Privacy Policy for Barts Health Education Academy Systems

Effective Date: 1 September 2023

This Privacy Policy outlines how Barts Health Education Academy, (“we”, “our”, or “us”) collects, processes, and safeguards personal data provided through our online training systems. By accessing our platforms, you agree to this Privacy Policy in compliance with the General Data Protection Regulation (GDPR).

  1. Information We Collect

Personal Data: Full names, contact details (email), professional designation (e.g., doctor, nurse), department, site, employee / student number and encrypted national insurance number

Training Data: Courses enrolled in, progress, scores, feedback and attendance data.

Technical Data: Logins, IP addresses, browser type, and device data.

  1. Purpose and Legal Basis for Data Processing

To facilitate, manage, and track training progress and certification (Performance of a contract).

 For administrative purposes and to communicate about training opportunities (Legitimate interest).

 To improve the user experience, functionality, and security of the platform (Legitimate interest).

  1. Data Sharing and Disclosure

Your data will not be sold, rented, or shared with third parties outside of Barts Health without your explicit consent.

Aggregate, non-personal data may be shared with third parties to improve our services.

Data may be disclosed if legally required or if it is essential for legal proceedings.

  1. Data Protection Measures

We employ robust security measures, such as encryption and secure servers, to safeguard your personal data against unauthorized access, alteration, or destruction.

We conduct periodic audits and reviews to ensure effective data protection.

  1. Cookies and Trackers

Our system may utilise cookies and tracking tools to improve user experience. Users have the right to decline cookies through their browser settings.

  1. Data Retention

Personal data is retained only as long as necessary for its intended purpose, in accordance with GDPR guidelines and Trust Record Retention Policy.

  1. Your Rights Under GDPR

Right to Access: You can request a copy of the personal data we hold about you.

Right to Rectification: You can ask us to correct any inaccuracies in your personal data.

Right to Erasure: You can ask us to erase your personal data when no longer necessary.

Right to Restrict Processing: Under certain conditions, you can ask us to restrict the processing of your data.

Right to Data Portability: You can request a transfer of your data to another service provider.

Right to Object: You can object to the processing of your data for reasons related to your unique situation.

Right to Withdraw Consent: If processing is based on your consent, you have the right to withdraw it at any time.

To exercise these rights, contact our Data Protection Officer at bartshealth.infogov@nhs.net

  1. Updates to This Policy

We may revise this Privacy Policy. Any significant changes will be communicated through your registered contact details.

  1. Contact and Complaints

If you have concerns about this Privacy Policy or our data practices, contact:

Email: bartshealth.infogov@nhs.net

If you believe your data rights have been breached, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO).

By using our online training systems, you acknowledge and accept the terms of this Privacy Policy. If you disagree with any aspect, please discontinue use.