last updated: April 2020
The Fellowship of Inspection Nominees (“fin”, “we”, “our”, “us”) is a Company Limited by Guarantee that focuses solely on the role of nominee in preparation for and during the Ofsted inspection process within the post 16 education sector.
This Privacy Notice (in conjunction with our Terms & Conditions of Use and data retention policy, and any other documents referred to in it) reflect changes in data protection legislation within the UK / European Union and sets out how fin and its subsidiaries collect, manage, process, store and share information about those individuals who use our website(s), products and services in a fair and ethical manner. We may vary this Notice from time to time, so please visit this page regularly to review this Notice.
By using our websites, products or services, and submitting any personal information (if applicable), you agree to the terms of this Privacy Notice. If you disagree with any part of this Notice, please do not provide personal information and do not use our websites.
fin is committed to protecting your privacy and data security. We understand that visitors and users of our products, services and websites are concerned about their privacy and the confidentiality and security of any Personal Data provided. At the same time, we want to ensure that you obtain full value from our products, services and websites.
This policy explains how fin complies with Data Protection legislation within the UK, the General Data Protection Regulation (GDPR) which comes into effect in May 2018, until the UK exits the EU and the Privacy and Electronic Communications Regulations. This Notice covers those activities which are subject to the provisions of the laws of the UK and the EU (for so long as the UK is a member state), as applicable.
Consequently, the rights and obligations contained in this Privacy Notice (and those in our Terms & Conditions of Use and data retention policy, and any other documents referred to in it) may not be available to all individuals, in all jurisdictions. fin will always use its best endeavours to apply high standards of data processing and security wherever we operate in the world and will ensure that we comply with any local privacy laws which apply to our relationship with you.
fin will only contact you by mail, email, telephone or SMS text message in connection with its charitable purposes, as part of our contractual relationship, with your explicit consent, or for our legitimate interests.
FIN is a company limited by guarantee registered in England and Wales
- Registered company no. ZB061455
FIN is a Data Controller registered with the Information Commissioner’s Office within the United Kingdom,
Our registered office address is: Longdon Hall, Longdon On Tern, Telford, England, TF6 6LE
Types of Personal Data Collected
For the purposes of this Privacy Notice, personal data includes information about you, individually, such as your name, geographic location, address, telephone number, email address, and your personal preferences, interests (including religious views and affiliations), and other information you may share with us.
You can visit our websites without telling us who you are or revealing personal information about yourself, including your email address.
We collect information from you so that we can:
- provide you with access to our products and services improve the products and services we offer and develop our business;
- administer our relationship with you;
- respond to your enquiries;
- process applications for employment;
- process and respond to any complaints;
- enable us to comply with our legal and regulatory obligations;
- audit usage of our website and Apps.
See the How We Will Use Your Personal Information section below for more detail.
Special Category information may also be collected by us and includes:
- your racial or ethnic origin;
- your religious beliefs or affiliations;
- your philosophical beliefs
- your physical or mental health details.
Special Category information is only collected if necessary to any contractual relationship or with your explicit consent.
fin collects your personal information in a variety of ways, such as by email, internet access, or by use of our products or services. Collection may occur, for example, when you:
- use the “contact us” portion of our website;
- ask to be contacted through other websites which we operate or have access to;
- create a personal user account on one of our platforms;
- receive and review online information about our services;
- apply for a position through our website;
- request resources, sign up for a newsletter or news updates, or
- correspond with a representative of fin and its subsidiaries, and/or any of our partner organisations;
- register for or attend a fin conference or event.
Whenever users visit our products or services, our servers may automatically record information for statistical purposes about your usage of the product or service, such as:
- the type of browser used;
- the referring URL;
- the IP address;
- the number and type of pages viewed;
- the date and time of visits; and
- the exit URL.
This information is not personal information and, in any event, remains anonymous. We do not link the anonymous information to any other personal data unless you have either registered with a product or service or logged into a product or service at the time of use. Accordingly, if you have not identified yourself on the product or service, such as by registering or logging in, we will not record personal data arising out of your usage of our website.
We may also collect your personal information by using social media platforms and networks such as Facebook that share or allow you to share information with us. For more information about social media platform and network privacy practices, please review the privacy policies and settings of the social media platforms and networks that you use.
