Privacy Policy
This privacy policy explains how Brightcore Consultancy (‘we’, ‘our’, ‘us’) collects, uses and shares personal data of people who make enquiries or apply to attend training and events. Your personal data will be processed as set out in this notice. If you have any questions about this notice, or the use of your personal data you can contact us at connect@brightcoreconsultancy.com
Brightcore Consultancy is a Data Controller in terms of Article 4 of the General Data Protection Regulation (EU) 2016/679. We collect and process information about your application and or enquiries (your personal data) in electronic form, during the application process.
The personal data we process and how we use your personal data and the lawful bases
We collect and use your data provided in the ways set out below. We collect the application data relying upon Contract or Legitimate Interest as our lawful bases (Article 6 (1)((b)(f)). Where you agree to it, we may collect email details for marketing purposes, and we do so relying upon your consent (Article 6 (1)(a)).
​
Enquiries:
We collect information about you during an enquiry which includes name, school, role and contact details to enable us to contact you as necessary, and to effectively respond to your enquiry.
​
Training Course / event delegates:
We collect information about you using an online application form, including your name, contact details, role, current school/college, previous courses you have attended relevant to the course you are applying for, and any accessibility requirements you may have in order to access the course you are applying for.
We will also request, collect and analyse learner outcome data from you using online feedback forms so as to gather information that will support and enable the continuous improvement of our courses along with, where necessary, complying with requirements to share delegate feedback with organisations who approve, regulate and quality assure any of our courses (e.g. we will share your feedback from the DSMHL course with the DfE and their quality assurance body, when requested, as part of their quality assurance process).
​
Marketing / Newsletter subscriber:
We collect information about you if you subscribe to our newsletter / marketing information updates which includes name, organisation, role and email address to enable us to contact you as necessary, and to effectively respond to your subscription request.
​
We collect email addresses in order to let you know about upcoming events and courses, special offers and other related news. We do not rent or trade email lists with other organisations and businesses.
​
We use a third-party provider, MailChimp, to deliver our emails. We gather statistics around email opening and clicks to help us monitor and improve our emails. For more information, please see MailChimp’s privacy notice here. You can unsubscribe to general mailings at any time of the day or night by clicking the unsubscribe link at the bottom of any of our emails or by emailing us at connect@brightcoreconsultancy.com
Sharing your personal data with others:
The application information is gathered directly by us and processed in-house. Any Direct Online Payment information is gathered and processed by Eventbrite. A link to their privacy notice can be found here.
Where you successfully complete a training course and become eligible to be added to a professional register (e.g. MHFA England – Mental Health First Aid Training) we will share your details with the relevant body. Where we provide training on that is quality assured or approved by another body (e.g. DfE approved Senior Mental Health Lead Training), As mentioned above, we will share your registration details, along with the data from your feedback forms with them when requested, so that they have a record or can retain a record of all attendees, and conduct all necessary quality assurance checks in accordance with their requirements.
How long your personal data is kept
Training / event applicant:
If you have successfully, or unsuccessfully, attempted to register for one of our trainings or events, the information you have entered will be kept on file for 2 years in case any query should arise from your booking. After 2 years from the training/event date, all registration information will be deleted.
​
Training / event attendee:
If you have attended a training or event with us, your name will be held on record indefinitely so that we can confirm your accreditation and reissue your certificate(s) to you upon request. All other data submitted to us will not be held on file after two years (see above) unless you have opted-in to our training mailings. If you have opted in to training mailings, your name, email address, town, country, and profession will be held on your record until you withdraw consent to be contacted by us.
​
Enquirer:
Your name, contact details, and the nature of your enquiry will be kept on file until the enquiry is closed.
​
Newsletter recipient:
Your personal data will be kept on file until you withdraw consent to be contacted with our newsletter. Should you withdraw consent to be contacted, only your name and training or events that you have attended will be kept on file for certification purposes; any other information we hold on you will be deleted. If you have never attended one of our trainings or events, all of your personal data will be deleted from our file.
​
Your rights and further information
You have rights with regard to your personal data which vary according to the lawful basis for use:
1. The right to be informed, this privacy notice tells you how we will use your data.
2. The right of access – you can ask us for a copy of the data we hold on you, this is called a subject access request and you can send such requests to connect@brightcoreconsultancy.com or call 01746 763288.
3. The right to rectification – you can ask us to correct inaccuracies in your data.
4. The right to erasure – in certain circumstances you can ask us to delete your data.
5. The right to restrict processing – in certain circumstances you can ask us to stop processing your data.
6. The right to data portability – you can ask for an easily transferable copy of your data.
7. The right to object – you can object to our processing of your data, particularly where we rely upon your consent to do so.
8. Rights in relation to automated decision making and profiling – we don’t use these processes in recruitment.
You can read more about data rights on the Information Commissioner’s website (https://ico.org.uk/your-data-matters/ )
Changes to this privacy notice
We review this policy on a regular basis. Policy reviewed 11/11/22. Date of next Review 11/11/23
