Deaf Minds Education (“us”, “we”, or “our”) operates the https://www.deafmindseducation.com website (the “service”)
This policy page explains our policies regarding the collection, use, and disclosure of personal data when you use our services and the choices you have associated with that data.
Information Collection And Use
We collect several different types of information for various purposes to provide and improve our Service to you.
Types of Data Collected:
While using our service, we may ask you to provide us with "Personal Data" in order for us to contact or identify you. Personally identifiable information may include, but is not limited to, the following:
- First name and last name
- Email address
- Phone number
- Cookies and Usage Data
We may also collect information how our service is accessed and used, "Usage Data". This type of Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
Tracking & Cookies Data
- Session Cookies - we use Session Cookies to operate our Service
- Preference Cookies - we use Preference Cookies to remember your preferences and various settings
- Security Cookies - we use Security Cookies for security purposes.
Deaf Minds Education: DBS storage policy statement
As an organisation using the Disclosure and Barring Service (DBS) checking service to help assess the suitability of applicants for positions of trust, Deaf Minds Education complies fully with the code of practice regarding the correct handling, use, storage, retention and disposal of certificates and certificate information.
It also complies fully with its obligations under the General Data Protection Regulation (GDPR), Data Protection Act 2018 and other relevant legislation pertaining to the safe handling, use, storage, retention and disposal of certificate information and has a written policy on these matters, which is available to those who wish to see it on request.
Storage and access
All DBS certificate information uploaded will be securely stored on an encrypted database which is password restricted.
In accordance with section 124 of the Police Act 1997, certificate information is only passed to those who are authorised to receive it in the course of their duties. We maintain a record of all those to whom certificates or certificate information has been revealed and it is a criminal offence to pass this information to anyone who is not entitled to receive it.
To note: organisations which are inspected by the Care Quality Commission (CQC) or Ofsted, and those establishments which are inspected by the Care and Social Services Inspectorate for Wales (CSSIW ) may be legally entitled to retain the certificate for the purposes of inspection.
In addition, organisations that require retention of certificates in order to demonstrate ‘safer recruitment’ practice for the purpose of safeguarding audits may be legally entitled to retain the certificate. This practice will need to be compliant with the Data Protection Act, Human Rights Act, General Data Protection Regulation (GDPR), and incorporated within the individual organisation’s policy on the correct handling and safekeeping of DBS certificate information.
Certificate information is only used for the specific purpose for which it was requested and for which the applicant’s full consent has been given.
Once a recruitment (or other relevant) decision has been made, we do not keep certificate information for any longer than is necessary. This retention will allow for the consideration and resolution of any disputes or complaints, or be for the purpose of completing safeguarding audits.
Throughout this time, the usual conditions regarding the safe storage and strictly controlled access will prevail.
Once the retention period has elapsed, we will ensure that any DBS certificate information is immediately destroyed by secure means, for example by shredding, pulping or burning. While awaiting destruction, certificate information will not be kept in any insecure receptacle (e.g. waste bin or confidential waste sack).
We will not keep any photocopy or other image of the certificate or any copy or representation of the contents of a certificate. However, not withstanding the above, we may keep a record of the date of issue of a certificate, the name of the subject, the type of certificate requested, the position for which the certificate was requested, the unique reference number of the certificates and the details of the recruitment decision taken.
Use of Data
Deaf Minds Education uses the collected data for various purposes:
- To provide and maintain the service
- To notify you about changes to our service
- To allow you to interact and participate in features of our service when you choose to do so
- To provide customer care and support
- To provide analysis or valuable information to improve our service
- To monitor the usage of our service
- To detect, prevent and address technical issues that may occur
Transfer Of Data
Disclosure Of Data
Deaf Minds Education may disclose your personal data in the good faith that such an action is necessary in order to:
- Comply with a legal obligation
- Protect and defend the rights or property of Deaf Minds Education
- Prevent or investigate possible wrongdoing in connection with the service
- Protect the personal safety of users of the service or the public
- Protect against legal liability
Security Of Data
The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage will ever be 100% secure. Whilst we strive to use commercially acceptable means in order for us to protect your personal data, we cannot guarantee its absolute security.
We may employ third party companies and individuals to facilitate our service, these are known as "Service Providers". They may provide the service on our behalf, perform service-related services, or assist us in analysing how our service is used These third parties have access to your personal data only to perform these tasks on our behalf, and have an obligation not to disclose or use it for any other purpose.
We may use third-party service providers to help us monitor and analyse the use of our service, for example:
Links To Other Sites
Children have the same rights as adults over their personal data. These include the rights to access their personal data; request rectification; object to processing and have their personal data erased. In accordance with the ICO and GDPR, any personal information we collect from children age 13 and over will be done with their explicit consent. For those younger than 13, Deaf Minds Education will obtain consent from a parent or legal guardian prior to data collection.
Children's Privacy notices (for children 13 and over):
- Our privacy information is clear, and presented in plain, age-appropriate language
- We use child friendly ways of presenting privacy information, such as: diagrams, cartoons, graphics and videos, dashboards, layered and just-in-time notices, icons and symbols
- We explain to children why we require the personal data we have asked for, and what we will do with it, in a way which they can understand
- As a matter of good practice, we explain the risks inherent in the processing, and how we intend to safeguard against them, in a child friendly way, so that children (and their parents) understand the implications of sharing their personal data
- We tell children what rights they have over their personal data in language they can understand
Children's Data Protections Rights:
- We design the processes by which a child can exercise their data protection rights with the child in mind, ensuring they are easy for children to access and understand
- We allow competent children to exercise their own data protection rights
- If our original processing was based on consent provided when the individual was a child, then we comply with requests for erasure whenever we can
- We design our processes so that, as far as possible, it is as easy for a child to get their personal data erased as it was for them to provide it in the first place
We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us. If we become aware that we have collected personal data from children without verification of consent, we will take steps to remove that information from our servers.