General Data Protection Regulation (GDPR)
The scope of the General Data Protection Regulation (GDPR) covers all data subjects whose personal data is collected in line with the requirements of the GDPR.
Who we are?
Infrasafe UK Limited, as a Data Controller collects and processes personal data relating to its employees to manage the employment relationship. The organisation is committed to being transparent about how it collects and uses that data and to meeting its data protection obligations.
What information do we collect from you?
Infrasafe collects and processes a range of information about you. This includes:
- your name, address and contact details, including email address and telephone number, date of birth, age and gender;
- details of your qualifications
- your national insurance number;
- your marital status;
- information about medical or health conditions, including whether or not you have a disability for which the organisation needs to make reasonable adjustments;
- equal opportunities monitoring information including information about your ethnic origin, sexual orientation and religion or belief;
- results of Drug and Alcohol and Medical tests;
We will only collect the information needed to process the type of training you wish to engage in. The information that we need to take may slightly differ from course. Typical data collection points include, but are not limited to, contact detail forms, equality and diversity forms and safety critical booking forms. We ask companies for an email address to process all booking administration and for e-learning events.
Why do we collect this information?
We want you to achieve and place high expectations on all our learners. Therefore, we are expected and required to collect certain information that allows us to get to know you better. This also ensures that you are on the correct course based on your needs.
We are also required to monitor your progress and report back to regulating authorities.
Who might we share your information with?
We will only share your information with organisations who require to know what course you are taking and regulate the training industry i.e. your primary sponsor/ employer and Sentinel. We will not pass your data onto third party organisations for marketing purposes or any other purpose – other than that what is needed to update regulatory bodies such as Sentinel.
What do we do with your information?
Examples of what we do with your information but not restricted to; complete pre-course eligibility checks, create individual learning plans, contact you for quality assurance monitoring purposes, monitor your course progress, register you with the appropriate awarding body, update rail competence regulators such as Sentinel.
We do not contact learners for marketing reasons. We may contact companies by email with promotions, special offers and associated products and services they may be interested in. Companies can unsubscribe at any time and they can opt in and opt out on our website.
How long do we keep hold of your information?
We will only keep your information for as long as we have to which has been mandated by regulatory bodies. We will keep;
- Safety critical course information for seven years after you have completed as mandated by the Rail Training Accreditation Scheme Rules (RTAS).
In other cases, we will store personal information for the periods needed for the purposes for which the information was collected or for which it is to be further processed.
How can I access the information you hold about me?
We want to make sure that any personal information we hold about you is up to date. So, if you think your personal information is inaccurate, you can ask us to correct or remove it at no charge to you by contacting 0191 499 0024 or email@example.com.
When contacting please clearly identify yourself and the information you require, and we may ask you to provide identification to ensure we do not disclose your information to the wrong person.