Challenge EDI Privacy Policy
1. Introduction
"Challenge EDI" (Challenge Training and Consultancy Ltd trading as Challenge EDI) understands that you are aware of and care about your own personal privacy interests, and we take that seriously. This Privacy Statement describes Challenge EDI’s practices regarding its collection and use of personal data, and sets out your privacy rights. We recognise that information privacy is an ongoing responsibility and so we will from time to time update this Privacy Statement as we undertake new personal data practices or any policy which could impact on privacy.
This policy sets out how Challenge EDI uses and protects any information that you give us when you use this website or our services.
Should we ask you to provide certain information by which you can be identified when using this website, you can be assured that it will only be used in accordance with this privacy statement.
Challenge EDI may change this policy from time to time by updating this page. We invite you to check this page from time to time to ensure that you are happy with any changes. This policy is effective from 25th May 2018.
2. Controlling your personal information
We will not sell, distribute or lease your personal information to third parties unless we are required by law to do so. You may request details of personal information which we hold about you under the General Data Protection Regulation 2018. You may request that we delete data that we hold on you under the General Data Protection Regulation 2018 to find out how please go to the Information Commission Office.
What we collect: Client Contact
We may collect the following information:
- Name and job title
- Contact information including work related telephone numbers and email addresses
- Demographic information such as work addresses including post codes
- Preferences and any needs or concerns which impact on the delivery of our training or consultancy work
- Evaluation information and attendance registers are collected as per our contracts with clients and made into evaluation reports. Information on evaluation reports is anonymised. The space for names on evaluation reports is optional
- Evaluation reports are returned to a named client contact only
- Attendance registers are returned to clients. Where attendance registers are retained, for practical purposes, or at the client’s request, no personal information is collected or used by Challenge EDI
- From time to time Challenge EDI will collect information, as part of its work, at the request of its clients e.g. Staff Surveys, Pledge Cards. This information may be retained either electronically or as hard copy. Challenge EDI does not use any information gained this way except in agreed terms with its clients.
- Information collected at training sessions (flip charts) may be retained electronically. All such information is either anonymous or anonymised
- All information collected in the course of proposing, planning and rolling out training is kept in client files (see information below)
- Challenge EDI’s website browsing patterns (see below)
What we collect: Website
How we use cookies
The only time Challenge EDI collects cookies is when we offer the choice to accept or decline cookies. This may change in future and when it does this privacy policy will be updated to reflect any changes.
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This will affect your browsing experience and you will not see the full content of the website.
We do not profile visitors to our web sites. We do not use tracking methods in order to identify visitors. We do not collect personal information of the visitors of the web site in a way that is prohibited by the General Data Protection Regulation (GDPR).
3. Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
4. What we do with the information we gather
We require the information we collect to be able to stay in appropriate contact with clients; we also need to be able to understand client and participant needs and wants in order to improve our services.
In relation to our website it is to understand client preferences. In summary, we collect data for the following reasons:
- Internal record keeping
- We may use the information to improve our products and services
- We may periodically send promotional emails about new training products, special offers or other information which we believe clients may find interesting using the email address which has been provided
- Any client related emails we send are directed at specific contacts in client organisations who have worked with Challenge or made enquiries, we will not send emails to participants who have attended our courses unless individuals contact us directly or we have express permission from the relevant contact in the client organisation, for example, for a staff survey.
Security
We are committed to ensuring that your information is secure. To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
Challenge EDI is a data controller for all the data we hold. Nearly all our data is held on external third party run providers (Dropbox, SurveyMonkey, SmartSurvey, Office 365) who act as data processors. Challenge has a limited role as a data processor. All of our third party run systems are global, therefore your data could be exported outside the EU, however all the services we use are compliant with GDPR regulations, and all are part of the USA:EU safe harbour agreement.
5. Data Protection Officer
Challenge EDI is based in London, United Kingdom. Challenge Consultancy has appointed an internal data protection officer for you to contact if you have any questions or concerns about Challenge Consultancy’s personal data policies or practices.
Challenge Consultancy’s data protection officer contact information is as follows:
Data Protection Officer:
Femi Otitoju
Challenge Training and Consulting Limited
51 Dean Court Road
Brighton BN2 7DL
Tel: +44 203 337 3370
6. How do we deal with information from individuals under the age of 18?
Challenge EDI does not seek to collect personal data from individuals under the age of 18.
7. Changes and updates to the Privacy Statement
This Privacy Statement and Conditions of Use are expected to change over time. We reserve the right to amend the Privacy Statement and Conditions of Use at any time, for any reason, without notice to you, other than the posting of the amended Privacy Statement and Conditions of Use at this Site. You should check our Site frequently to see the current Privacy Statement and Conditions of Use that are in effect and any changes that may have been made to it.
8. Key terms
‘Personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
‘Processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
‘Consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
‘Profiling’ means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements;
Personal data is:
(a) processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’);
(b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; (‘purpose limitation’);
(c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);
(d) accurate and, where necessary, kept up to date; (‘accuracy’);
Challenge EDI also outlines reasonable precautions which are taken to keep your data secure.
This Statement applies to any information obtained by Challenge EDI through your use of the Challenge EDI Website. It is not applicable to any Internet websites controlled by third parties not affiliated with Challenge EDI that the Challenge EDI Website may link to (“Third Party Sites”). Please review the privacy statements of Third Party Sites as Challenge Consultancy is not responsible for the content or the privacy practices of Third Party Sites.
The terms of this Statement are subject to any additional terms of disclaimers or other contractual terms you have entered into with Challenge EDI such as client privacy statements or notices, and any applicable mandatory laws and regulations.
When you visit the Challenge EDI Website, our web hosting company may record details about your visit (for example, your IP address, the web site from which you visit us, the type of browser software used, the Challenge EDI Website pages that you actually visit including the date and the duration of your visit). We do not use this information to identify or profile persons.
We may disclose your information to governmental agencies or entities, regulatory authorities, or other persons in line with any applicable law, regulations, court order or official request, or under any and for the purposes of any guidelines issued by regulatory or other authorities, or similar processes as either required or permitted by applicable law.
Challenge EDI has implemented reasonable technical and organisational security measures to protect your personal data against unauthorised access, misuse, loss or destruction.
All electronic messages sent to and from Challenge EDI are automatically stored. They are protected by reasonable technical and organisational measures and may only be accessed in justified cases in line with applicable laws and regulations (e.g. court order, suspicion of criminal conduct, violation of regulatory obligations, material breach of employment contract) to specific persons in defined functions (e.g. Legal, Compliance, Risk). All emails are disposed of after the applicable retention period has expired.
EU citizens have the right to require increased responsibility and accountability for those processing personal data, we can therefore be contacted at the email address: info@challengeEDI.com
If you use any of the email addresses on this site, we will process and store data in compliance the EU General Data Protection Regulation (GDPR).
You may request that we delete data that we hold on you under the General Data Protection Regulation 2018 to find out how please go to the Information Commission Office.
Challenge Training and Consulting Limited
51 Dean Court Road
Brighton BN2 7DL
Tel: +44 203 337 3370
Registered in England number 16021150
All rights reserved © Challenge Training and Consulting Ltd 2024