A PDF version of this privacy policy can be downloaded here.
Statement
OMS is committed to protecting your privacy and ensuring that any information we collect about you is never misused.
This policy explains what information we collect, how and why we use it, how we keep it safe, and what your rights are.
By using our website and other services, you agree to the way we collect and use your personal information according to the terms of this privacy policy.
About us and this policy
We are a Company providing consultancy and training services. Our data is processed at our Head Office at:
1 Dromintee Way
Bardon Hill
Coalville
Leicestershire
LE67 1TX
Telephone: 01530 833533
Website: www.oms.uk.com
If you have any comments or concerns about any aspect of t his policy or any privacy or data protection issue, please email our Privacy Team at privacy@oms.uk.com, or please write to our Data Protection Manager Allison Peasgood, at the address above.
Our Principles
These 8 principles summarise our commitment to protecting your privacy:
- We only collect and use the personal information we need to provide or improve our services
- You can check whatever information we hold about you
- We will keep your personal information safe
- We are fair and open about how we use yo ur details
- We will never sell your details or share it except in the ways mentioned in this policy or unless asked
- We will let you know if there are important changes that affect your information or how we use it
- We take responsibility for the information we hold about you
- We only keep your information for as long as necessary.
Changes to the Policy
When we review our Privacy Policy we will note the date it was last updated and try to let you know by email, if we have it, of any changes. This privacy policy was last reviewed and updated in May 2020.
The Law
The legislation that applies to this privacy policy includes the:
- Data Protection Act 1998 (DPA)
- EU Data Protection Directive 95/46/EC
- Regulation of Investigatory Powers Act 2000
- Telecommunications ( Lawful Business Practice) (Interception of Communications) Regulations 2000
- Electronic Communications Data Protection Directive 2002/58/EC
- Privacy and Electronic Communications (EC Directive) Regulations 2003
- General Data Protection Regulation ((EU) 2016/6 79) (GDPR) as introduced into national law on 25 May 2018
- All applicable laws, regulations and secondary legislation relating to the processing of personal data and privacy
- Guidance and codes of practice issued by the Information Commissioner
- Any successor legislation to the DPA and GDPR.
How we collect and use your information
How we collect
We collect the information when you use our website, products an d services, including when you:
- Submit one of our forms
- Correspond with us by tele phone, email or o therwise
- Register with us
- Subscribe to our services
- Search for a service
- Participate in our discussion boards, chat or social media
- Enter a competition or promotion
- Respond to a survey
- We collect information about you when you visit our websites through th e use of cookies (read Cookies section below for full details).
We may also get information from other sources, including:
- Third parties, such as external training organisations
- Those websites and services we help to operate or contribute to
- Closed circuit television (CCTV) ( please read CCTV section below for full details).
What we collect
The information we collect from you could include your:
- Name, address, email and telephone number
- Date of birth
- National Insurance number
- Financial and credit card information
- Photograph
- IP address
- Geographical location
- Browser type
- Device type
- Operating system
- Browsing data, such as access times
- Navigation history.
We may also have sensitive information, including about your:
- Physical health
- Mental health
- Racial or ethnic origin
- Religious or other beliefs
How we use your information
We use your information for many purposes, including to:
- Fulfil our statutory roles, duties and functions
- Administer our training records and accounts
- Promote our services
- Manage our employees and sub – contractors
- Advertise, promote and market our services
- Undertake research
- Administer certification, qualification and card schemes
- Confirm identities and prevent crime
- Notify you about a change to our service
- Carry out our contractual obligations
- Provide and improve our services
- Analyse your website behaviour
- Improve the operation, security and presentation of our web site
- Target our online advertising to your interests and preferences
- Measure and understand the effectiveness of our online content and marketing
- Enable you to participate in interactive features on our website.
How we keep it safe
- We take the security of your personal information very seriously
- We use technical measures, such as private networks, encryption and robust firewalls as well as physical security measures, and carry out regular security reviews to keep our protections up to date. We also strictly control access and ensure staff who are authorised for access are adequately trained in keeping your information safe
- Our procedures mean that we may ask you to prove your identity before we share your personal information with you
- Third – party websites you access through links on our websites will have their own privacy policies. We do not accept any responsibility or liability for them
Sharing your information
We do not share your information with others unless you have consented or it is necessary to do so because:
- Of our statutory role and duties as a training and consultancy provider
- The law requires us to
- Of administrative or operational needs
- It is part of our terms of performing our contract with you
When we do have to share information, it is likely to be with:
- Our awarding bodies
- Your employer Law enforcement agencies.
Sharing your achievements
We may want to share your training achievements with, websites and other media. Contact us on 01530 833533 or privacy@oms.uk.com if you would prefer us not to.
Data transfer outside the EEA
Sometimes we may transfer your details to third parties outside of the European Economic Area (EEA). If this happens we will ensure that the transfer and storage of your information still complies with UK or EEA laws and this Privacy Policy.
