Last updated: 22- April 2018-05-03
Data Protection (GDPR) and Cambridge Guardian Angels
We have created this Policy which explains how we create, use, disclose, transfer and store your data
CGA collects and uses personal information about staff, students, overseas parents, host families, and other individuals who come into contact with us.
This information is gathered in order to enable us to provide a high quality Guardianship Service and other associated functions. Additionally there may be a legal requirement to collect and use information to ensure CGA is complaint with its’ statutory obligations.
CGA has a duty to be registered as data Controllers, with the Information Commissioners Office (ICO) detailing the information held and it’s use. CGA’s registration details are available on the ICO’s website.
This Policy is to ensure that personal information is dealt with correctly and securely and in accordance with the Data Protection Act 1998 and the 25 May 2018 regulations for EU citizens.
It will apply to information regardless of the way it is collected, used, recorded, stored and destroyed irrespective of whether it is held in paper files or electronically.
All members of CGA involved with the collection, processing and disclosure of personal data will be aware of their duties and responsibilities by following these guidelines.
Personal information is data defined as data which relates to a living individual who can be identified from that data, or other information held.
The 1998 Act defined the following principles:
- Personal data shall be processed fairly and lawfully
- Personal data shall be obtained only for one or more specific and lawful purposes
- Personal data shall be adequate, relevant and not excessive
- Personal data shall be accurate and where necessary kept up to date
- Personal data processed for any purpose shall not be kept for longer than is necessary for that purpose or those purposes
- Personal data shall be processed in accordance with the rights of data subjects under the Data Protection Act 1998
- Personal Data shall be kept secure i.e. protected by adequate levels of security
- Personal data shall not be transferred to a country or territory outside the EEA, unless that country or territory ensures an adequate level of data protection
- To ensure the above principles are maintained CGA will ensure the following:
- Inform individuals why the information is being collected when it is collected
- Inform individuals when their information is being shared, why and with whom it is being shared
- Check the quality and accuracy of the information it holds
- Ensure the information is not retained for longer than is necessary
- Ensure that when obsolete information is destroyed that it is done so appropriately and securely
- Ensure that clear and robust safeguards are in place to protect personal information from loss, theft and unauthorized disclosure, irrespective of the format in which it has been recorded
- We will only share information with others when it is legally appropriate to do so
Set out procedures to ensure compliance with the duty to respond to requests for access to personal information, known as Subject Access Requests
- Ensure all CGA staff are aware of and understand this policy
On 25th May 2018 new regulations are being introduced to cover how organizations handle the personal data of EU subjects.
Cambridge Guardian Angels Limited (“we”, “us”, or “our”) is committed to protecting the privacy of the visitors to our website and Parents and students in our care, of which this is the only website. Please read this privacy promise to understand how we use and protect any information that we collect about you.
This privacy promise is intended to assist you in making informed decisions when using our Site and any services provided through it.
By visiting our Site you consent to us collecting, storing, using and (if applicable) transferring your personal information in accordance with this privacy promise.
If we decide to change our privacy promise, we will post those changes on this page and on www.cambridge-guardian-angels.com to keep you aware of the way we collect, use and disclose information.
We collect and process personal data in the following ways:
- information that you provide to us when you register for our services or fill out forms on the Site. You acknowledge that, where registering to use our services, you may be required to submit “sensitive” personal information (such as information regarding your physical condition, ethnic origin, gender, dietary preferences, education ability and religious beliefs) and consent to our processing of such information in accordance with this privacy promise.
- information that you submit when you register for our services (including your name, email address and phone contact details) which we need to fulfill your request and to notify you of the next stage of the registration process.
- information about you which you include in any e-mails or letters that you send to us;
- information about your usage of the Site; and
- information about your computer, which may include your IP address, operating system and browser type, for system administration and to report aggregate information (statistical data about’ browsing actions and patterns that does not identify any individual).
- newsletter sign up; all visitors to the site can sign up to request a newsletter at any time, they will not be sent it unless they actively ask to receive it. If you complete a request for information form (RFI) you will not be added to the distribution list to receive the newsletter
On each newsletter there is a clearly presented unsubscribe button, so any site visitor can at any time ask to be removed from the data base that triggers the sending of the monthly newsletter to them
The newsletter sign up data is not shared with any third party
Our Site use a tracking code to support enabling Google Analytics to collect traffic data by using our cookies. .
We and third-party vendors, including Google, use first-party cookies (such as the Google Analytics cookie) to inform, and optimize
Cookies are small amounts of information in the form of text files which we store on your computer. Cookies allow us to monitor website traffic, improve the Sites’ usability and to personalize the content of the Site.
