Privacy & Cookie Policy

Privacy & Cookie Policy

Document Specification: Purpose: To set out Cognet Occupational Safety and Health Limited’s approach to ensuring the Privacy of individuals and the use of Cookies on its websites, etc., in line with the GDPR Accountability: Responsibility: Last Review date: 30/11/2022 Next Review due: 29/11/2023 Version: 1.0 Law/Regulations covered: Policy & Electronic Communications Regulations (amended 2016) General Data Protection Regulations Data Protection Bill 2018

Cognet Occupational Safety and Health Ltd Unit 16W , Topbarn Business Centre Worcester Road Holt Heath Worcester WR6 6NH

Tel: 01905 745457 Email: info@cognet.training Website: www.cognet.training   CONTENTS Section Title Page

  1. Overview 3

  2. The Purpose of and Legal Basis for Processing Personal Data 3 – 5

  3. Types of Personal Data Processed 5 – 6

  4. Our Website & Use of Cookies 6 4.1 Who Manages Our Website? 4.2 Website Usage Information 4.3 The Use of Cookies 4.4 Further Information About Cookies

    4.5 Third Party Content and Linking to Other Websites

  5. Information Sharing and Disclosure

  6. Retention of Data

  7. Your Rights

  8. Changes to Policy

  1. Overview This Policy covers the data collected and processed by Cognet Occupational Safety and Health Limited who can be contacted at: Cognet Occupational Safety and Health Ltd Unit 16W , Topbarn Business Centre Worcester Road Holt Heath Worcester WR6 6NH

Tel: 01905745457

Cognet Occupational Safety and Health Limited is the Data Controller of the personal data we process on our own behalf and the Data Processor of data processed on behalf of our clients. We have a legal duty to protect the privacy of all, personal and business data obtained from you while you are using our website, as well as in the provision of our services to you. This Privacy Policy explains what information we may collect from you and the purposes for which it will be used. This Policy complies with all current data protection and privacy regulations in the UK, including, but not limited to, the General Data Protection Regulations (the GDPR) and the Privacy and Electronic Communications Regulations (the PECR). The GDPR relates to ‘personal data’ which covers any information which makes an individual (the Data Subject) identifiable. 2. Purpose of and Legal Basis for Processing Personal Data Cognet Occupational Safety and Health Limited will only process personal data for the purposes of delivering the services contracted by our clients, unless we are provided with specific consent to process for other purposes, such as marketing, or the purpose of complying with local laws or regulations. Personal data will never be processed without the knowledge and/or permission of the Data Subject. Where you have contracted for us to provide a regulated qualification, we will be sharing your information with the recognised Awarding Organisation, as required by the applicable Regulator(s) as part of our legal obligation. By using our services, including accessing our website and the forms, etc. therein, you give your agreement to our processing any personal data we may have as described in this policy. 3. Types of Personal Data Processed Personal Data is any information which could potentially make an individual identifiable and can include, but may not be limited to, your name, address, date of birth, email address and IP address. We collect data in a number of ways including, but not necessarily limited to: • Contact forms on our website completed and submitted by a Data Subject • As part of a Contract for Services, i.e. names and contact information of individuals, including where they are acting on behalf of a client company • Provided to us by clients in order that we can deliver the services they have contracted us for Our contact forms make it clear that the information will be used for the purposes of the contact (e.g. to respond to a query or provide a quote, etc.) but also provide the option for consent to expand the processing of that data for marketing purposes. Similarly, any contract for services will set out what the personal data will be used for. Personal Data provided to us by our clients as part of our service provision will be processed only in accordance with the contract for services and no such data will be used for the benefit of Cognet Occupational Safety and Health Limited. 