Lybos aims to be as clear as possible about how and why we use information about staff and students so that you can be confident that your privacy is protected. This policy describes the information that Lybos collects when you subscribe to and use our services. This information includes personal information as defined in the General Data Protection Regulation (GDPR) 2016 [and the subsequent UK Data Protection Bill that is expected to be enacted in 2018].
The policy describes how we manage your information when you use our services, if you contact us or when we contact you. It also provides extra details to accompany specific statements about privacy that you may see when you use our website.
Lybos uses the information we collect in accordance with all laws concerning the protection of personal data, including the Data Protection Act 1998 and the GDPR 2016. As per these laws, David Elmer is the data controller; firstname.lastname@example.org Telephone Number; 07825253825 Flat 16, 52 Stowmarket Road Needham Market Suffolk IP6 8DS
If another party has access to your data we will tell you if they are acting as a data controller or a data processor, who they are, what they are doing with your data and why we need to provide them with the information. If your questions are not fully answered by this policy, please contact our Data Protection Officer. email@example.com Telephone Number; 07825253825 Flat 16, 52 Stowmarket Road Needham Market Suffolk IP6 8DS I am not registered with the Information Commissioner's Office, registration is TBA. If you are not satisfied with the answers from the Data Protection Officer, you can contact the Information Commissioner's Office (ICO) https://ico.org.uk
We need to collect information about you so that we can:
For us to provide you with services, we need to collect the following information:
We collect this information directly from you. If you do not provide us with this information we are not able to provide you with our services. We may also collect information about you from third parties; for example, SIMS.
We use the data we collect from you in the following ways:
We keep your information in the stores described below. Please note that we do not store your payment card details in any of our systems; these are passed straight through to our payment provider, via the Paypal payment system.
We store your login details and all student data on the lybos database server which is hosted by 4uhosting.co.uk with secure passwords. Your login password is securely encrypted on our server.
We use Microsoft Excel which is a computer program that stores the information on a computer in our office, this is also backed up to Microsoft OneDrive for data recovery purposes.
All our accounts are handled in house on Microsoft Excel, this is also backed up to Microsoft OneDrive for data recovery purposes.
We may take hand written notes when we meet you, to assess your service needs. Paper copies are destroyed once pertinent information is added to our encrypted computers. We keep a paper copy of your invoice in our store room.
We keep the paper copy invoices for 13 months. We keep the electronic invoice for seven years as this is the required length to comply with the HMRC requirements. After seven years we delete the invoices.
We do not send your information to anyone else.
You can make a subject access request (SAR) by contacting the Data Protection Officer. We may require additional verification that you are who you say you are to process this request. We may withhold such personal information to the extent permitted by law. In practice, this means that we may not provide information if we consider that providing the information will violate your vital interests or affect the rights of others
Please contact the Data Protection Officer. We may require additional verification that you are who you say you are to process this request. If you wish to have your information corrected, you must provide us with the correct data and after we have corrected the data in our systems we will send you a copy of the updated information in the same format at the subject access request in section 7.
If you want to have your data removed it is our duty to determine if we need to keep the data, for example in case HMRC wish to inspect our records. If we decide that we should delete the data, we will do so without undue delay.
As part of providing our service to you, we may send you releveant information via email. To protect your information, we prefer to use an end-to end encrypted messaging service. If you are not able to use such a service, we may use SMS (text messages); however, this does increase the risk of someone intercepting the message.
If you are receiving text messages from us, you may unsubscribe at any time by following the instructions included within the text message. Similarly, if you are receiving emails from us, you may unsubscribe at any time by following the instructions included within the email. When you unsubscribe (i.e. opt out) from either text message and/or email communications, we will suppress your details on our systems to ensure we have a record of your decision to not be contacted in that particular manner. We will not use the email address or mobile phone number for such messages again unless you opt back in. When unsubscribing from either email or text communications, you should always follow the specific instructions given in the particular email or text that you wish to discontinue receiving.?