We may use an analytics service provider for website traffic analysis and reporting. Analytics service providers generate statistical and other information about website use by means of cookies, which are stored on users’ computers. The information generated relating to the Site may be used to create reports about the use of the Site and the analytics service provider will store this information.
We use the information collection technologies set out in the table below for the following purposes:
|These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.||Persistent Cookie||Click here for an overview of privacy|
|Site cookie acceptance||b b bm nmv
|We use more than one server to provide web pages. When you visit the website, you are assigned to one of several servers. This cookie is required to track which server you are communicating with in order to present a consistent user experience and remember information about the data you have entered. This cookie does not identify you personally and is not linked to any other information we store about you.||Strictly Necessary|
|Used to maintain any users identity if they log into the site.||Functionality||Click here for more details.|
|WP Cookies||wordpress_test_cookie||A test performed to see if cookies are enabled on your browser.||Strictly Necessary||Click here for more details.|
|This is a WP cookie used to customize your view of admin interface, and possibly also the main site interface.||Functionality||Click here for more details.|
If you do not wish for cookies to be installed on your computer, you can change the settings on your internet browser to disable, remove or reject cookies. For more information about how to do this, you should consult the “Help” section of your browser. In some but not all instances, cookies can be blocked in the future by selecting certain settings. Each browser you use will need to be set separately and you will see that different browsers offer different functionality and options in this regard. Please note that rejecting cookies via your browser may not be effective with regard to HMTL5 and Flash cookies (which are explained in more detail above). For information on disabling Flash cookies, please go to Adobe’s website www.adobe.com.
We may use your information in the following ways:
- to ensure that content from our Site is presented in the most effective manner for you and your computer;
- to provide customer service to you in relation to your use of the Site, to deal with enquiries relating to the use of a Site;
- notify you every now and again about important changes to the Site or our services;
- to administer, support, improve, optimize and develop our Site
- to enable us to provide our services to you and to process your registration for specific services;
- for security purposes.
Our Site may contain links to websites that are operated by third parties. We do not control and accept no liability or responsibility for those websites and this privacy promise does not apply to those websites. Please consult the terms and conditions and privacy policies of those third party websites to find out how they collect and use your personal data.
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). Where data is stored at or processed by third party service providers at a destination outside of the EEA, we will use reasonable endeavors to ensure that all such third party service providers are self-certified to the Safe Harbor framework or have agreed to the EU Contractual Clauses which have been deemed to provide an adequate level of protection under applicable laws. It may also be processed by staff operating outside the EEA who work for a service providers, suppliers, franchisees or affiliates. Such staff may be engaged in the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy promise.
All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL/TLS technology and managed by Flywire. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Site, you are responsible for keeping this password confidential.
Once we have received your information, appropriate security measures will be adopted to protect your information from access by unauthorized persons and against unlawful processing, accidental loss, destruction and damage. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, you acknowledge that we cannot guarantee the security of data you send over the internet and that you send your information at your own risk.
Your information will only be held for a reasonable period or as long as the law requires or permits.
We will only disclose your information to providers with whom we have contracted to provide services to you and other third parties to whom disclosure is necessary to enable us to process your request for services and provide you with any service to which you have subscribed via the Site; (ii) where required to do so by law or court order; (iii) upon the sale of the business (in which case personal data of our customers will be one of the transferred assets); and (iv) to any person to whom disclosure is necessary to enable us to enforce our rights under this privacy promise or under any of our applicable Terms and Conditions.
We will not identify you in any way through the data we collect.
Other than as expressly set out in this privacy promise or as otherwise required or permitted by law, we will not share, sell or distribute any of the information you provide to us without your consent.
You may at any time request access to your personal data by contacting us using the contact details set out below. We reserve the right to ask you for proof of your identity and to charge you a fee of ten pounds sterling (£10) to meet our costs in granting any data access request you make.
The date of the most recent additions will appear on this page. If you do not agree to these changes please refrain from using the website to submit personal information to us.
Complaints will be dealt with quickly and in accordance with the CGA Complaints Policy.
Complaints relating to information being handled may be referred to the Information Commissioner
Cambridge Guardian Angels ltd 8 The Drift Cambridge CB24 3AD is your data controller in relation to any personal data that you provide to us. If you wish to know what information we hold about you or if you have any queries about this privacy promise or subject access requests or our Site practices or your personal dealings with our Site, you can contact our nominated representative for dealing with data protection issues, Julia Evans who can be contacted at firstname.lastname@example.org.