4. Our Website and Cookies 4.1. Who manages our website? The content of our website is owned and edited by the Cognet Occupational Safety and Health Limited Website usage information Web usage information is collected by our web server and from other sources including page tagging techniques using JavaScript and cookies. We use cookies to analyse website usage trends, understand user journeys and gather broad demographic information for aggregate use. Our cookies are not linked to personally identifiable information and we do not collect, store or process the IP addresses of visitors browsing our website. The type of website usage information that we collect during your visits to our site includes, for example, the date and time, pages viewed or searched for, publications ordered, guides printed, tools used, subscriptions and referrals made, some truncated postcode or telephone area code information entered on forms (which is not traceable back to you) and other information relating to your usage of our website. We may also use web usage information to create statistical data regarding the use of our website and we may then use or disclose that statistical data to others for marketing and strategic development purposes, however, no individual identities will or can be identified in such statistical data. 4.2. Cookies Cookies are small pieces of data given to your browser by a website which may be stored as text files in the cookie directory of your computer. Cookies are not programs and cannot collect information from your computer. They do not damage your computer and are defined as "a piece of text stored on a user's computer by their web browser. A cookie can be used for authentication, storing site preferences, shopping cart contents, the identifier for a server-based session, or anything else that can be accomplished through storing text data" (source: Wikipedia, 2011). Each website may send cookie data to your browser which may save it if your browser's preferences allow it to do so. To protect your privacy your browser only returns a cookie to the website that sent you the cookie and does not send it to any other website. A website cannot access your cookie directory or information on your computer, instead relevant cookies are included by your browser within each request you make to the website. A website can only obtain cookie data that your browser sends to it. You do not have to accept cookies and you can change the settings within your browser to accept all cookies, reject all cookies, reject cookies from certain websites, notify you if a site is requesting to set a cookie, and set various other options. Please see below in ‘4.4 Further information about cookies’ for more details on how you might do this. Switching off cookies will still allow you to view the majority of content on our site, however, it will prevent you logging in and so accessing personalised information. It will also stop us remembering your login User ID, if you ask us to do so, and may restrict your use of our interactive tools and of some services available through linked sites. 4.3. Further information about cookies If you would like to opt out of, or restrict the use of cookies when visiting our, or any other third party’s website, you are able to adjust the settings in your Internet browser to do this. Exactly how this is done will depend on which browser you use for access to the Internet. Each browser has its own variation on how this can be achieved, but it is usually under ‘Settings’ which can be found at the end of the Search bar, e.g. on Chrome it is found as follows:

