Systems-Centered®[1] Training UK (SCTUK)
Privacy Notice

Privacy Policy Notice

The policy

This privacy policy notice is served by Systems-Centered Training UK. SCT® (SCTUK) Harben House, Harben Parade, Finchley Road, London NW3 6LH, under the website; sctuk.org The purpose of this policy is to explain how we control, process, handle and protect your personal information when using our website or engaging with our services. We are fully committed to protecting your privacy and we comply with the Data Protection laws applicable to the UK. The Company is registered as a data controller by the Information Commissioner’s Office (ICO), under the registration number:  ZA518494.

If you do not agree to the following policy, you may wish to cease viewing / using this website, and or refrain from submitting your personal data to us.

SCTUK

SCTUK is a specialist organisation providing education and training in Systems-Centered theory, methods and techniques, making these accessible to a wide range of people, organisations and communities. Through this we aim to build inclusive, resilient and creative systems that can resolve conflicts and use differences as resources for growth and development.

Key policy definitions:

  • “I”, “our”, “us”, or “we” refer to the business [Business name & other trading names]
  • “you”, “the user” refer to the person(s) using this website
  • GDPR means General Data Protection Regulation
  • PECR means Privacy & Electronic Communications Regulation
  • ICO means Information Commissioner’s Office
  • Cookies mean small files stored on a user’s computer or device.

Key principles of GDPR:

Our privacy policy embodies the following key principles; (a) Lawfulness, fairness and transparency, (b) Purpose limitation, (c) Data minimisation, (d) Accuracy, (e) Storage limitation, (f) Integrity and confidence, (g) Accountability.

Your personal data – what is it?

Personal data relates to an individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the Data Controller’s possession or likely to come into such possession. The processing of personal data is governed by the GDPR.

What type of information do we hold?

How we use your information

This privacy notice tells you what to expect when Systems-Centered Training UK (SCTUK) collects personal information. It applies to information we collect about:

  • visitors to our website
  • people who contact us by telephone, email or letter
  • people who use our services, e.g. who attend our courses or subscribe to our information list including financial payment records
  • our current and former staff and sub-contractors.

We treat personal information that you provide to us, or that we obtain from you, in accordance with the provisions of the Data Protection Act 2018. Under this Act, we have a legal duty to protect any information we collect from you.

Your personal information is used only for the purposes of communicating with you in relation to our services, for assessment and analysis to enable us to review, develop and improve the services we offer, and for any other purposes to which you have given your consent.

How we obtain information and why we have it

To enable us to carry out our business in a viable and professional manner, we might collect a limited amount of personal data from you in a number of well-established ways.

Visitors to our website

When someone visits sctuk.org we collect standard internet log on information and details of how visitors interact with the site in order to improve the site and how it is used. We can find out things such as the number of visitors to the various parts of the site. We collect this information in a way which does not identify anyone. We do not attempt to find out the identities of those visiting our website. We will not associate any data gathered from this site with any personally identifying information from any source. If we do want to collect personally identifiable information through our website, we will tell you about this. We will make it clear when we collect personal information and will explain what we intend to do with it.

Use of cookies by SCTUK

Cookie Policy

Cookies are small data files that your browser places on your computer or device. A cookie itself does not contain or collect information.
We use IP addresses and ‘Cookies’ anonymously (i.e. in a way that does not personally identify users of the website) in order to analyse site traffic and trends, to gather broad technical and geographical information that may help us improve the structure and quality of content on our site, and to help us better serve our clients.

Most browsers automatically accept cookies. You can prevent cookies from being stored on your computer or device by setting your browser not to accept cookies. Some browsers provide a mode where cookies are always deleted after a visit.

The exact instructions for this can be found in the manual for your browser. You can delete cookies already on your computer or device at any time. If you choose not to accept cookies at all, you can still visit our website; however we cannot guarantee an optimum experience without cookies.

For an explanation of cookies see: http://www.webopedia.com/TERM/c/cookie.html

Below is a table of all cookies on this website – their name, type and purpose:

Cookie Type  Cookie Name  Cookie Purpose
Google Analytics _ga
_gat
_gid		 These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site for you. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have clicked a web link to our site from and the pages they visited.

 

People who contact us

When you contact SCTUK we record such personal information we need in order to respond appropriately to your enquiry. We will explain what information we need and why. This information will be stored on our database.

People who email us

SCTUK stores emails only for as long as there is a business reason for doing so.

Any email sent to us, including any attachments, may be monitored and used by us for reasons of security and for monitoring compliance with office policy. Email monitoring or blocking software may also be used. Please be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law.

People who attend SCTUK events or use our services

Systems-Centered Training UK offers various services to the public. We hold the details of the people who have requested the service in order to provide the service. We may use these details to provide for other closely related purposes. For example, we might use information about people who have attended a course to carry out a survey to find out if they are happy with the level of service they received or to receive information about future events.

People who have opted in to receiving information about our services

When people subscribe to receive information from us, they can cancel their subscription at any time and are given an easy way of doing this.

People who enrol on our courses

We only ask for information that we need in order to allocate places on and administer our courses and other services.

Personal information about people who apply to attend our courses is stored on our database and in some cases retained as hard copies. Information about those who accept a place on a course is also stored in our accounting system. Information is retained only as long as there is a business reason for doing so, which in the case of financial records may be up to six years.

