Wulvern is committed to protecting your privacy and protecting personal data that is held about individuals in accordance with the Data Protection Act 1998. Wulvern has nominated a ‘Data Controller’ to uphold Data Protection standards required by the Data Protection Act 1998.
There are 8 ‘principles’ within the Data Protection Act, all of which have the main purpose of protecting the interests of the individuals whose ‘Personal Data’ is being processed. These apply to everything that is done with that ‘Personal Data’ and Wulvern is therefore committed to these principles:
- To process personal data fairly and lawfully
- To only process personal data for specific and necessary purposes
- That the amount of personal data being held is adequate, relevant and not excessive
- That personal data is kept accurate and up to date
- That personal data is not kept longer than is necessary
- That the rights of individuals are recognised with regards to accessing personal data
- That appropriate security measures are taken against unauthorised or unlawful processing
- That no personal data is transferred to a country or territory outside the European Economic Area unless they have adequate levels of protection relating to processing of personal data.
Some key definitions relating to Data Protection are:
- Data Controller: Wulvern’s Executive Director of Colleague Services is the nominated ‘Data Controller’ and determines the purposes, and the manner, in which personal data is processed
- Data Subject: is any living individual who is the subject of ‘Personal Data’, whether in a personal or business capacity. A person who is deceased is not a ‘Data Subject’. Any current, past and prospective customers, colleagues, Board members and third parties are all data subjects if we hold personal information about them
- Recipient: any person to whom ‘Personal Data’ is disclosed
- Third Party: any person other than the ‘Data Subject’, the ‘Data Controller’ or any other person authorised to process the data on the ‘Data Controller’s’ behalf. This could be an advisor, auditor, contractor or partner for example and can sometimes be known as a data processor
- Personal Data: is any ‘personal’ information that relates to a living person who can be identified by that data and includes information stored electronically, collected by CCTV, or in manual records. Examples of personal data include name, address, other contact details, statement of fact or opinion which identifies an individual
- Processing: Processing data under the Act is any operation relating to collection, storage, usage, and disposal of personal data. Wulvern is a registered with the Information Commissioners Office as an organisation that processes data (and our Registration number is Z9032097).
In providing our services to you, and in the course of dealing with your enquiries, we may have the need to pass your details on to one of our contractors or partner organisations. These third parties are also required to keep your personal information secure and abide by our Data Protection expectations.
You have the right to access your personal data by requesting a ‘Subject Access Request’. Please note that a £10 processing fee will be charged for each individual request.
Further information relating to the Data Protection Act can be found on the Information Commissioner website, http://www.ico.gov.uk/
Please note that throughout this website it contains links to other organisations but that we cannot give guarantees about their data protection policies and procedures