Senworks Ltd is committed to protecting your privacy when you use our services.
The privacy statement below explains how we use information about you and how we protect your privacy. This information is provided because Data Protection Law gives individuals rights to understand how their data is used.
From 25 May 2018, your personal information will be processed, held and/or controlled in accordance with the General Data Protection Regulations (2016/679) and the UK Data Protection Act 2018.
This Privacy Notice applies alongside any other information with which you may be provided about a particular use of personal data, for example when collecting data online or in paper form during the agreement of a consultation brief, in advance of a piece of work.
Senworks Ltd makes sure your legal rights are respected.
You may contact the office at any time to:
- Request access to information which Senworks Ltd has about you
- Correct any information which Senworks Ltd has about you
- Ask for any information which Senworks Ltd has about you to be deleted
- Discuss any concerns or ask any questions about how we look after your personal information
Please contact me, Abigail Gray at firstname.lastname@example.org at the company office:
This policy is intended to provide information about how Senworks Ltd will use (or “process”) personal data about individuals; its current and past contacts and clients.
We may collect personal information about you in order to carry out ordinary duties as part of daily operation. Some of this activity is necessary in order to fulfil legal rights, duties or obligations. Personal information can be anything that identifies and relates to a living person and can include information that when put together with other information can then identify the person. For example, this could be your name, contact details, email address and/or telephone number.
Why do we need your personal information?
We may need to use some information about you to:
- deliver consultancy services and support to you
- to provide professional development training
- to mentor and coach individuals
- carry out our obligations arising from any contracts entered into between you and us
- For the purposes of management planning and forecasting, research and statistical analysis, including that imposed or provided for by law (such as tax)
- help investigate any worries or complaints you have about your services and to answer your questions and enquiries
- check and improve the quality of our services
- help with research and planning of new services
- send you information which we think might be of interest to you if you have agreed to this
- market our related products and services to you, where you have given your consent for us to do so
- To make use of photographic images, on the website and on social media channels in accordance with the policy on taking, storing and using images
- Where otherwise reasonably necessary including to obtain appropriate professional advice and insurance
Some personal information might be ‘special’ and require additional sensitivity.
Some information viewed in the process of a consultancy may be ‘special’ and needs even more protection due to its sensitivity. Personal information may be contained in specialist reports from schools and external agencies including clinicians and therapists. It’s often information not want widely known and is very personal. This is likely to include anything that can reveal sexuality and sexual health, religious or philosophical beliefs, ethnicity, physical or mental health, trade union membership, political opinion, genetic/biometric data, criminal history.
Types of Data processed include by way of example:
- names, addresses, telephone numbers, e-mail addresses and other contact details
- Education Health and Care Plans, Educational Psychology Reports, Speech and Language Reports, Occupational Therapy reports, reports from Paediatricians and Psychiatrists
- bank details and other financial information
- images of individuals engaging in training activities
Types of commercial data processed include by way of example:
- Contact details of schools and organisations
- School inspection reports
We only use what we need
We’ll only collect and use personal information if we need it to deliver a service or meet a requirement.
If we don’t need personal information we won’t ask you for it. For example, in a survey we may not need your contact details we’ll only collect your survey responses.
If we use your personal information for research and analysis, we’ll always keep you anonymous or use a different name unless you’ve agreed that your personal information can be used for that research.
We don’t sell your personal information to anyone else.
How Senworks collects data
Generally, Senworks receives personal and ‘special’ data directly from the client with the client’s express permission. This may be via a form, or simply in the ordinary course of interaction or communication.
In working consultatively in schools Senworks requires the school to redact any personal information from documents shared in review: including reports from the school, or other professionals or authorities working with that individual); unless collected from publicly available resources.
Who has access to personal data and with whom is it shared?
On occasion Senworks will need to share personal information relating to its clients with third parties. For the most part data shared will simply be contact names and email addresses. These sharing agreements might include:
- professional advisers (e.g. lawyers, insurers, PR advisers and accountants);
- government authorities (e.g. HMRC, DfE, Companies House, The Charity Commission, police or the local authority)
For the most part, personal data collected by Senworks will remain within Senworks and will be processed by appropriate individuals only in accordance with access protocols (i.e. on a ‘need to know’ basis).
Finally, in accordance with Data Protection Law, some of Senworks Ltd’s processing activity is carried out on its behalf by third parties, such as IT systems, web developers or cloud storage providers. This is always subject to contractual assurances that personal data will be kept securely and only in accordance with the association’s specific directions.
The law gives you a number of rights to control what personal information is used by us and how it is used by us.
You can ask for access to the information we hold about you
We would normally expect to share what we record about you with you, whenever we provide you with services.
However, you also have the right to ask for all the information we have about you and the services you receive from us. When we receive a request from you in, we must give you access to everything we’ve recorded about you.
However, we can’t let you see any parts of your record which contain:
- Confidential information about other people; or
- Data a professional advisor thinks will cause serious harm to your or someone else’s physical or mental wellbeing; or
- If we think that giving you the information may stop us from preventing or detecting a crime
This applies to personal information that is in both paper and electronic records.
If you ask us for access to your information then we’ll ask you to provide evidence so that we can verify your identity.