Computer-based information is password protected and is only accessible to the Directors and administrative staff of SCTUK.

We only share personal information we hold with your consent, or where this is necessary for provision of the service, for example when SCTUK co-sponsors a course with another organisation.

Trainers or consultants who are sub-contractors of SCTUK maintain their own records, which may include personal information about participants. These records are confidential to the subcontractor and are not accessible to other SCTUK Directors or staff. Our contract with others requires them to store such information securely in line with this policy.

Sub-contractors

We collect personal information about the people we engage to work on our behalf.

We only use the information they supply to us to process their application and to monitor recruitment statistics. Where we want to disclose information to a third party, for example where we want to take up a reference or obtain a ‘disclosure’ from the Disclosure and Barring Service, we only do so after informing them unless the disclosure is required by law.

We retain de-personalised statistical information to inform recruitment activities, but no individuals are identifiable from that data.

Once a person has contracted with SCTUK, we compile a file relating to their engagement. The information contained in this is kept secure and is only used for purposes directly relevant to that person’s contract with us. Once their contract with SCTUK has ended, we retain the file in accordance with the requirements of our retention schedule and then delete it.

Complaints or queries

SCTUK aims to meet the highest standards when collecting and using personal information and takes complaints about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We also welcome suggestions for improving our procedures.

This privacy notice has been drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of SCTUK’s collection and use of personal information. However, we are happy to provide additional information or explanation needed. Requests for this should be sent to the address at the end of this document.

What we do with the information we have

We use your personal data to:

  • enable us to provide business services
  • administer financial records including payments (no credit card data is kept)
  • promote our services to those who have willingly provided contact details
  • maintain our accounts and records for tax and VAT purposes
  • inform contacts of relevant news, events, activities and services

Your personal data is treated as strictly confidential and are only shared with other associates of SCTUK where necessary to provide you with services. Each of these organisations and individuals are well known to and trusted by us. They have their own GDPR policies in place and will NOT share your data with third parties.

How we store your information

SCTUK complies with its obligations under the GDPR by keeping personal data up-to-date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

So far as is reasonably practicable, security measures are in place to prevent the unauthorised access, improper use or disclosure, unauthorised modification, unlawful destruction, and accidental loss of personal data stored electronically within our business systems.

In addition to this, our website uses a secure connection (you will see “https” at the start of the website address, and you can ‘click’ on the ‘lock’ symbol to view the security certificate). This means that any data you provide via this route are encrypted before being transmitted across the web.

Company records and accounting records are retained for six years from the end of the last company financial year they relate to or longer in some circumstances. An example of where a company is required to retain records for a longer period is where it has bought something that it expects to last more than 6 years such as equipment.

These document retention proposals are in line with HMRC guidelines.

All other data relating to conducting Company business as defined in this policy are retained for a maximum of 2 years with an annual review taking place to both review current data held, make decisions about disposal and implement the disposal plan.

Raw data i.e. (data which cannot be tracked back to anyone) will be retained for an indefinite period to identify trends and help to improve services.

Your data protection rights:

Under data protection law, you have rights including the following:

  • to ask us for copies of your personal information held by us
  • to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is missing
  • to ask us to erase your personal information in certain circumstances
  • to ask us to restrict the processing of your information in certain circumstances
  • to object to the processing of your personal data in certain circumstances
  • to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances

Access to personal information

SCTUK aims to be as open in terms of giving people access to their personal information. Individuals can find out if we hold personal information about them by making a ‘subject access request’ under the Data Protection Act 1998. If we do hold information about you we will, if requested:

  • give you a description of it
  • tell you why we are holding it
  • tell you who it could be disclosed to, and
  • let you have a copy of the information in an intelligible form.

To make a request to SCTUK for any personal information we may hold about you, please write by email to Annie MacIver, Director, at the addresses provided below.

If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone. However, we will need to ask you for proof of your identity before we can provide you with the information we hold. You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

If we do hold information about you, you can ask us to correct any mistakes by contacting us.

Disclosure of personal information

We do not disclose your personal data to any third parties without your permission except insofar as you have consented to such disclosure or we are required to do so by law for information such as a court order, witness summons, or complaint from governmental authorities.

You can request further information on:

  • agreements we have with other organisations for sharing information
  • circumstances where we can pass on personal data without consent, for example, to prevent and detect crime and to produce anonymised statistics
  • our guidelines on how to collect, use and delete personal data, and
  • how we check that the information we hold is accurate and up to date.

 

Links to other websites

The SCTUK web site contains links to other web sites. This privacy statement applies only to our website. When you are moving to another site you should always read the privacy statement related to that website. We do not pass on any personal information you have given us to any other web site.

Changes to this privacy notice

We keep our privacy notice under regular review. This privacy notice was agreed on 02.04.21 and reviewed on 22.06.22.

How to contact us

If you want to request information about our privacy policy you can contact us: Annie MacIver Director and information manager at info@sctuk.org or in writing to the company address as registered with information commissioner Harben House, Harben Parade, Finchley Road, London NW3 6LH.

You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s address:

Information Commissioner’s Office Wycliffe House

Water Lane Wilmslow Cheshire SK9 5AF

Helpline number: 0303 123 1113.

[1] Systems-Centered Training UK. SCT® and Systems-Centered® are registered trademarks of the Systems-Centered Training and Research Institute, Inc., a non-profit organization