Privacy Policy
Customer Privacy Notice
Version 2
1st December 2024
This privacy notice tells you how we use and look after the personal information you give us.
This includes the information you provide when you use our services and the choices you have about
our communications with you.
This notice tells you about the privacy rights you have.
The General Data Protection laws are changing on 25 May 2018. This Privacy Notice aims to be
consistent with the new regulations.
1. WHO WE ARE
1.1 Your information will be held by Sussex First Aid Courses Ltd.
1.2 References to our website in this Privacy Notice are to www.sussexfirstaidcourses.co.uk
1.3 You may contact our Data Controller, Garry Perkins by emailing info@sussexfirstaidcourses.co.uk or in
writing to Garry Perkins, Sussex First Aid Courses Ltd, The Barn Brighton Road, Lower Beeding, Horsham, West Sussex, England, RH13 6PT2.
WHAT THE DATA PROTECTION LAW SAYS
2.1 Sussex First Aid Courses Ltd. can only use the personal information that you share with us if we
have a valid and lawful reason to do so.
2.2 These are the reasons that we use your personal data:
- When we are fulfilling a contract with you. For example, when we are providing training courses to
you.
accounts.
- When it is our legal duty for business reasons. For example, to keep a record of our sales for our
3. WHAT ARE OUR SERVICES
3.1 When we refer to services, we mean
- The delivery of courses required of you by the Health and Safety Executive (HSE) to fulfil the
requirements of the Health and Safety at Work Act 1974.
- Providing information, advice and support to help you remain compliant.
4. WHAT PERSONAL DATA DO WE COLLECT AND WHY
4.1 We are required by the Health and Safety Executive (HSE) to keep accurate records of those
attending our training courses delivered by us for three years (the length of the validity of the
certificates). We also keep a record of names, business addresses and or email addresses and
contact telephone numbers which customers have supplied.
Customer Privacy Notice
Version 2
1st December 2024
4.2 We are required to keep accurate records for the purpose of meeting our obligations to HM
Revenue & Customs (HMRC).
4.3 With your permission we may use the information which you have supplied to notify you about
changes which may affect you under the Health and Safety at Work Act 1974, new courses which we
offer and promotions which we may have from time to time.
4.3 We do not sell your data.
4.4 We do not use the information you provide to make any additional decisions or profiling that
might affect you.
5. WHAT DO WE DO WITH YOUR PERSONAL DATA
5.1 Your information is stored in our cloud-based customer management system and server which is
password protected and only accessible by our data processors in our office. We do not store any
data on our desktop hardware.
6. HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION FOR
6.1 We keep your information only for as long as necessary for the purposes for which we obtained
it.
6.2 Information that is not needed is destroyed securely.
6.3 When providing a service we keep records of financial transactions for six years to meet our
obligations to HMRC.
6.4 In relation to any information where we reasonably believe it will be necessary to defend or
prosecute or make a claim against you, us or as a third party, we may retain the data for a long as
that claim could be pursued.
7. WHO DO WE SHARE YOUR PERSONAL INFORMATION WITH
7.1 Sussex First Aid Courses Ltd does not share your personal information with anyone.
7.2 Communication between us is confidential and we shall take all reasonable steps to keep
confidential your information except where we are required to disclose it by law, by regulatory
bodies, by our insurers or as part of an external verifier.
7.2 Unless we are authorised by you to disclose the information on your behalf, this undertaking will
apply during and after engagement of our services.
8. RIGHTS OVER PERSONAL INFORMATION
8.1 By law you have the following rights
- You can ask us what information we hold about you and you can ask us to correct it if it is
inaccurate.
- You can ask us to give you a copy of the information.
Customer Privacy Notice
Version 2
1st December 2024
- You can ask us to stop using your information if you believe we are doing so unlawfully.
- You can ask us to erase your information provided we do need to keep it for overriding regulatory
purposes.
8.2 If you would like to request a copy of the information that we currently hold about you please
email the Data Controller, Garry Perkins at info@sussexfirstaidcourses.co.uk or in writing to:
Garry Perkins, The Barn Brighton Road, Lower Beeding, Horsham, West Sussex, England, RH13 6PT
9.0 YOUR RIGHT TO COMPLAIN
9.1 if you have a complaint about our use of your information please do get in touch with us. Let us
know the details of the complaint and your contact details including address by writing to us at:
Sussex First Aid Courses Ltd, The Barn Brighton Road, Lower Beeding, Horsham, West Sussex, England, RH13 6PT
9.2 You may also complain to the Information Commissioners Office (ICO) about our use of your
personal data. You can contact the ICO via their website at www.ico.org.uk with your concerns or
write to them at:
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
10.0 Email Privacy
All email communication is personal to the intended recipient and is to be treated as private and
confidential. The information in it or attached to it may not be used or disclosed except for the
purpose for which it has been sent, nor may it be transmitted to any third party without our prior
written consent.
If you have reason to believe that you are not the intended recipient of this communication, please
contact us and remove it from your system immediately. If this message is being transmitted over
the internet, be aware that it may be intercepted by third parties and all e-mails received by or sent
Customer Privacy Notice
Version 2
1st December 2024
to the company e-mail server may be subject to monitoring. Whilst the company employs current
virus checking software, the company accepts no liability for any viruses as contained in e-mails
received by its e-mail server or which originate or purport to originate from the company.
No contractual relationship can be created through e-mails by any person unless specifically
indicated otherwise by agreement in writing via means other than e-mail.
11. DOCUMENT CONTROL
This Privacy Notice will be formally reviewed on an annual basis as a minimum, or if required
changes are identified to address one or more of the following:
- A change in business activities which will or could possibly affect the organisation's ability to fully
comply with General Data Protection laws or other related data protection requirements.
- A change in the way the company manages personal data or specifically the activities related to
data processing which are outsourced to third party data processors.
- A change in data protection regulations or associated legislative requirements related to the use of
third party data processors or the legal bases for their engagement.
- An identified shortcoming in the effectiveness of this procedure for example because of a data
breach, Supervisory Authority investigation, formal review or an audit finding.
The current version of this Procedure, together with its previous versions, shall be recorded below:
Version 1: 1st December 2024
