The following notice explains Venture Scotland’s approach to protecting the personal data we hold. This includes:
Venture Scotland pledges to handle personal information in accordance with data protection legislation and best data protection practices. This means that your personal information will be:
1.Processed lawfully, fairly, and in a transparent manner.
2.Collected for specified, explicit and legitimate purposes.
3.Only collected so far as required for our lawful purposes.
4.As accurate and up to date as possible.
5.Retained for a reasonable period of time, in accordance with retention policies.
6.Processed in a manner which ensures an appropriate level of security.
To exercise any of these rights please email us at firstname.lastname@example.org
Information Commissioner’s Office
Telephone – 0303 123 1113 (local rate) or 01625 545 745
Venture Scotland is registered as a Data Controller
We are registered as a data controller with the (ICO), registration number Z719326X. The register provides details of the purposes for which personal information may be used; types of data subjects about whom personal information may be held or processed; types of personal information that may be processed; bodies to whom the Venture Scotland may disclose information; and information about transfers of personal information.
Personal data held by Venture Scotland
Venture Scotland stores data on:
We will only request and store information for which there is a genuine business or legal need. We will not use or disclose it for any purpose other than that for which it was requested and provided. We will always make it clear why we are requesting or processing personal data.
There are two categories of information that we might need:
How do we collect your information?
The main ways that we gather personal data are:
Why do we keep information about you?
We hold and process information about you in order to:
When you provide us your personal data we will hold it in order to provide you with the serviceor information that you specified to us.
Young people on our programme
If you are enrolling on a Venture Scotland activity or course, we ask you to input your own information on our secure “Mychanges” database. This includes sensitive personal data such as medical information, which is essential to make sure we support you so that you stay safe when taking part in our activities.
We also encourage you to input other sensitive personal data, such as drug use, recent offending history, housing status, well-being and lifestyle. This information allows you to set personal targets and to let you see if you are making progress. We do count the number of young people who have made positive changes in all of the sensitive areas (drugs, health, offending, etc.) but we do not keep anything that can be identified to you personally.
All of the information you provide during the process will only be used for the purpose of progressing your application, or to fulfil legal or regulatory requirements if necessary.
We will ask you for some personal information including name and contact details. We will also ask you about your previous experience, education, referees and for answers to questions relevant to the role you have applied for. Our recruitment team will have access to all of this information.
We hold medical information so that we can support you so that you stay safe on our activities. We also hold information on what you want to volunteer for, what you hope to achieve, your capabilities and qualifications to help us match you to opportunities.
Keeping you informed
We regularly produce an online newsletter, if you receive this it is because you asked to. If you want to receive the newsletter, or if you no longer want to receive the newsletter please email us at email@example.com
Sharing your information
We only share personal information when there is a legitimate interest to do so. For example, we may need to speak with referral agencies, funding bodies or qualifications authorities. All of these agencies are obliged to keep your information secure, and to use the information only to fulfil specific and agreed purposes.
Protecting your information
Venture Scotland has appropriate security measures in place for the protection of your personal information, including secure measures for its disposal to prevent the loss, misuse, alteration, unauthorised access and theft of personal information.
Staff are trained in GDPR guidelines and have an understanding of your rights. They are aware of our security standards and measures and the importance of adhering to them in relation to your personal information. Only those staff members who are authorised to access your information, and/or are required to do so as part of their regular duties, will have access to it. Volunteers on activities will have access to medical records. They will have received GDPR training.
Personal data will be stored only for as long as there is a genuine business need. The exact period of time depends on the type of information and the statutory provisions affecting our activity and will be set out in our retention policy.
We regularly produce an online newsletter, create leaflets to let others know about us and we routinely post on social media, such as Facebook. We will always ask you before we use your personal data or photographs for these purposes.
We use a third party provider, Mailchimp, to deliver our newsletters and promotion emails. We gather statistics around email opening and clicks using industry standard technologies including clear gifs to help us monitor and improve our newsletter.
Visitors to our website
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration. This is statistical data about your browsing actions and patterns.
Cookies (also called web cookie, Internet cookie, browser cookie, or simply cookie) is a small piece of data sent from a website and stored on the user’s computer by the user’s web browser while the user is browsing. Cookies were designed to be a reliable mechanism for websites to remember stateful information (such as items added in the shopping cart in an online store) or to record the user’s browsing activity (including clicking particular buttons, logging in, or recording which pages were visited in the past). They can also be used to remember pieces of information that the user previously entered into form fields such as names, addresses, passwords, and credit card numbers.
This privacy notice does not cover any links within tour site linking to other websites. We encourage you to read the privacy statements on the other websites you visit. The website may, from time to time, contain links to and from the websites of our partner networks and others. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Data security by email
If you are sending personal information to us via the internet, please be aware that the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of data transmitted to us via email if you are not using an encrypted mail system.
Any transmission is at your own risk. Once we have received your information, we will only process it in strict accordance with the GDPR guidelines and the principles set out above.
Data protection policy updates
Any changes we make to our policy will be put on our website. We encourage you to check for updates from time to time, so you are always fully aware of what information is collected and how it is used.