Paula Muran takes its duties under the Data Protection Act 2018 (the Act) and related rules on the Continent of Europe extremely seriously. These limitations restrict our ability to utilise personal information.
This policy outlines the roles and obligations of workers and firms within the Paula Muran regarding the handling of personal information.
Everyone has rights regarding the handling of their personal information. During the course of our activities, we will collect, store, and process (i.e. utilise) the personal information of our employees, customers, suppliers, and anyone with whom we contact, and we recognise the need to do so in a safe, lawful, and confidential manner.
Personal information, whether stored on paper, an electronic device, or another medium, is protected by law. These are defined in the Act and additional rules that implement the EU Directive on Data Protection in the United Kingdom.
We may process all of the information we collect from you in order to fulfil our contractual obligations to you, and we may request additional information from third parties or disclose your information to other carefully selected third parties, such as the Education and Skills Funding Agency, Awarding Organisations, the Learner Record System, and Ofsted.
Access to all paper-based and electronic data systems is highly restricted, with access to either system permitted only when the required security procedures have been performed and a GLP Systems Access Form has been authorised.
Representatives of employers, Ofsted, ESFA, ESF, and awarding bodies will only be granted access to data systems upon completion of a GLP Systems Guest Access form. This form must be completed and approved prior to access being granted, and access will be limited to the time duration requested by the guest or deemed necessary by Paula Muran’s Head of Quality. The amount of access allowed will depend on the visitor seeking access, e.g., ESFA will have full access, while Awarding Body EQA will only have access to proof portfolios.
Once the allocated period has expired, the permitted access will be withdrawn and documented as such.
By providing us with your personal information, you consent to our processing and, in particular, disclosure of the following data:
(1) monitor equal opportunity with relation to race or disability, or for other monitoring reasons, or
(2) account for candidates when it is required to do so; or (3) when it is required to do so.
for such agencies to contact a candidate personally when the information is not widely available through other ways.
This policy will give you with the necessary knowledge, guidance, and training to recognise personal information and correctly handle it. You should also study Paula Muran’s policy about the usage of social media and comprehend her information security requirements.
You should ensure that you completely understand this policy and adhere to its instructions.
Individuals may be held personally accountable in certain situations if we fail to comply with the Act.
You should be informed that any violation of this policy will be regarded severely and may result in disciplinary action or the incident being reported to the appropriate external authorities.
This policy conforms to the Paula Muran Ltd Management Handbook’s description of the DBS policy on data protection.
The Act establishes eight fundamental principles that govern the general use of personal information. These clauses stipulate that private information must be:
consists of information on a living person who can be identified: –
Personal information comprises any expression of opinion about an individual and any indication of the Data Controller’s or any other individual’s intentions towards the individual. Note that the term does not include corporations (but it does include persons within companies) or deceased individuals.
Includes information about a person’s racial or ethnic origin, political opinions, religious or similar beliefs, trade union membership, physical or mental health or condition, or sexual life, as well as information about the commission or proceedings for any criminal offense or alleged to have been committed by that person, the disposition of such proceedings, or the sentence of any court in such proceedings. Sensitive personal information may only be treated under stringent conditions, often with the full agreement of the individual concerned.
Learner information that must be maintained is rigorously governed. ALL personal information is maintained in the learner’s file, which is secured in locked cabinets. Access is tightly restricted to GLP individuals who have a need to access said data and who have requested the appropriate cabinet key. All files are returned promptly to their respective locked cabinet, and the key is returned to the key box.
All of Paula Muran’s computer systems are protected by a password. Workstation passwords are highly regulated and are known only to the Administration Manager and system operator, the Managing Director, and the applicable workstation operator. The Head of Quality safeguards the passwords for all computer systems, internal and external software programmes, and financing partner system access. The distribution of these credentials is highly regulated and restricted to people who require access to these services. Account system credentials are restricted to the Managing Director and the Chief Financial Officer.
The GLP Employee Access and GLP Guest Access approval system administers hosted data systems, Pellcomp “PICS” MIS systems, and Smart Assessor e-Portfolio systems. Only the Head of Quality and the Head of Administration has master administration privileges for these systems.
Any redundant or unneeded paper documentation containing personal data, whether company, employee, funding partner, or learner, is placed in the confidential document storage bin pending secure destruction by the secure document destruction contractor. Paula Muran Ltd has a contract with “Shreddit Ltd” for secure document destruction. In all operating offices, there are locked document receptacles whose keys are managed by the head of administration.
This policy will be reviewed on a regular basis to ensure that any modifications to the Data Protection Act are implemented and that Paula Muran Ltd complies with such Act.