Phoenixetc

Events, Training and Conferences.

Privacy Policy

Introduction

How we collect your information

How we use your information

The lawful basis for processing your information

Sharing information with others

Data Transfers outside of the EEA/EU and data portability

How long we keep your information for

Security of your personal information

Your rights

Complaints or queries

Subject Access Request Process

How to contact us

Changes to this privacy notice 

Introduction

This privacy notice tells you what to expect when the Fire Service College (trading as PhoenixETC and part of Capita Group plc) collects personal information.

This privacy notice is a public declaration of how PhoenixETC applies the Data Protection Principles & Rights afforded to individuals by the GDPR, to the personal data that we process.

PhoenixETC is committed to complying with the six principles relating to the processing of personal data under the GDPR in all that we do. These principles are:

  • Lawfulness, fairness & transparency
  • Purpose limitation
  • Data minimisation
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality.

How we collect your information

We may collect your personal data in a number of ways, for example:

  • From your organisation/employer who will book accommodation or events on your behalf (as a delegate)
  • When you make either an event, accommodation or meeting booking with us (as a visitor or delegate)
  • When you book a service with us through our travel and accommodation booking agents (as a leisure stay guests)
  • When you communicate with us by telephone, email or via our website, for example to make enquiries or raise concerns
  • In various other ways as you interact with us during your time as a delegate or visitor at PhoenixETC for the various purposes set out below;

 

The types of information we collect

We may collect the following types of personal data about you:

  • Your name, and contact information such as address, organisation, email address and telephone number, as well as your date of birth and payment card details
  • Information relating to the events you have or intended to attend
  • Sensitive personal data and information including:
    • Information concerning your medical conditions or Mobility Impairment (e.g. disability)
    • Dietary Requirements

For any services relating to the Fire Service College all information gathered will be collected in accordance with the College’s privacy notice, which can be found here www.fireservicecollege.ac.uk/privacy-notice/

How we use your information

Visitors to our websites

When someone visits www.phoenxietc.co.uk we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.

 

Use of Cookies by PhoenixETC

You can read more about how we use cookies on our Cookies page: www.phoenixetc.co.uk/cookies

 

Email Marketing

We use a third-party provider, Mailchimp, to deliver our e-mail marketing. We gather statistics around email opening and clicks using industry standard technologies including clear gifs to help us monitor and improve our marketing. For more information, please see the Mailchimp privacy notice.

 

Links to external websites

The PhoenixETC website contains links to other websites. Please note that these links are intended for your convenience only.

Links to third party websites do not constitute endorsement, sponsorship or approval by PhoenixETC of the content, policies or practices of those third-party websites.

This privacy notice does not cover the links within this site linking to other websites, if you have any concerns regarding your privacy when visiting a linked third party, you should ensure that you check the privacy statement/policies of those websites.

 

Leisure Stay Guests:

  • Fulfilling your bookings and/or to provide services or facilities you request from us
  • Where you have made a reservation with us, to send you information before your visit to confirm the reservation
  • Matters in support of our core services, including:
    • Ensuring visitors safety and security
    • Managing car parking on site
  • Administering finance (e.g. invoicing, purchase orders, payments)
  • Other administrative purposes, including:
    • Carrying out audits (e.g. to ensure compliance with our regulatory and legal obligations)
    • Providing operational information (e.g. providing IT support, information about building closures or access restrictions on site or safety advice)
    • Promoting our services (e.g. providing information about leisure centre or other events happening on and off site)
    • Preventing and detecting crime
    • Recording any near miss and actual accidents/injuries to comply with Health and Safety legal obligations
    • Dealing with complaints and enquiries
  • Providing access to our onsite Sports Centre. The privacy notice for the Sports Centre can be found here: www.moretonsportscentre.co.uk/privacy-policy

 

Visitors/Delegates for Meetings and Events:

  • Fulfilling your bookings and/or to provide services or facilities you request from us
  • Where you have made a reservation with us, to send you information before your visit to confirm the reservation
  • Matters in support of our core services, including:
    • Event management and attendance
    • Safeguarding and promoting the welfare of delegates
    • Ensuring delegates safety and security
    • Managing delegate accommodation
    • Arranging delegate transportation prior, during and/or after the event;
    • Managing the use of social media
    • Managing car parking on site
  • Providing library, IT and information services
  • Administering finance (e.g. invoicing, purchase orders, payments)
  • Other administrative purposes, including:
    • Carrying out research and statistical analysis
    • Carrying out audits (e.g. to ensure compliance with our regulatory and legal obligations)
    • Providing operational information (e.g. providing IT support, information about building closures or access restrictions on site or safety advice)
    • Promoting our services (e.g. providing information about leisure centre or other events happening on and off site)
    • Preventing and detecting crime
    • Recording any near miss and actual accidents/injuries to comply with Health and Safety legal obligations
    • Dealing with complaints and enquiries.

 

PhoenixETC offers various services to the public. We have to hold the details of the people who have requested the service in order to provide it. However, we only use these details to provide the service the person has requested and for other closely related purposes. For example, we might use information about people who have requested a publication to carry out a survey to find out if they are happy with the level of service they received. When people do subscribe to our services, they can cancel their subscription at any time and are given an easy way of doing this.

The lawful basis for processing your information

We may process your personal data due to a legitimate business interest with your organisation/employer or with you, or in order to meet our contractual obligations. In this respect, we use your personal data for the following:

  • To interact with you before you are enrolled as a delegate, as part of the delegate enrolment process (e.g. to send you a brochure or answer enquiries about our services)
  • Once you have booked, to provide you with information on our site and how to find us
  • To deal with any concerns or feedback you may have
  • For any other purpose for which you provide us with your personal data.

