights under data protection laws. However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
Right to Withdraw Consent: In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please email us (see contact information below). Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
Please contact us at email@example.com if you have any questions about how we protect your personal data or if you wish to exercise your rights in relation to your personal data.
If you wish to make a complaint about our use of your data you have the right to contact the Information Commissioner’s Office (ICO), Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF (Telephone: +44 (0)303 123 1113 or https://ico.org.uk).