Here at A2B Assessments, we feel it is important that we only use your personal data in a manner that is fair and transparent. With this in mind, we have outlined below how we will use and process any of your personal data that we acquire.
What is your personal data?
Personal data is any information relating to you which allows us to identify you. This includes information such as; your name, contact details, customer reference number, details and information about your disability or condition.
We collect personal data from you when you book an appointment with us, either; over the phone, by post, by email or through our website.
We are obliged to keep information we hold about you, accurate and up-to-date. It is important that you keep us updated of any changes in your personal information.
Specifically, we will take the following information form you:
- Your name
- Contact number
- Email address
- Date of birth
- University information
- Disability or condition
- Medical records or evidence relating to your disability or condition
This personal data, including sensitive personal data, is necessary for us to conduct a needs assessment for you and subsequently create a needs assessment report which is then sent to your funding body for approval.
What do we use your personal data for?
As a DSA-QAG registered needs assessment centre, our lawful basis for processing your personal data is that we have a legitimate interest in submitting your needs assessment report to your funding body. Your personal data will be processed, as is necessary to:
- Produce a needs assessment report, the provision of a service that you have requested as part of your application for DSA support.
- Contact you, via either; email, phone or post. We will send you communications relating to your DSA support. For example: updates and changes to your DSA support. These communications are not made for marketing purposes and cannot be opted-out of.
Some of the information required is ‘special category data’, for example: Information relating to a disability, medical condition, medical records etc, We will ask for consent to process this sensitive data at the time of making a booking enquiry.
Who do we share your data with?
- We send your needs assessment report (which contains some of your personal data) to your funding body.
- We will only share your identifiable data with a third party if you have given consent for this to be done.
- Some of your personal data is anonymised so that we can obtain quotes for additional support. For example: A taxi allowance may be necessary for your travel to and from study locations. We anonymise your data to obtain a quote for this.
Who are the third parties we might contact or share your data with?
Trusted third parties include:
- Your University or Higher Education Institution
- DSA-QAG (Disabled Students Allowance – Quality Assurance Group)
- A registered non medical help provider (an equipment supplier or specialist one to one support provider).
- Cloud based services. For further information please see the section below titled “Transfering your data”.
- Contractors employed or working on behalf of A2B Assessments
- Person(s) with significant influence or control of A2B Assessments
- Security/Reception staff at the assessment centre you are attending, in order to allow access to the assessment building.
How long do we keep your data?
We will keep your data for no longer than is necessary for the purposes for which the personal data is processed and for no longer than we are legally required to do so. We constantly review whether the data we hold is relevant or necessary.
Currently we are required by our regulators to keep your data for a minimum of 6 years from the date of the assessment or last review.
We will ask for your consent to share your personal data with relevant trusted third parties. These consent requests will be in the form of easy to follow, clear questions and are opt in.
If you give us consent, we may share the following:
- Your name
- University or Higher Education Institution
- Your disability or condition
- Your contact details
You can opt in or out of this consent at any time. If you change your mind, please email us ([email protected]) to let us know.
What are your Data Protection Rights?
Under the Data Protection legislation, you have the following rights with regards to your personal information:
To be informed – We will keep you up to date with your DSA support as you go through the process.
To access personal data – On request we will give you access to your data.
To request correction – This enables you to have any incomplete or inaccurate information we hold about you corrected.
To erasure* – This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it.
To restrict processing – You can ask us to suspend the processing of personal data about you. For example: if you want us to establish the accuracy of the personal data we have or the reason for processing it.
To data portability – This enables you to take your personal data from us in an electronically useable format and to be able to transfer your personal data to another party in an electronically useable format.
To object – If there is something about your particular situation which makes you want to object to us processing your personal data.
To not be subject to automated decision-making including profiling**
*we may deny this if we feel it is still necessary in relation to the purposes for which the data was collected or otherwise processed.
**This is not something we do.
If you wish to discuss any of the above, please contact us on [email protected]
How secure is your data?
We follow strict security procedures in the storage and disclosure of your personal data and to protect it against accidental loss, destruction or damage. The data you provide to us is protected using both SSL (Secure Socket Layer) technology and 2 factor verification.
SSL is the industry standard method of encrypting personal information so that it can be securely transferred over the Internet.
2 factor verification provides an extra layer of security, in order for personal data to be accessible. 2 factor verification provides protection of personal data storage with both a password and a security key. Security keys generate codes every 30 seconds (for added security), which can only be used once.
All persons working for and on behalf of A2B Assessments are required to access your data using only these procedures.
In the unlikely event of a personal data breach, A2B Assessments will assess the likelihood and severity of any risk to your rights and freedoms. Once this assessment is complete, if it is likely there will be a risk, we will notify both yourself and the ICO. This is in keeping with ICO guidelines.
Transferring your data
When transfering your data, we will always ensure that access is password protected and where available, use a secure portal.
As part of our administrative structure, A2B Assessments use cloud based storage, making use of the security advantages associated with this method. Due to the nature of cloud based storage, the servers storing information may be physically located outside of the EU/EEA. By submitting your booking request you are consenting to A2B Assessments transferring, storing and processing your data in this manner.
A2B Assessments Ltd (Registered Company Number 9965981),
167 Eagle House,
020 3301 0236