We may also process your personal data because it is necessary for the performance of our tasks carried out in the public interest or because it is necessary for our or a third party's legitimate interests. In this respect, we may use your personal data for the following:

  • To monitor and evaluate the performance and effectiveness of PhoenixETC, including by training our staff or monitoring their performance
  • To maintain and improve the educational, corporate, financial, estate and human resource management of PhoenixETC
  • To promote equality and diversity at PhoenixETC
  • To seek advice on our rights and obligations, such as where we require our own legal advice
  • Recovering monies you owe to us
  • For fundraising purposes.

We may also process your personal data for compliance with our legal obligations. In this respect, we may use your personal data for the following:

  • To meet our compliance and regulatory obligations, such as compliance with anti-money laundering laws and safeguarding requirements
  • For the prevention and detection of crime
  • Reporting accidents and incidents for the Health & Safety Executive (HSE)
  • In order to assist with investigations (including criminal investigations) carried out by the police and other competent authorities.

We may also process your personal data where:

  • It is necessary for medical purposes (e.g. medical diagnosis, provision of health or social care or treatment, or a contract with a health professional)
  • It is necessary to protect your or another person’s vital interests, or
  • We have your specific or, where necessary, explicit consent to do so.

Sharing information with others

For the purposes referred to in this privacy notice and relying on the bases for processing as set out above, we may share your personal data with certain third parties. Unless an opt-out is in place, we may disclose limited personal data to a variety of recipients including:

  • Our employees and agents where there is a legitimate reason for them receiving the information, including:
    • Catering company in relation to dietary requirements
    • Online travel agents in relation to accommodation bookings
    • Travel firms in relation to transport to and from our venue
  • Those with an interest in tracking delegates progress and attendance, including:
    • Current or potential employers
  • Crime prevention or detection agencies (e.g. the police, the Department for Work and Pensions and Trading Standards)

Capita Sharing

We may share limited information with other Capita Businesses for legitimate purposes as part of our necessary obligations for internal reporting, processing of invoices and payments and to update existing customers of service and product updates or opportunities available within Capita plc Group.

Data Transfers outside of the EEA/EU and data portability

Information that we collect may be stored, processed and transferred between any of the countries in which we operate in or supply from in order to enable us to use the information in accordance with this privacy statement.

International transfers outside of the EU, e.g. Capita India and the US will be managed under Privacy Shield agreed terms or via other adequate security assessments and data protection controls (including EU model clauses) to enable us to carry out our service obligations to our clients, suppliers and business partners.

How long we keep your information for

Subject to any other notices that we may provide to you at the time of collecting your data, we may retain your personal data for a period of seven years after your association with us has come to an end or in accordance with our Data Retention periods. Where data is captured under a consent basis it will confirm the period specified at time of capture.

PhoenixETC only keeps data for as long as is necessary. Once the data has reached the end of its retention period the data is deleted. For further details on the Data Retention, please contact us using the details at the end of this document.

Security of your personal information

PhoenixETC takes information security extremely seriously. Significant investment has been made in all our systems to create the most secure environment possible.

We continue to take all reasonable technical and organisational precautions to prevent the loss, misuse, or alteration of your personal information.

We will store all the personal information you provide on our secure (password and firewall protected) servers. All electronic transactions you make to or receive from us will be encrypted. We use Transport Layer Security (TLS) to encrypt and protect email traffic in line with government. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit. We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.

Of course, data transmission over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.

Your rights

The PhoenixETC recognises the further rights of data subjects under the GDPR which include;

  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • More information on Direct Marketing
  • The right to withdraw consent
  • The right to complain to the Supervisory Authority
  • Rights related to automated decision making and profiling

You can read more about these rights here – https://ico.org.uk/for-the-public/is-my-information-being-handled-correctly/  

Complaints or queries

PhoenixETC tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures.

This privacy notice was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of PhoenixETC’s collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address below.

How to make a complaint to us

If you want to make a complaint or query about the way we have processed your personal information, please contact the Compliance Officer using the details found at the bottom of this document.

Alternatively, if you are unhappy with our response, you have the right to complain to the Supervisory Authority, the details of which are below:        

Supervisory Authority: Information Commissioner’s Office (ICO)

Website: https://ico.org.uk/concerns    

Email: casework@ico.org.uk

Telephone: 03031231113

Subject Access Request Process

You may instruct us to provide you with any personal information we hold about you. Provision of such information will be subject to:

  • The supply of appropriate evidence of your identity (for this purpose, we will usually accept a photocopy of your passport certified by a solicitor or bank plus an original copy of a utility bill showing your current address).
  • The description of the exact information you are seeking.

PhoenixETC will work collaboratively with our clients to ensure that we fulfil all obligations under the Data Protection Act and GDPR regarding subject access requests. We may withhold such personal information to the extent permitted by law.

How to contact us

If you want to request information about our privacy policy, if you have a complaint or wish to execute a right, you can contact us by:

Writing to:

The Compliance Officer

PhoenixETC @ The Fire Service College

London Road

Moreton in Marsh

Gloucestershire

GL56 0RH

 

Or by email to: ComplianceOfficer@fireservicecollege.ac.uk

Or by phoning Reception on: 01608 650831 and asking for PhoenixETC Compliance Officer.

PhoenixETC at The Fire Service College Limited is a registered data processor under the Information Commissions Office – Reg.no. Z3584953

Changes to this privacy notice

We keep our privacy notice under regular review. This privacy notice was last updated on 4 April 2019.