Wisdom Staffing Solutions Ltd. is committed to ensuring the security of personal data held by them. This policy is issued to existing staff with access to personal data at the training centre and will be given to new staff during induction. Should any staff have concerns about the security of personal data within the practice they should contact Suzanne Simpson at [email protected]. All members of the team must comply with this policy.
- All employment contracts and contracts for services contain a confidentiality clause, which includes a commitment to comply with the training centre confidentiality policy.
- Access to personal data is on a “need to know” basis only. Access to information is monitored and breaches of security will be dealt with swiftly by Suzanne Simpson
- We have procedures in place to ensure that personal data is regularly reviewed, updated, and deleted in a confidential manner when no longer required.
Physical security measures
- Records are kept in a lockable fireproof cabinet, which is not easily accessible by unauthorised persons
- Information held on computer. Appropriate software controls are used to protect computerised records, for example, the use of passwords and encryption. Passwords are only known to those who require access to the information, are changed on a regular basis and are not written down or kept near or on the computer for others to see. Passwords should contain mixed-case letters and include numbers and symbols and should be changed regularly.
- Internet spyware and security
- Secure document disposal (shredding)
- Ongoing security reviews
- Backup and restore facilities
- Regular testing of contingency plans and security
- Daily and weekly back-ups of computerised data are taken and stored in a fireproof container, off-site. Back-ups are also tested at prescribed intervals to ensure that the information being stored is usable should it be needed.
- Staff using practice computers will undertake computer training to avoid unintentional deletion or corruption of information.
- Precautions are taken to avoid loss of data through the introduction of computer viruses.
All staff at of Wisdom Staffing Solutions and students must be compliant with the ethical guidance of GDC Standards for Dental Professionals. Wisdom Staffing Solutions will comply with The Data Protection Act 1998 and GDPR about information relating to another individual.
What do we use your data for?
- For processing application forms
- Responding to enquiries during pre-contractual relations
- For invoice processing and storage
- For registration with NEBDN
- Maths and literacy assessments
We do not use your personal information for marketing purposes.
We do not store credit or debit card details
We use a third-party payment processor (GoCardless Ltd.) to collect credit and debit card payments for course payments and related products and services. We never directly collect or store payment card information on our servers.
How do we use your information?
- We use your information only for the specific, and legitimate purposes for which the data was collected and not for any other reason (Purpose limitation principle)
- To register for the course and ascertain suitability
- To register with the NEBDN
- To assess literacy and Maths skill
- To enable payment via online card services
- To analyse the traffic of our website (using cookies)
To provide a robust and reliable service, we depend on several cloud service providers to carry out key operations within our business. This includes document storage (AWS for example), payment processing (GoCardless), literacy and math assessments (BKSB), and email processing (Microsoft Office 365).
Whenever we entrust your data to an outsourcing partner, we always carry out thorough due diligence and ongoing monitoring to ensure that appropriate privacy controls are in place and maintained at all times.
- Wisdom Staffing Solutions only collects the necessary data needed
We take all reasonable steps to ensure that personal data is accurate. You must always inform us of any relevant changes to name, address, and telephone numbers. Wisdom Staffing Solutions will not be responsible for exam entries and certificates delivered to inaccurate addresses.
Data Retention Periods
- Records are kept in accordance with NEBDN regulations for 7 years
- Any students who have decided to ‘opt’ out of a course has the ‘right to be forgotten’ ( see details below)
- It is the responsibility of the individual to read the Data Security policy for any third party financial controllers
- We take steps to protect your personal information very seriously. We cannot, however, guarantee the security of any data disclosed by yourselves online. We will not be responsible for any breach of security unless it is due to our negligence or willful default accountability
- Wisdom Staffing Solutions will take all reasonable steps to remain compliant with data protection . (see above)
- Wisdom staffing Solutions will ask for your consent before processing personal information
We will gain consent in one or more of the following ways:
- Online- ticking a box, choosing settings, or downloading instructions
- Offline- by signing a data protection authorisation, verbally agreeing or completing a form
You have the right to ask us not to process your personal information. You must clearly indicate this by checking relevant boxes on the forms used to collect your data.
How can you withdraw consent?
You have the right to ask to withdraw consent. This is not a retrospective right, so consent cannot be withdrawn for processing that has already occurred. Consent can be withdrawn when the retention of the data is not compliant with GDPR circumstances such as:
- The data is no longer needed
- The processing was based on consent that is withdrawn
- Objection by the data subject
- Unlawful processing
- Compliance with the law
In some cases, Wisdom Staffing Solutions may have grounds for continued processing that would override an objection.
When the rights of the data subject (yourselves) are exercised, Wisdom Staffing Solutions will ensure that the request is actioned by any third parties involved in processing the data.
How can you review information held about you?
- You must apply in writing to the Data Controller (details below)
- The Controller will request your identity and can refuse the request if you are unidentifiable
- Wisdom Staffing Solutions will aim to supply information to you within 1 month, but this can be extended to three months in special circumstances
What happens if there has been a breach of security?
- Any processors who have encountered a breach in security must report to the controller and the Information Commissioners Office (ICO) within 72 hours
- The breach will be described to the ICO in detail, including numbers and categories with a contact name and details
- An assessment of likely consequences will be taken
- Measures will be taken to mitigate or remedy the situation
- You will be fully informed of such an event
What is a personal data breach?
A personal data breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data. This includes breaches that are the result of both accidental and deliberate causes. It also means that a breach is more than just about losing personal data.
The Data Controller is:
Wisdom staffing Solutions
1 The Poplars, Hawkombe, Porlock, Somerset TA24 8QN
Telephone: 07725 318 793
Email: [email protected]
Solutions is registered with The Data Protection Register ICO number
Third Parties who have access to your personal information are:
- Teaching staff / Internal Moderators employed by Wisdom Staffing Solutions (Processors)
- Go-Cardless for Direct Debit Payments and Card payments online
- Quick file – accounting system
- Bksb – Maths and English Literacy assessments
Updated 10/7/2019 by Suzanne Simpson. Next review is 10/7/2020