- Policy prepared by: Roy Boneham, Proprietor, New Alchemy Training and Consultancy Organisation, hereafter called New Alchemy
- Next review date: 01/05/2022
In order to operate, New Alchemy needs to gather, store and use certain forms of data about individuals and businesses.
These can include individuals, customers, suppliers, government officials and other people New Alchemy has a relationship with or regularly needs to contact.
This policy explains how this data should be collected, stored and used in order to meet New Alchemy’s data protection standards and comply with the law.
Why is this policy important?
This policy ensures that New Alchemy:
- Protects the rights of individuals, customers, suppliers, government officials and other people New Alchemy has a relationship with or regularly needs to contact.
- Complies with data protection law and follows good practice
Roles and responsibilities
Who and what does this policy apply to?
- This policy shall be adhered to by the proprietor of New Alchemy for the protection of data held concerning individuals, customers, suppliers, government officials and other people New Alchemy has a relationship with or regularly needs to contact.
It applies to all data that New Alchemy holds relating to individuals, including:
- Email addresses
- Postal addresses
- Phone numbers
- Any other personal information held (e.g. financial) in order to make payments to suppliers
Roles and responsibilities
The Principal Consultant, the sole trader in New Alchemy, who has access to data as part of New Alchemy has a responsibility to ensure that he adheres to this policy.
The Data Controller for New Alchemy is the principal consultant, Roy Boneham. He is responsible for why data is collected and how it will be used. Any questions relating to the collection or use of data should be directed to the Data Controller.
Data Protection principles
1. We fairly and lawfully process personal data
New Alchemy will only process data for fair and lawful purposes.
2. We only collect and use personal data for specified and lawful purposes.
When collecting data, New Alchemy will always explain to the subject why the data is required and for what it will be used.
We will never use data for any purpose other than that stated or that can be considered reasonably to be related to it. For example, we will never pass on personal data to 3rd parties without the explicit consent of the subject.
3. We ensure any data collected is relevant and not excessive
New Alchemy will not collect or store more data that the minimum information required for its intended purpose.
4. We ensure data is accurate and up-to-date
New Alchemy will ensure data collected is accurate and up-to-date.
Any individual can update their data at any point by contacting the Data Controller.
5. We ensure data is not kept longer than necessary
New Alchemy will keep data on individuals for no longer than 24 months after our involvement with the individual has stopped, unless there is a legal requirement to keep records.
6. We process data in accordance with individuals' rights
The following requests can be made in writing to the Data Controller:
- Persons for whom New Alchemy hold data can request to see any data stored about them. Any such request will be actioned within 28 days of the request being made.
- Persons for whom New Alchemy hold data can request that any inaccurate data held on them is updated. Any such request will be actioned within 28 days of the request being made.
- Persons for whom New Alchemy hold data can request to stop receiving any marketing communications. Any such request will be actioned within 28 days of the request being made.
- Persons for whom New Alchemy hold data can object to any storage or use of their data that might cause them substantial distress or damage. Any such objection will be considered by the New Alchemy Data Controller and a decision communicated within 28 days of the request being made.
7. We keep personal data secure
New Alchemy will ensure that data held by us is kept secure.
- Electronically-held data will be held within a password-protected and secure environment
- Physically-held data will be stored on locked premises
8. Transfer to countries outside the EEA
New Alchemy will not transfer data to countries outside the European Economic Area (EEA).
New Alchemy will collect data from individuals and businesses for marketing purposes. This includes contacting them to promote training courses, updating them with relevant information concerning regulatory changes and in order to answer queries put to New Alchemy.
Any time data is collected for this purpose, we will provide on request:
Data collected will only ever be used in the way described and for which consent has been given. A recipient can withdraw their consent. Opt-out requests such as this will be processed within 28 days.
- A clear and specific explanation of what the data will be used
- A method for users to show their active consent to receive these communications (e.g. a 'tick box')
Cookies on the New Alchemy website