GDPR - Privacy Notice
Turning Point takes the protection of your data seriously and this page sets out how we use and protect any personal information you may provide us with.
We may change this policy from time to time by updating this page, you should therefore check this page occasionally to ensure that you are happy with any changes. The date of any updates or amendments to this Policy will be made clear at the top of the page.
When you supply your personal details to us they are stored and processed for the following 4 reasons:
- We need to collect personal information about you in order to meet our legal, statutory and contractual obligations and to provide you with our products and services. This information may include your contact details, date of birth, job title, relevant qualifications and details of previous practitioner and other training you've undertaken.
- In terms of the General Data Protection Regulations (GDPR) we have a ‘Legitimate Interest’ in collecting that information, because without it we could not do our job effectively, safely or meet our legal obligations.
- It is also in your "Legitimate Interest" that we retain this information so that we may be able to offer the right tuition to you, contact you in order to confirm your course bookings, or to update you on other matters concerning our courses.
- Provided we have your consent, we may occasionally send you information about our courses and services in the form of articles, advice, emails or newsletters. You may withdraw this consent at any time – just let us know by any convenient method.
Our data retention policy is to retain your records for a minimum of 8 years. You can ask us to delete your records if you wish. Otherwise, we may retain your records indefinitely in order that we can provide you with the best possible service should you need to see us at some future date.
Your records are stored:
- On paper, in locked filing cabinets, and the offices are always locked out of working hours as well as the whole building being securely locked.
- Electronically (“in the cloud”), using Private Practice Software software (PPS).
We rely on them to protect patient data and are satisfied they comply with the General Data Protection Regulations. Regarding how they protect data they state:
"if you use our cloud-based products, including PPS Hosted, PPS Express, PPS Remote and PPS Online Booking then we host your data. This means that your data is held in state-of-the-art secure UK data centres managed by iomart, one of the UK’s leading data centre providers. Our supplier is ISO 27001 certified and employs an array of methods to ensure that your data is kept safe, secure and accessible, including:
An Enterprise class firewall system that prevents unauthorised access to the servers and data.
Redundant hardware ensures that failure of a component piece of hardware does not cause loss of access to systems or loss of data.
Physical security is provided through 24/7/365 data centre staffing and with CCTV cameras, motion detectors and a secure key fob access system.
Whenever you connect to any of our cloud-based systems SSL is used to encrypt the connection, ensuring that your data remains safe and secure. If you have multiple PPS systems that synchronise, TLS is used to encrypt your data whilst it is being synchronised between your systems."
- On our office computers. These are password-protected, backed up regularly, and the offices are always locked out of working hours as well as the whole building being securely locked.
We will never share your data with anyone who does not need access without your written consent. Only the following people/agencies may have access to your data:
- Your tutor(s) in order that they can provide you with the training/course.
- Our reception and administrative staff, because they organise our tutors’ diaries and help process course bookings.
- The provider of our Private Practice Software (PPS) who store and process some of our data on their fully encrypted system.
You have the right to see what personal data of yours we hold, and you can also ask us to correct any factual errors. Provided the legal minimum period has elapsed, you can also ask us to erase your records.
Cookies are small text files that are downloaded and stored on your computer when you visit a website. Most websites use them but the information they contain varies from website to website. They can used for example to enable a website to remember your preferences, remember what you have put in your shopping basket, or count the number of visitors to each web page.
We do not use any third party Cookies or third party analytical software.
For more information on Cookies and how to control and manage them please visit this link
Links to other websites
How to contact us
If you would like a copy of the personal information we hold on you, or if you have any requests concerning your personal information or any questions or concerns about our privacy practices, please email us, or write to us at the following address:
Turning Point Training
79c South Street
Devon EX36 4AG
We will respond to your communication within one month of receipt of the request.
You have the right to complain to the Information Commissioner’s Office (ICO) if you feel that we have not responded fairly to your requests. You can find their contact details here: https://ico.org.uk/concerns/