If you have any queries about access to your information please contact email@example.com
You can ask to change information you think is inaccurate.
We may not always be able to change or remove that information but we’ll correct factual inaccuracies and may include your comments in the record to show that you disagree with it.
To inform us of any inaccuracies please write to me at firstname.lastname@example.org
You can ask to delete information (the right to be forgotten)
In some circumstances you can ask for your personal information to be deleted, for example:
- Where your personal information is no longer needed for the reason it was collected in the first place
- Where you have removed your consent for us to use your information (where there is no other legal reason for us to use it)
- Where there is no legal reason for the use of your information
- Where deleting the information is a legal requirement
Where your personal information has been shared with others, we’ll do what we can to make sure those using your personal information comply with your request for erasure.
Please note that we can’t delete your information where:
- we’re required to have it by law
- it is used for freedom of expression
- it is for scientific or historical research or statistical purposes where it would make information unusable
- it is necessary for legal claims
You can ask to limit what we use your personal data for
You have the right to ask us to restrict what we use your personal information for where:
- you have identified inaccurate information and have told us of it
- we have no legal reason to use that information but you want us to restrict what we use it for rather than erase the information altogether
When information is restricted it can’t be used other than to store securely the data and with your consent; or, to handle legal claims and protect others, or where it’s for important public interests of the UK.
Where restriction of use has been granted, we’ll inform you before we carry on using your personal information.
You have the right to ask us to stop using your personal information for any service we provide. You also have the right to unsubscribe from any materials we may send you.
Where possible we’ll seek to comply with your request, but we may need to hold or use information because we are required to by law or by contract.
If you wish to contact us with respect to these matters please contact me at email@example.com
You can ask to have your information moved to another provider (data portability)
You have the right to ask for your personal information to be given back to you or another service provider of your choice in a commonly used format. This is called data portability.
However, this only applies if we’re using your personal information with consent (not if we’re required to by law).
Sometimes we have a legal duty to provide personal information to other organisations. This may be because we need to give that data to the courts.
We may also share your personal information when we feel there’s a good reason that’s more important than protecting your privacy. This is very rare, but we may share your information:
- to find and stop crime and fraud
- if there are serious risks to the public, our staff or to other professionals
- to protect a child
- to protect adults who are thought to be at risk, for example if they are frail, confused or cannot understand what is happening to them
For all of these reasons the risk must be serious before we can override your right to privacy.
If we’re worried about your physical safety or feel we need to take action to protect you from being harmed in other ways, we’ll discuss this with you and, if possible, get your permission to tell others about your situation before doing so.
We may still share your information if we believe the risk to others is serious enough to do so.
There may also be rare occasions when the risk to others is so great that we need to share information straight away. If this is the case, we’ll make sure that we record what information we share and our reasons for doing so. We’ll let you know what we’ve done and why if we think it is safe to do so.
How do we protect your information?
We’ll do what we can to make sure we hold records about you (on paper and electronically) in a secure way, and we’ll only make them available to those who have a right to see them. Examples of our security include:
- Encryption, meaning that information is hidden so that it cannot be read without special knowledge (such as a password). This is done with a secret code or what’s called a ‘cypher’. The hidden information is said to then be ‘encrypted’
- Controlling access to systems and networks allows us to stop people who are not allowed to view your personal information from getting access to it
- Security software
How long do we keep personal data?
We will only keep your information for as long as we need it in order to fulfil the purposes for which we have initially collected it, unless otherwise required by law or contractual requirements.
Any 3rdparty materials, including specialist reports (hard copy and electronic) containing personal and special information that have been supplied by a client with permission and reviewed in order to provide a service, leading to a written report are generally deleted on the completion of said service.
Senworks keeps a secure archive of written reports it has authored.
A limited and reasonable amount of information will be kept for archiving purposes, for example; even where you have requested we no longer keep in touch with you, we will need to keep a record of the fact to fulfil your wishes (called a “suppression record”).
Where Senworks is relying on consent as a means to process personal data and ‘special’ data any person may withdraw this consent at any time (subject to similar age considerations as above).
Please be aware however that Senworks may not be relying on consent but have another lawful reason to process the personal data in question even without your consent.
That reason will usually have been asserted under this Privacy Notice or may otherwise exist under some form of contract or agreement with the individual (e.g. an employment contract, or because a purchase of services has been requested).
Where can I get advice?
If you have any worries or questions about how your personal information is handled please contact firstname.lastname@example.org.
For independent advice about data protection, privacy and data sharing issues or if you would like to make a complaint if you think we have done something wrong with the data we hold about you, you can contact the Information Commissioner’s Office (ICO) at:
Information Commissioner’s Office
Cheshire SK9 5AF
Changes to this Privacy Notice
From time to time we may make changes to this privacy statement. Any changes will be posted on this website so you are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If at any time we decide to use personal data in a manner significantly different from that stated in this privacy statement, or otherwise disclosed to you at the time it was collected, we will notify you by email, and you will have a choice as to whether or not we use your information in the new manner.
Our website address is: http://www.senworks.co.uk.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Using Contact forms
Cookies: If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
If you edit an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
If any breach is detected Senworks will take immediate action to inform the ICO and the client.