We are the data controller for the personal information we hold about you in connection with your participation in training events.
The type of information we use
We currently collect and process the following information:
Training events do not use special category data, such as information relating to your health, ethnicity or religion.
Why we collect and use this information
We use this information so you can join in our training events as an attendee or presenter, and we can keep a register of your attendance. We then reuse recordings of events to train other people. For instance, we publish recordings internally on our learning management system, staff website or Microsoft 365. We also publish externally, through channels such as YouTube or our public website. Following an event, we may contact you again for feedback on how well it met your needs.
Events may be online or in person.
Online events
If you are invited to a training session as an attendee, we will notify you if the event is going to be recorded. If you wish to opt out of the recording, please email derbyshire.learningonline@derbyshire.gov.uk so we can make alternative arrangements.
After receiving notification that the event will be recorded, your decision to click the 'join meeting' button and remain in the meeting is an affirmative act, showing you consent to the processing of your data. The invitation and the log of participants joining the event are our record of that consent.
After the event starts, the presenter(s) will remind you that consent means free choice, so you have the right to withdraw consent at any time, without detriment.
In-person events
These work just like online events except we ask you to complete a consent form rather than clicking a button to join a meeting.
At a recorded event, your image and the words you say are captured in the recording. When attending an online event, you have the option of turning off your camera and microphone, but your name or initials remain visible to other participants and may be seen in the final recording. For instance, if you choose to interact with a question and answer or chat feature, your comments will be published to others at the event and may also form part of the recording.
We will keep your personal data only as long as is necessary for the purpose(s) for which it was collected and in accordance with our records retention schedules. Data will be kept securely and destroyed when no longer required. It will not be processed for any other purpose.
Lawful basis of processing
Consent
We rely on consent when processing your data as an attendee participating in an audio-visual recording.
Contract
We rely on contract when processing data such as an attendance register, showing you have been trained for the role you perform. This lawful basis also covers participation of presenters in audio-visual recordings, which is a necessary part of the work they are contracted to do.
Legitimate interests
Even after your employment contract has come to an end, we have a legitimate interest in keeping records showing that you were trained for your role, as we may need this in defence of legal claims.
Legal obligation
We keep records relating to consent, including withdrawal of consent, so we can demonstrate compliance with data protection legislation. This is a legal requirement.
The employee privacy notice and further information are available.
Keeping your information safe
In order to meet our commitment to protecting your personal data we have data protection policies and procedures in place to ensure that it is safeguarded.
We carry out checks on all third parties we use, and also have contracts in place with them which detail data protection obligations they have to follow.
Sharing your data
We may share your personal data with third-parties, in performing our functions as a local authority. For instance, we share event recordings with our integrated community equipment service provider. When sharing information, we do so in line with data protection legislation and agreed information sharing protocols with our partners.
In order to process your personal data, we may use third party software providers such as Microsoft. We carry out checks on all data processors we use, and also have contracts in place with them which detail data protection obligations they have to follow.
The Accounts and Audit Regulations 2015 require us to have an internal audit service to evaluate the effectiveness of its risk management, control and governance processes. To enable this, our internal audit team require access to documents, records and personal data belonging to us, our contractors, or suppliers, to do their work. Further details on the role of our internal audit team can be found within the internal audit charter.
Requesting access to your personal data
You have the following rights, subject to lawful exemptions, to:
- access copies of any records we hold about you
- have any information we hold about you corrected
- have any information we hold about you erased
- restrict how information we hold about you can be used or shared
- object to information about you being held
You can find further information on your rights, and how to make requests under those rights.
For more detailed advice on your rights visit the Information Commissioner's Office.
If you have any concerns
If you have any concerns or are unhappy with our use of your personal data, please let us know:
If you are dissatisfied with our response you can contact the Information Commissioner's Office:
- write to:
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
- telephone: 0303 123 1113 (local rate) or telephone: 01625 545 745 if you prefer to use a national rate number
- fax: 01625 524 510