Cookies
When you visit our OMS website we place cookies on your device. Cookies are small text files that help our websites to work and us to understand what information is most useful to our users. They also speed things when you come back to a site. We do not use them to identify you personally.
You can delete cookies stored on your d evice at any time.
What we collect
Cookies allow us to gather information about your visits to our site, including your:
- IP address
- Geographical location
- Browser type
- Device type
- Operating system
- Browsing data, such as access times
- Navigation history
- Preferences
How we use your information
Cookies enable us to use the tools and services of Google Analytics.
Google Analytics helps us measure and analyse how users are using our sites so that we can improve their experiences.
Who has access to your information
Our staff and Google can access information related to Google Analytics cookies.
Other third – party cookies
When we use internet tools from other companies to enhance our website, these companies may also put cookies on your device. They include:
- Google Maps
- YouTube
- Campaign Monitor
Telephone
We do not record telephone calls.
Email, chat and social media
There are many ways you may communicate with us online, including by:
- Chat and instant messaging (such as Skype for Business)
- Social media (such as Facebook or Twitter)
- Video conferencing (such as GoToMeeting)
- File sharing platforms (such as Google Drive, Box, Drop Box).
What we do
When you use email, chat, social media and other online platforms, it is likely you know what information you are sharing with us.
How we use and process your information, who accesses it, and how long we keep it, depends on the context in which we collected it, but follows the terms of our Privacy Policy and UK law.
The information is normally handled by our authorised staff, but if we intend to share it with third parties, we will make every effort to let you know.
CCTV
Images from closed circuit television (CCTV) of a recognisable person are treated as personal data in data protection law.
How we use CCTV
We use CCTV to:
- Maintain the safety and security of our property, premises, and people
- Monitor the fair execution of our examinations, in line with our awarding body requirements
- Prevent and investigate crime
- Monitor staff
- To assist disciplinary procedures in cases of serious misconduct.
Who has access to your information
Our CCTV system is operated from a self – contained security control room, access to which is strictly limited to the Data Protection Manager and Office Manager.
Where necessary we may share CCTV image information with:
- The person in the image
- Employees and agents
- Awarding bodies
- Police forces
- Security organisations
- Individuals making an enquiry.
How long we keep it
Unless we need them for an active investigation, we keep recorded images for 30 days. After that, the images are automatically overwritten by the recording equipment. We destroy recordings that are part of an active investigation as soon as they are no longer needed.
Your rights
You can ask for a copy of your information recorded by CCTV, except in certain circumstances described by applicable legislation. You do not have the right to instant access.
Your payment details
For bank and building society account transactions, we may make a record of your:
- Name
- Branch address
- Sort code
- Account number
Credit card and debit card transactions via our website are processed via a Level 1 PCI – DSS compliant, third party service provider called Payment Express. For these transactions, your card data remains secure at every step of the journey between your bank account and ours and our staff never have access to this.
For telephone and postal card payments, the data needed to process the payment and complete the transaction is:
- Cardholder’s name
- Card number
- Card security code (CSC)
- Validity and expiry dates Cardholder’s name
How long we keep it
We keep your bank or building society details for as long as yo u authorise and delete them when they are no longer needed. We do not retain any payment card information and this is deleted immediately after confirmation of a successful transaction.
Children
Our website, services and or any products are not aimed at children and we do not knowingly collect any information from anyone under the age of 16 years.
Where we have inadvertently collected information from a child, we will delete it as soon as possible.
If you know that a child has given their information to us, please contact us at privacy@ oms.uk.com.
Your rights
You have the right to:
- Ask for a copy of any information we hold about you
- Withdraw any consents you have previously given
- Lodge a complaint with us or the Information Commissioner’s Office or with any other relevant supervisory authority about how we handle your personal data
- Ask us to correct any inaccurate or incomplete information we have about you
- Ask us to delete your information from our records
- Ask us to send a copy of your information t o a third party in a data portable format.
Changing your contact preferences
You can change your contact preferences , or withdraw your consent at any time, by writing to us at privacy@oms.uk.com or mail to:
Privacy Team
OMS
1 Dromintee Road
Bardon Hill
Coalville
Leicestershire
LE67 1TX
Making a request to see your information
To see the information we hold about you, you should make a Subject Access Request in writing, including your:
- Full name, including previous or other names, if appropriate
- Address
- Telephone number.
to:
Privacy Team
OMS
1 Dromintee Road
Bardon Hill
Coalville
Leicestershire
LE67 1TX
Our services
We manage an online, secure booking system for our training courses, which is compliant will all relevant Data Protection legislation.
How we use your information
- We use your information to find you the right course, venue and, if appropriate, accommodation, to deliver the course, and to process your booking.
Who has access to your information
- OMS employees who operate the course booking system or deliver training have access.
What we do
We use your:
- Contact details to administer the course
- Identification information to prevent fraud
- Profile data so we know your contact preferences and so on
How long we keep it
- We keep your profile information for no more than 6 years from the date you made your last booking, and we delete information about the courses you attended after 6 years.