Where you request information from us, we may use the email address that you provide to send you information about our business and resources that may be of interest to you. If you have contracted or consented to receive communications from us, such as by email, you may ask us to remove you from the list at any time using the unsubscribe instructions provided with each email or by contacting the Data Protection Officer (DPO) in the Contact Details section below.
Our websites uses “cookies” to collect information and distinguish you from other users on our sites. This helps us to provide you with a good experience when you browse our sites and also allows us to improve our websites.
Cookies are text files containing small amounts of information (like an anonymous unique identifier) which are downloaded to your device when you visit a website. Cookies are then sent back to the originating website on each subsequent visit, or to another website that recognises that cookie. Cookies are useful because they allow a website to recognise a user’s device. Cookies do lots of different jobs, like letting you navigate between pages efficiently, remembering your preferences, and generally improve the user experience. They can also help to ensure that adverts you see online are more relevant to you and your interests.
We may use different types of cookies on our website: persistent cookies; session cookies; and third-party cookies. (Please refer to your browser’s Help section for further information on controlling and setting cookies).
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some of fin products or services as effectively as they were intended.
How Will We Use Your Personal Information
The reasons why we process, store and share your personal data and the legal basis for our doing so, is set out below.
|Purpose for storing and processing data||Legal basis for storing and processing data||When and with whom your data is shared||Retention policy|
|To meet the requirements of any contractual relationship or agreement with you arising out of the product or service you have requested||To meet the requirements of our agreement and terms and conditions of use.||As required; with fin or one of our affiliated organisations or partners||Minimum 6 years from the end of the period of contract or active subscription|
|To provide technical support to you in connection with any of our products or services||To meet the requirements of our agreement and terms and conditions of use||As required; with fin or one of our affiliated organisations or partners||End of the period of contract or active subscription|
|To meet our legitimate interest in improving fin products, services, our user experience and to develop our business (includes the ability to audit usage of our website and Apps)||To meet the requirements of our agreement and terms and conditions of use; and/or you have given consent||As required; with fin or one of our affiliated organisations or partners||End of the period of contract or active subscription|
|To establish (with your explicit consent), maintain and/or manage our relationship with you||You have given consent||As required; with fin or one of our affiliated organisations or partners||End of the period of contract or active subscription|
|To protect against error, fraud, theft and damage to our property||To meet the requirements of our agreement and terms and conditions of use and/or meet legal or regulatory requirements||As required; with government regulatory and/or enforcement bodies, external auditors, internal auditors, fin legal representation||Minimum of 6 years|
|To enable us to comply with applicable law or regulatory process (for example, we may collect personal information to satisfy the obligations imposed on us by various regulators)||To meet legal or regulatory requirements||As required; with fin or one of our affiliated organisations or partners, government regulatory and/or enforcement bodies, external auditors, internal auditors, fin legal representation||Minimum of 6 years|
|To communicate with you (with your explicit consent) about our business and resources, which may be of interest to you||You have given consent||As required; with fin||End of the active subscription|
|To respond to any complaint you may make||You have given consent||As required; with fin or one of our affiliated organisations or partners||Minimum 3 years after the closure of the complaint process|
|Process applications for employment||You have given consent, and to meet legal requirements||As required; with fin||Minimum 6 months after applications and minimum 6 years after any employment|
Disclosure of Data
fin never shares your personal information with third parties (save as set out below), unless it is required to fulfil a contractual product or service or is a legal or regulatory requirement. In most cases you will be notified and will have the option to opt out of the product or service prior to having your personal information shared.
In order to fulfil the organisational purposes for which you provided us your personal information, it may be shared with our employees (including those in our subsidiaries), affiliates and partners, and other parties who require such information to assist us with establishing, maintaining and managing our relationship with you and providing products and services you request.
This may include:
- FIN Offices – Currently in Longdon Hall, Longdon On Tern, Telford, England, TF6 6LE
- Overseas Recipients – fin may disclose personal information to outsourced information technology service providers, including cloud computing providers and data storage providers, based overseas.
- Online Advertising – fin may promote our activities and resources by purchasing advertising space on third-party websites. Tracking data collected by these third-party companies is used to decide which advertisements you see on third-party websites and applications, but does not identify you personally.
- Other Platforms or Services – Some fin products and services may be integrated with external services, including social media networks. This may mean that information, for instance about your interests and activities, is tracked or pulled from other places (such as Facebook). fin may also use analytics tools and services (such as Google Analytics) to track your usage of fin products and services.
