• 1. What information do we hold about you?

    Information we collect from you

    • 1.1. The College records all accidents and incidents including near misses through its incident reporting system. This includes the date, time, nature of the incident including any injury or work-related ill health arising from the incident. Individuals involved in the incident are named including any witnesses, managers or other members of staff or students.

  • 2. Why do we collect this information?

    • 2.1. We collect information in order to enable us to fulfil our legal obligations in relation to the following legislation:

      • Health and Safety at Work Act 1974

      • Management of Health and Safety at Work Regulations 1999

      • Workplace (Health, Safety and Welfare) Regulations 1992

      • The Health and Safety (Display Screen Equipment) Regulations 1992

      • The Manual Handling Operations Regulations 1992 amended 2002

      • The Regulatory Reform (Fire Safety) Order 2005

      • RIDDOR (Reporting of Injuries, Diseases and Dangerous Occurrences Regulations 1995)

      • The Personal Protective Equipment at Work Regulations 1992

      • COSHH (Control of Substances Hazardous to Health) 2002

      • The Provision and Use of Work Equipment Regulations 1998 (PUWER)

      • The Working Time Regulations 1998.

  • 3. Who might we share your information with?

    • 3.1. We will keep this information about you confidential but in some instances, we may need to share your data with the Health and Safety Executive (HSE). We may also be asked to share data with other third parties where there is a lawful reason for their request such as the police, social services, legal firms acting on your, or the College’s behalf, insurance companies acting on your, or the College’s behalf, HMRC, or other government agencies.

    • 3.2. We may also need to share the information with government funding and other agencies or regulatory bodies (the Education and Skills Funding Agency, the Office for Students) in order to comply with our legal duties. and with host employers in the case of work experience/placements. For students aged under 19, we will share information with your parents/carers unless you ask us not to. For apprentices of all ages, we may need to share information with your employers.

    • 3.3. We will not share your details with any other third party including commercial companies without your consent to do so.

  • 4. What we do with your information?

    • 4.1. We use this information to record, investigate and prevent accidents and other incidents.

    • 4.2. As aggregated data it will be used to track and monitor the number of incidents and accidents that occur within the College.

      Transfer of your personal data outside of the European Economic Area (EEA)

    • 4.3. We do not transfer your personal data outside the EEA.

  • 5. How do we protect your data?

    • 5.1. We take the security of your data seriously and have internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed inappropriately. Information is stored on College systems with access to the system limited to only those members of staff who need it.

    • 5.2. Where we engage third parties to process personal data on our behalf, we do so on the basis of written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of data.

  • 6. How long do we keep this information about you?

    • 6.1. We keep information in accordance with our document retention policy. Retention periods are in line with the length of time we need to keep your personal information in order to manage and administer your education and training and handle any future information issues. They also take into account our need to meet any legal, statutory and regulatory obligations.

  • 7. How can I access the information you hold about me?

    Subject access requests

    • 7.1. The Data Protection Act 2018 grants you the right to access particular personal data that we hold about you. This is referred to as a subject access request. We will respond within one month from the point of receiving the request and all necessary information from you. Our formal response will include details of the personal data we hold about you, including the following:

      • Sources from which we acquired the information

      • The purposes for processing the information, and

      • Persons or entities with whom we are sharing the information.

    • 7.2. You can make a subject access request by completing the request form or by emailing it to dpo@leicestercollege.ac.uk.

  • 8. What are my rights?

    Subject access requests

    • 8.1. The Data Protection Act 2018 grants you the right to access particular personal data that we hold about you. (See above)

      Right to rectification

    • 8.2. You have the right to obtain from us, without undue delay, the rectification of inaccurate personal data we hold concerning you. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

      Right to erasure

    • 8.3. You have the right to obtain from us the erasure of personal data concerning you without undue delay.

      Right to restriction of processing

    • 8.4. Subject to exemptions, you have the right to obtain from us restriction of processing where one of the following applies:

      • The accuracy of the personal data is contested by you and is restricted until the accuracy of the data has been verified;

      • The processing is unlawful and you oppose the erasure of the personal data and instead request the restriction in its use;

      • We no longer need the personal data for the purposes of processing, but it is required by you for the establishment, exercise or defence of legal claims;

      • You have objected to processing of your personal data pending the verification of whether there are legitimate grounds for us to override these objections.

        Notification obligation regarding rectification or erasure of personal data or restriction of processing

    • 8.5. We shall communicate any rectification or erasure of personal data or restriction of processing as described above to each recipient to whom the personal data has been disclosed, unless this proves impossible or involves disproportionate effort. We shall provide you with information about those recipients if you request it.

      Right to data portability

    • 8.6. You have the right to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit this data to another controller, without hindrance from us.

      Right to object

    • 8.7. You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you, including any personal profiling; unless this relates to processing that is necessary for the performance of a task carried out in the public interest or an exercise of official authority vested in us. We shall no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing, which override the interests, rights and freedoms of you or for the establishment exercise or defence of legal claims.

      Right to not be subject to decisions based solely on automated processing

    • 8.8. We do not carry out any automated processing leading to an automated decision based on your personal data.

      Accuracy of information

    • 8.9. In order to provide the highest level of customer service possible, we need to keep accurate personal data about you. We take reasonable steps to ensure that accuracy of any personal data or sensitive information we obtain. We ensure that the source of any personal data or sensitive information is clear and we carefully consider any challenges to the accuracy of the information. We also consider when it is necessary to update the information, such as name or address changes and you can help us by informing us of these changes when they occur.

    • 9. Whow can I contact if I have any questions or concerns?

      • 9.1. If you have any questions or queries which are not answered by this Privacy Notice, or have any potential concerns about how we may use the personal data we hold, please write to the Data Protection Officer at Leicester College, Freemen’s Park Campus, Welford Road, Leicester, LE2 7LW or email dpo@leicestercollege.ac.uk.

      • 9.2. If your complaint is not resolved to your satisfaction and you wish to make a formal complaint to the Information Commissioner’s Office (ICO), you can contact them on 01625 545745 or 0303 123 1113. You also have the right to judicial remedy against a legally binding decision of the ICO where you consider that your rights under this regulation have been infringed as a result of the processing of your personal data. You have the right to appoint a third party to lodge the complaint on your behalf and exercise your right to seek compensation

    • 10. Privacy notice changes

      • 10.1. This Privacy Notice is regularly reviewed. This is to make sure that we continue to meet the highest standards and to protect your privacy. We reserve the right at all times, to update, modify or amend this Notice. We suggest that you review this Privacy Notice from time to time to ensure you are aware of any changes we may have made, however, we will not significantly change how we use information you have already given to us without your prior agreement. The latest version of this Notice can be found on the College’s website.

Updated August 2023