This Privacy Statement describes our current policies and demonstrates our commitment to your personal privacy. From time to time, we may update the content or services found on our website at any time without notice, and this means that our Privacy Statement and the Terms may also change in accordance with those updates in the future.
CIMAT Group Ltd provides training services along with products through its affiliated group of companies (Crisilience Ltd, Mett Training and Trauma Survival Kits). If you access or link to any of our affiliate sites or other non-affiliated websites, please read the privacy statement and data protection statements or agreements issued by those sites to determine the policies that apply to information or data maintained by those websites.
To safeguard the confidentiality of all information you provide to us:
- CIMAT Group will only collect information that it believes to be relevant and lawful to understand your training and purchasing requirements and to conduct CIMAT Group's business.
- CIMAT Group will use your information to provide you with better customer services, products, and course quality.
- CIMAT Group can pass your information to our affiliated companies but only by your personal request.
- CIMAT Group will not provide your information to any external organisation unless CIMAT Group has your “actual” consent or are required by law or have previously informed you prior to so doing.
- CIMAT Group may be required, from time to time, to disclose customer information to Governmental or judicial bodies or agencies or Crisilience's regulators but Crisilience will only do so under proper authority.
- With your assistance, CIMAT Group aims to keep your information up-to-date and correct.
- CIMAT Group utilises security systems designed to prevent unauthorised access to customer information by anyone that is external to our organisation.
- All CIMAT Group’s affiliate companies or CIMAT Group staff with permitted access to customer information are specifically required to observe our confidentiality obligations. By keeping to our principles, we will ensure that we respect the trust that you place in us.
When you share information with us using our online forms, i.e. by registering on one of our courses, we use this information to register you with our official awarding bodies who are regulated by Ofqual, in so doing, we can provide our Awarding Body (Highfield Awarding Body for Compliance – HABC or Qualsafe) your details and success on our courses so that they can award you your official certificate.
If you subscribe to our newsletters by entering your details on our subscription forms, this allows us to communicate with you to provide information with our news updates, changes in practice and procedures publicised by The Resuscitation Council UK and/or British Heart Foundation, our course details, jobs and networking events.
What information we hold
The information we hold will depend on what form you complete on our site. For instance:
Course registration forms
We ask for your personal contact information such as; name, address, phone number, email address, date of birth, special needs if any, (this is non-obligatory information but may prejudice your success on our course if not disclosed as we may need to apply to our awarding bodies for special considerations for you).
We also ask for your “Consent” to record and keep this information, this requires your physical input (agreement) by selecting the “I agree” option on our forms prior to submitting the form. To satisfy GDPR that we obtain physical consent from you, we have also added a consent verifier element on our CRF, which requires a code (sent to you by email) to be added to the form.
You also have the option to complete a paper registration form on your first day on our course. This paper form asks for the same information as above and will be entered manually and electronically by us on our Awarding Body’s Server Once you have completed your course and you have been issued with your certificate, we delete your information except for your name, email address and your certificate renewal date.
We keep this information so that we can let you know (remind you) that your certificate is due to expire (usually 3 years after your certificate award date) and provide you with certificate renewal options or when replacing “lost” certificates. This remaining information also allows us to send you any updates regarding your training should they be amended by the Resuscitation Council UK or our Ofqual regulated Awarding Bodies
Course Assessment Papers
Having attended one of our courses, you will have completed a theoretical assessment paper, which will be scanned and kept on our server. we must hold this information for three years in the event the Awarding Body should query your paper during their regular External Quality Assurance (EQA) visits/assessments of our training centre.
All hard copy paperwork will be destroyed (shredded)
News Letter Subscriptions
In this instance, you are only asked for your name, email address and any news preferences you have regarding content we send to you. You will always find an "Unsubscribe" link at the bottom of our newsletters, when, if clicked will unsubscribe you and delete all your newsletter subscription information in its entirety. The system always lets us know by email immediately when someone unsubscribes, this allows us to check the mailing list that your details have been removed, in the unlikely event that this is not the case, we will remove your data manually, which is very simple to do. In any event, you will always get an email stating that you have been unsubscribed from our mailing list.
Where we hold your information:
Depending on the forms you complete on our website this will dictate where we store your information:
Course registration details are stored in a spreadsheet, which is held on our secure Google Drive. Any hard copy versions are destroyed (shredded) after we have uploaded your details. As stated earlier, once your certificate has been issued, we delete most of that information from the online spreadsheet except for your name, email and course completion date.
Course assessment papers are scanned and stored on our secure online storage platform. Once uploaded, the hard copies are destroyed (shredded).
As stated above, we must keep your assessment papers for three years after which duration they are deleted from our server, having satisfied our Awarding Body during their External Quality Assessment audit that all paperwork is correct and conforms with their compliance policies.
The only details relative to you on assessment records are your name and the date of the assessment.
Newsletter subscription information is stored on MailChimp (our newsletter mailing service provider) platform.
As stated, the information stored there is minimal and consists of your name, email address and newsfeed preferences.
Your Individual Rights
You have the following rights under the Data Protection Act (DPA) 1998 and the new General Data Protection Regulations (GDPR), which we fully endorse and comply with:
- the right to be informed about your information (what we hold)
- the right of access to your information
- the right to rectification, corrections to your information
- the right to erasure of any information about you we hold
- the right to restrict us from processing information about you
- the right to data portability
- the right to object and
- the right not to be subject to automated decision-making including profiling