Personal Data Collected
PE collects the following pieces of personal information through the web site and the application:
- First name and surname of users
- Email addresses of users
- The company a user works with, and their Department or Business Unit
- Comments contained in interactive correspondence may contain personal information
- Company details which may include personal information of individuals, such as contact details of key staff
- Results of all training modules and exams completed
- Results of any questions answered
- Details on what policies users have viewed on completing training modules
Processing of Personal Data
Due to the nature of the services provided by PE, there is regular and active exchange of personal data between Sytorus and its Users. There are two different types of Users of PE, a Data Protection Officer ("DPO") user and a staff user.
PE processes personal information in the following ways:
- PE may email DPO users in providing the service, for example, in response to a question to a query posted
- PE will store information relating to queries until three months after that query is resolved
- PE will store information on use and completion of online training modules for as long as the company is a subscribed member.
- If the company ceases its subscription the information will be anonymised and/or removed within one year of the termination of its subscription package
- PE processes credit card payments through a third party system. This process complies with the principles of the PCIDSS standard, and PE never stores credit card information at any time
- Information relating to queries and training modules will be aggregated, anonymised and analysed in order to improve the service provided. Sytorus may use aggregated information only in communications such as one-pagers, reports, briefing documents and publications
- Information relating to companies and individuals will never be distributed or shared with any third party except where required to complete the contractual service, for example, processing credit card payments, or where required to do so by law
- Personal Information gathered during the provision of these services will be stored in a secure manner within the European Economic Area (EEA)
- Updating and correcting users’ personal information can be achieved directly through the PE interface
- All individuals have the right to a copy of personal information we hold relating to them. This is achieved through a Subject
- Access Request (SAR). A SAR can be submitted by emailing firstname.lastname@example.org, indicating the scope of personal data required. A valid SAR will require a fee of €6.35 to be paid and requestors may use the SAR form provided on our web-site
- We will respond to all SARs as quickly as possible, but in any event, within 40 calendar days of receipt of the request. We will verify the identity of all requestors prior to commencing the SAR process
A cookie is a small, simple text file which is stored by your web browser (e.g. Google Chrome) on your computer or mobile device. Cookies allow us to tailor your web site experience for you. We may use a cookie file containing information that can identify the computer you are working from.
Visit http://www.aboutcookies.org for a guide on how to control and delete cookies on a wide range of web browsers and operating systems.
Changes to Policy
We reserve the right to change this policy at any time by notifying users of the existence of a revised policy. By continuing to use the Website, you agree to be bound by the amended policy. We will inform you via a notice on the website when a policy is updated.