As result of the above, your personal information may transit through or be collected, used, processed, stored or disclosed in both the United Kingdom and other countries, including countries outside of the European Union, under the control of fin or one of our affiliated organisations or partners. Where your personal information is provided to partners or service providers, we take steps to safeguard your personal information and use confidentiality agreements that restrict the use of your information to the purpose for which it is provided.
Please note that we may collect, use or disclose your personal information without your knowledge or consent where we are permitted or required by applicable law or regulatory requirements to do so.
We retain personal information for as long as we reasonably require it for legal or business purposes. Please refer to our data retention policy for more detail. In determining data retention periods, fin takes into consideration local laws, contractual obligations, and the expectations and requirements of groupings of individuals based on the nature of their relationship with fin. When no longer required, personal information is destroyed in a secure manner or deleted. We also take steps to ensure that the personal information we collect is accurate, up-to-date and complete. These steps include maintaining and updating personal information when we are advised by individuals that their personal information has changed.
Security and Protection
We take reasonable steps to protect all personal information which we process from misuse, interference, loss, unauthorised access, modification or unauthorised disclosure. We are committed to ensuring that your information is secure and take reasonable steps (suitable physical, electronic and managerial procedures) to hold personal information securely in electronic or physical form and try to prevent unauthorised access. These steps include the use of Internet Encryption Software, Secure Socket Layer (SSL) Protocol when collecting or transferring sensitive data, password protection for electronic files, securing paper files in locked cabinets and physical access restrictions. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our sites; any transmission is at your own risk.
Where We Store Data
Links to Other Websites
If you are an individual who has provided personal information to fin, you have certain rights:
Right of Access
You may request a copy of any personal information we hold about you. This is known as a “Subject Access Request”. To make a Subject Access Request, please write to the DPO using the contact details provided in the Contact Details section below and the information (where appropriate) will usually be provided within 30 days.
Right to Rectification
You may request an update or correction be made to personal information about you held by fin. Please write to the DPO using the contact details provided in the key contacts section below and the information (where appropriate) will usually be updated within 30 days.
Right to Restrict Processing
You have the right to ask us not to use your personal information for marketing purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data or using the unsubscribe link found in the email communication you receive from us. You may also ask us to restrict the use of your data because:
- you do think it is inaccurate, but this will take time to confirm;
- you believe our data processing is unlawful, but you do not want your data erased;
- you want us to stop using your data, but we have yet to determine whether your request is valid.
In these circumstances, please write to the DPO using the contact details provided in the Contact Details section below and your request (where appropriate) will usually be actioned within 30 days.
Right to Erasure
You have the right to request that we erase your personal information. In these circumstances, please write to the DPO using the contact details provided in the Contact Details section below and (where appropriate) your request will usually be actioned within 30 days.
Right to Data Portability
You have the right to move, copy or transfer your personal information to another organisation. In these circumstances, please write to the DPO using the contact details provided in the key contacts section below and (where appropriate) your request will usually be actioned within 30 days.
Use Restricted to over 16s
You may not access any of our interactive services or share your personal information with us, unless you are 16 years of age. In some circumstances, the service we offer may enable you to provide the consent of a person with parental responsibility for you. fin will make reasonable efforts to verify in such cases that consent is given or authorised by the holder of parental responsibility over a child, taking into consideration available technology.
All communications with respect to such withdrawal or variation of consent must be in writing, and it may take us up to 30 days to process your withdrawal of consent. When contacting us about your personal information, we may request specific information from you to confirm your identity and right to access, as well as to search for and provide you with the personal information that we hold about you. Your rights to personal information that we hold about you is not absolute. There may be instances where applicable law or regulatory requirements allow or require us to refuse to provide some or all of the personal information that we hold about you. In addition, the personal information may have been destroyed, erased or made anonymous in accordance with our record retention obligations and practices. In the event that we cannot provide you with access to your personal information, we will inform you of the reasons why, subject to any legal or regulatory restrictions.
If you have any questions about this Privacy Notice or concerns about how we manage your personal information, please contact us in writing or email the DPO using the contact details provided in the Contact Details section. Alternatively you have the right to make a complaint about your question or concern to the ICO (Information Commissioner’s Office). Call (0303 123 1113) or visit www.ico.org.uk.
Longdon Hall, Longdon On Tern, Telford, England, TF6 6LE