Haringey Education Partnership (HEP) & Opening Worlds Privacy Notice
This privacy notice explains what to expect when Opening Worlds/HEP collects your personal information.
In this notice, “the Legislation” means (i) unless and until the GDPR is no longer directly applicable in the UK, the General Data Protection Regulation ((EU) 2016/679) and any national implementing laws, regulations, and secondary legislation, as amended or updated from time to time, in the UK and then (ii) any successor legislation to the GDPR or the Data Protection Act 1998.
In this notice Opening Worlds/HEP is the Data Controller as defined by the Legislation. This means that we are responsible for deciding how we hold and use personal information about you. We are required under the Legislation to notify you of the information contained in this privacy notice. We may change this statement from time to time to reflect privacy or security updates. We encourage you to periodically review this page for the latest information.
We hold personal information securely at all times and any personal information provided to us will only be used for the purposes of carrying out our services. All the personal information that we hold about you is protected under the Data Protection Act 2018.
We are committed to protecting your privacy when you use our services. We have commissioned Haringey Council as our Data Protection Officer who makes sure we respect your rights and are compliant with the Legislation. If you have any concerns or questions about how we look after your personal information or wish to exercise your Data Protection rights please contact Haringey’s Data Protection Officer.
Data Protection Act 2018
The Data Protection Act is the legal framework that ensures your personal information is used fairly and lawfully.
By law, all organisations that hold information about you must follow the six principles set out in the Act. These principles make sure your rights are protected and state that all information must:
Further information about the Data Protection Act can be found at the Information Commissioner’s website.
Your data protection rights
[For more detailed information about the personal information that we hold and how we use it, please see our Record of Processing Activities.]
We may have to share your data with third parties, including third-party service providers and other organisations. We will only share your information where it is necessary to deliver our services; unless the law requires us to share the information. We will never share your information with third parties for commercial or marketing purposes.
In particular, we may share your data with organisations including, but not limited to, the following:
We require third parties to respect the security of your data and to treat it in accordance with the law. Some of the organisations referred to above are joint data controllers. This means we are all responsible to you for how we process your data?
Why might we share your personal information with third parties?
We will share your personal information with third parties where required by law, where it is necessary to administer the working relationship with you, where it is needed in the public interest or for official purposes, or where we have your consent.
Which third-party service providers process your personal information?
“Third parties” includes third-party service providers (including contractors and designated agents). [The following activities are carried out by third-party service providers: [payroll, pension administration, benefits provision and administration, IT services]
All our third-party service providers are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
From time to time, we may disclose your personal data in response to a request for information pursuant to the Freedom of Information Act 2000 or following a data subject access request. We may approach you for your consent but, in any event, we will only disclose your personal data if we are satisfied that it is reasonable to do so in all the circumstances. This means that we may refuse to disclose some or all of your personal data following receipt of such a request.
Cookies are small anonymous text files that are placed on your computer by websites that you visit. To find out more about cookies, including how to see what cookies have been set out and how to manage and delete them, visit the Information Commissioner’s Office website.
HEP is committed to only using cookies that are either essential (i.e. they are required to make something work) or that help us to make your experience of using the website better.
The right to complain
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues, about the way in which we process (or have processed) your personal data. The ICO can be contacted at:
Information Commissioner’s Office
Tel: 0303 123 1113