GDPR - JCQ Data Privacy Policy - May 2018

JCQ Data Privacy Policy

This policy explains how the Joint Council for QualificationsCIC (JCQ) uses personal information in performing its functions. It also describes how long we keep that information for and the limited circumstances in which we might disclose it to third parties.

Personal details we hold

JCQ holds two types of personal information:

  1. Customer provided information: any personal information sent in to JCQ through correspondence such as contact details, age, gender, details about personal circumstances relevant to the examination process.

 

  1. Customer contact records: records of calls, emails and postal interactions with our website and office and the JCQ Centre Inspection Service, Access Arrangements Online and the National Centre Number Register are maintained for audit, training and service improvement purposes.  Further information on these services is held on our website.

Length of time information will be held

In order to comply with the General Data Protection Regulation, your details will only be kept for the shortest time required. This will vary according to the type of data being held.

How to access your personal data

If you wish to see full details of the information JCQ  holds in connection with you, you will need to make a subject access request under the General Data Protection Regulation. To initiate a subject access request, email info@jcq.org.uk.

Keeping your details secure

JCQ has a contract with a third party (Cloud Direct) to back up personal information securely, protected by the latest encryption and firewall technology. These systems are regularly audited and tested to ensure your data is safe.

Your data will not be sent overseas.

Sharing personal information

Occasionally, personal information held by JCQ may be requested by and disclosed to:

  • Ofqual, Qualifications Wales and CCEA Accreditation
  • Department for Education
  • Awarding Organisations which are JCQ members

Personal data may be shared with these organisations when a valid reason to obtain the data under the General Data Protection Regulation and other data protection legislation is provided. Such requests are dealt with on a strictly case-by-case basis.

 

Privacy Notice

JCQ has fully committed to adherence of the General Data Protection Regulation (GDPR) which came into force on 25 May 2018. In relation to our collection and processing of personal data, please see the below information.

Collection and Processing of Data

You can contact JCQ at: info@jcq.org.uk

Any collected data will be stored within secure electronic records management systems, with the system being dependent on the nature of information.

Personal data will be stored for the shortest time necessary.

Under the GDPR you have the following rights to request information from us:

  • Right of access to the data (Subject Access Request)
  • Right for the rectification of errors
  • Right to erasure of personal data (please note, this is not an absolute right)
  • Right to restrict of processing or to object to processing
  • The right to portability.

You have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

You have the right to lodge a complaint with a supervisory authority (in the UK that is the Information Commissioner’s Office).

If we are to process the personal data we hold for a purpose other than that for which it was originally collected, then we will provide you with information on what that other purpose is prior to that further processing taking place. The extra information will include any relevant further information as referred to above including the right to object to that further processing.