You then need to go to “Advanced”, then “Privacy and Security”, then “Content Settings” and “Cookies” and choose the most appropriate setting for yourself. Users should check their Internet browser for details of how to amend, remove or restrict the use of cookies on their computer, tablet or other internet enabled device. For further information about cookies, please refer to: • Find information on internet browser cookies on the Information Commissioner's website 4.4. This privacy policy applies only to our website. We are not responsible for privacy practices within any other websites. You should always be aware of this when you leave our website and we encourage you to read the privacy statement on any other website that you visit. We embed external content from third-party websites such as YouTube, Twitter and LinkedIn including cookies. This content is not published on our website. It is delivered using devices and services from third party sites that can be inserted into our site such as media players, RSS feeds and widgets. These websites may use cookies. Their content is subject to the privacy policy of the relevant third-party provider and not ours.

  1. Information sharing and disclosure We may share your data with specified third parties for the purposes of supplying the services you have contracted us for or if required to by law or by a regulation based on a law. We will not sell, rent or disclose your information to any third parties other than those set out in this privacy policy without your prior consent. We do not transfer your personal data outside of the UK and the European Economic Area. Or We may transfer your personal data outside of the UK for the purposes of [insert reason, eg backing upto a cloud server hosted by [co name] who are based [address/region/country]] however your personal data is kept encrypted at all times so that it cannot be read by the service provider. All personal data is still under the remit of the GDPR, regardless of our use of storage outside the UK and the EEA.
  2. Retention of Data Personal Data will always be held for the minimum amount of time required. This will depend on a number of factors, such as the terms and length of a contract or a relevant law or regulation based on law. It will be deleted a maximum of [12] months after such a period has ended under our semi-annual data clearance procedures. Personal Data that has been gathered via our website contact forms will be held for a maximum of [12] months after the initial contact, unless additional permission is obtained from the Data Subject or a contract for services is brought into force in the interim. Electronic Personal Data is encrypted and held in a secure manner on physical and cloud-based services. The encryption used meets all current requirements for encrypted services and is updated regularly to ensure that it remains fit for purpose. Electronic data is deleted following a secure process to ensure there is no lapse in security at the point of deletion. Paper based Personal Data is held in secure, fire-proof, locked cabinets. It is destroyed under contract with a secure data destruction company.
  3. Your Rights Under current legislation, Data Subjects have the following rights: • To be informed – This policy is one of ways in which Cognet Occupational Safety and Health Limited informs you how and why we process your data • Of Access – All Data Subjects have the right to quest access to all of the data we hold on them. Any Data Subject requests received will be reviewed and responded to within one calendar month of receipt of the request. Most requests will be fulfilled free of charge, however, Cognet Occupational Safety and Health Limited reserve the right to charge a reasonable administration fee for any requests deemed to be excessive, unfounded or repetitive. • Of rectification – Should you find that any data we hold about you is incorrect, you can ask us to correct it and we will investigate and respond within one calendar month of receipt of the request. • Of Erasure – You can ask for your Personal Data to be erased permanently. All such requests will be responded to within one calendar month of the receipt of a request. Please note that, whilst we will always endeavour to fulfil requests, there may be some instances were this is not possible due to legal or regulatory reasons. We will always provide a full explanation in any such instances. • To restrict processing – If you do not wish for your data to be erased, you may ask for it to be restricted so that we continue to hold it but not process it or use it in any way – we would essentially ‘archive’ your data. This is only applicable in certain circumstances, however we will look at all requests and respond within one calendar month of the receipt of a request. • To data portability – All electronically held data can be transferred to another company in a structured, commonly used and machine readable format on request. Please note that this will only include the data you have provided to us and not any ancillary data produced as a result of the services we have created during the provision of our services or where that data includes information regarding a third party. All requests for moving data will be responded to within one calendar month of a request being received. • To Object – You can object to our processing data for the purposes of marketing, scientific/ historical research and statistics, or legitimate interests or in the performing of a task in the public interest /exercise of official authority (including profiling). All such requests shall be responded to within one calendar month • Rights related to automated decision making, including profiling – The GDPR sets out specific rights in relation to automated decision making. Please note that Cognet Occupational Safety and Health Limited does not use any form of automated decision making system whilst processing your data. • To complain – You have the right to raise a complaint regarding the processing of your data or our response to a request under the above rights. As part of this, you also have the right to escalate your complaint to a supervisory authority. In respect of data handling, you have the right to escalate your complaint to the Information Commissioners Office (ICO). Please go to https://ico.org.uk/for-the-public/raising-concerns/ for full details. Data Subjects have the right to withdraw their consent to our processing their data at any time. In respect of any of the rights indicated above, if you would like to make a request, require further information, or have a complaint regarding our processing of your data please contact us at: Email: info@cognet.training Website: www.cognet.training

Address: Unit 16W , Topbarn Business Centre Worcester Road Holt Heath Worcester WR6 6NH

Telephone: 01905 745 457 8. Changes to this policy We may make changes to this privacy policy at any time. Changes will be posted on our website and are effective immediately, except where they relate directly to a contract for services where all changes will be subject to the agreements in that contract. Regularly reviewing this Policy ensures that you are always aware of what information we collect, how we use it and under what circumstances, if any, we will share it with other parties.

This policy was approved by: Steven Bujanski 30/11/2022

Review Due: 29/11/2024

Take care and stay safe 

Warm regards

Craig

Craig Ratcliffe

01905745457

craig@cognet.training www.cognet.training https://www.facebook.com/Cognet-Occupational-Safety-Health-108366007380652 https://www.instagram.com/cognet_training/

Unit 16W , Topbarn Business Centre Worcester Road Holt Heath Worcester WR6 6NH Cognet Occupational Safety and Health Ltd is a company registered in England and Wales.
Registered number: 06220985 Registered Office: Unit 16W , Topbarn Business Centre, Worcester Road, Holt Heath, Worcester, WR6 6NH

This email and any attachment(s) is for the intended recipient only. It is confidential and may be legally privileged. If received in error please delete and notify us immediately. Any unauthorised access, disclosure, copying, distribution or reliance on it, is prohibited.