Data Protection Policy

London It Training > Data Protection Policy

1.  Purpose and Commitment

This Data Protection Policy outlines the commitment of London IT Training Ltd to safeguarding the privacy and confidentiality of all personal data processed by the company. We are committed to collecting, storing, using, and protecting personal data in compliance with the General Data Protection Regulation (GDPR) and other relevant data protection legislation. London IT Training Ltd acknowledges the importance of data privacy and strives to ensure that all personal data is managed with the highest level of security, integrity, and care.

2.  Scope

This policy applies to all employees, contractors, and third parties who have access to personal data within London IT Training Ltd. It covers all personal data processed by the company, including data relating to employees, clients, contractors, suppliers, and any other individuals whose personal data is handled by the organisation.

3.  Policy Statement

London IT Training Ltd is committed to:

  • Ensuring personal data is processed in a lawful, fair, and transparent
  • Collecting personal data only for specified, legitimate, and necessary
  • Limiting the collection of personal data to what is necessary for the intended
  • Keeping personal data accurate and up to date and ensuring it is securely
  • Retaining personal data only as long as necessary to fulfil the intended
  • Respecting individuals’ rights regarding their personal data, including the right to access, rectify, and request deletion of their data.
  • Implementing technical and organizational measures to ensure the security of personal data and prevent unauthorized access, disclosure, alteration, or destruction.

4.  Responsibilities

  • Data Protection Officer (DPO)

London IT Training Ltd has appointed a Data Protection Officer (DPO) responsible for overseeing data protection activities, ensuring compliance with the GDPR, and acting as a point of contact for data protection-related concerns. The DPO’s responsibilities include:

  • Monitoring data protection practices and ensuring adherence to legal
  • Providing guidance and training on data protection matters to

 

  • Addressing data protection queries from employees, clients, contractors, and other
  • Reporting to senior management on data protection issues, breaches, and

4.2  Employee Responsibilities

All employees, contractors, and third parties working with London IT Training Ltd must:

  • Adhere to the principles and procedures outlined in this
  • Ensure that personal data is collected, processed, and stored
  • Report any data protection concerns or potential breaches to the DPO or
  • Participate in data protection training and awareness
  • Ensure personal data handled is kept confidential and

5.  Data Protection Principles

London IT Training Ltd ensures personal data is processed in accordance with the following core principles of data protection:

  • Lawfulness, fairness, and transparency: Personal data will be processed lawfully, fairly, and transparently in relation to data subjects.
  • Purpose limitation: Data will be collected for specified, legitimate purposes and not processed further in a way incompatible with those purposes.
  • Data minimization: Only the personal data necessary for the intended purposes will be collected.
  • Accuracy: Personal data will be accurate and kept up to date where
  • Storage limitation: Data will be retained only for as long as necessary to fulfil the purposes for which it was collected.
  • Integrity and confidentiality: Personal data will be processed securely to protect against unauthorised access, accidental loss, or destruction.

6.  Data Collection and Use

London IT Training Ltd collects personal data for legitimate business purposes, including:

  • Communicating with clients, contractors, and suppliers for business
  • Marketing and advertising services to clients and
  • Managing business relationships and ensuring effective delivery of
  • Complying with legal and regulatory

 

  • Managing human resources, including recruitment, payroll, and employee

The types of personal data London IT Training Ltd may collect include:

  • Name, contact details, and identification
  • Employment history, qualifications, and professional
  • Financial information for payroll
  • Data related to business relationships, transactions, and

7.  Data Retention

London IT Training Ltd will retain personal data only for as long as necessary to fulfil the purposes for which it was collected or as required by law. After the retention period, personal data will be securely deleted or anonymized. Retention periods include:

  • Employee data: Retained for the duration of employment and for a period after termination to comply with legal and tax obligations.
  • Participant data: Retained for a period after a training session unless the participant requests deletion or withdraws consent.
  • Client data: Retained for the duration of the business relationship and in accordance with business or legal obligations.

8.  Security of Personal Data

London IT Training Ltd takes technical and organisational measures to ensure the security of personal data, including:

  • Secure storage systems, encryption, and strict access controls to protect data from unauthorised access.
  • Regular employee training on securely handling personal
  • Regular monitoring and audits of data processing activities to identify and mitigate
  • Prompt detection, reporting, and response procedures for any data

9.  Data Subject Rights

Under the GDPR, individuals whose personal data is processed by London IT Training Ltd

have the following rights:

  • Right to access: Individuals can request access to the personal data London IT Training Ltd holds about them.
  • Right to rectification: Individuals can request correction of inaccurate or incomplete

 

  • Right to erasure (right to be forgotten): Individuals can request the deletion of their personal data under specific circumstances.
  • Right to restriction of processing: Individuals can request restrictions on how their data is processed.
  • Right to data portability: Individuals can request to transfer their data to another organisation in a structured, machine-readable format.
  • Right to object: Individuals can object to the processing of their personal data, including for direct marketing purposes.

To exercise these rights, individuals should contact the DPO.

10.  Data Protection Breaches

In the event of a data protection breach, London IT Training Ltd will take the following steps:

  • Immediately notify the DPO, who will assess the breach and determine its
  • If necessary, report the breach to the relevant supervisory authority within 72
  • Notify affected individuals if the breach presents a high risk to their rights and
  • Investigate the cause of the breach, implement corrective actions, and ensure that similar incidents are prevented in the future.

11.  Policy Review and Updates

This Data Protection Policy will be reviewed annually to ensure compliance with the GDPR and other relevant data protection laws. Any updates to the policy will be communicated to employees, contractors, and partners, and additional training will be provided as necessary.

Scroll Up