Activate Learning Further Education Corporation is the controller of personal information, and is subject to the Data Protection Act 2018 (DPA) and the General Data Protection Regulation (GDPR).
We may collect, use and share your personal information in order to facilitate business partnerships with your organisation.
What information we hold
The categories of personal information that we collect, hold and share include:
- Contact information (such as name, email address, phone number);
- Correspondence information (such as email correspondence and meeting notes);
- Corporate financial information (such as invoices with your personal information on).
Why we hold your information
We use your information to:
- Pursue or fulfil a contract, agreement or partnership with your organisation;
- Explore future partnership opportunities with your organisation;
- Comply with the law regarding data sharing;
- Comply with our contractual obligations.
The lawful basis for using this information
Under GDPR, we are able to process information on certain legal grounds (bases). In the case of your information, we collect and use information under the following bases: fulfilment of contract, public task and/or legal obligation.
The majority of information you provide to us is necessary for us facilitate business partnerships with your organisation and failure to supply such information may mean that we are unable to enter into or continue a business relationship with you. However, all of your information is provided to us on a voluntary basis.
We store information securely and in line with our Data Protection Policy and associated procedures. A copy of our Data Protection Policy can be obtained from the Data Protection Officer, whose contact details are listed below. We hold your information for the following timeframes:
- Contact information – up to one year after our last contact with you;
- Correspondence information – up to six months after the correspondence took place;
- Corporate financial information – up to seven years after the date of issue.
Who we share information with
We do not share your information with anyone unless it is necessary and in line with the purpose for which it was collected. Where data is routinely shared, a data processing agreement will be established to ensure the protection of your information.
Requesting access to your personal data
- Under data protection legislation, you have the right to:
- Request access to the information we hold about you (Subject Access Request);
- Be informed of the identity of the controller, the reasons for processing your personal data and other relevant information necessary to ensure the fair and transparent processing of personal data;
- Object to processing of personal data that is likely to cause, or is causing, damage or distress;
- Prevent processing for the purpose of direct marketing;
- Object to decisions being taken by automated means;
- In certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed; and/or
- Claim compensation for damages caused by a breach of the data protection regulations.
Ref: MN0001 Version: 001 Date: May 2018