Privacy & Data Protection Policy
KSL Training is a trading name of KSL Consulting Ltd, UK company registration number 05390546.
Use of data
We use any personal data we collect for lawful business purposes only. For example, we use data we collect from website contact forms just to respond to enquiries, provide quotes, prepare proposals and arrange new assignments.
Data storage & security
KSL utilise Dropbox For Business, Microsoft SharePoint and OneDrive under Office 365 for file management and data storage, which are all highly secure and GDPR compliant.
Personal data collected through KSL’s business activities resides securely on these Cloud-based storage entities for a reasonable time period only, before being deleted.
Microsoft OneDrive is compliant with ISO 27001, an industry standard that pretty much defines the policies of most tech and IT departments. The platform encrypts the data from client to server via SSL and data at rest is encrypted using AES 256-bit encryption keys.
Dropbox’s security practices also adhere to the most widely accepted security and privacy standards in the world. These include ISO 27001/2, ISO27018/17 and SOC 2.
In addition, within the KSL office, all our computers have firewalls, up to date virus, malware and ransomware protection and the latest Microsoft operating system security updates. Critical IT infrastructure at KSL Training is managed by a team of professional IT consultants at Ion Systems Ltd.
KSL Training adhere to the ‘data protection principles’ of the Data Protection Act 2018, whereby data is:
- used fairly, lawfully and transparently
- used for specified, explicit purposes
- used in a way that is adequate, relevant and limited to only what is necessary
- accurate and, where necessary, kept up to date
- kept for no longer than is necessary
- handled in a way that ensures appropriate security, including protection against unlawful or unauthorised processing, access, loss, destruction or damage
KSL Training abides by the following Data Protection practices:-
- we do not use personal data for direct marketing purposes without receiving express prior consent to do so.
- we do not share or sell personal data to third parties. Exceptions to this include the sharing of some personal data with our trusted trainers. In addition, certain projects necessitate the sharing of personal data with our printing and logistics company and (in the case of psychometric testing) the test providers.
- KSL collect personal data solely for our specified and lawful purpose or purposes. We do not further process data in any manner incompatible with that purpose or purposes.
- we do not keep personal data for longer than we deem reasonably necessary for the intended business purpose.
- KSL process personal data in accordance with the rights of data subjects under the Data Protection Act 2018.
In addition, in accordance with The Data Protection Act 2018, we respect your right to:
- be informed about how your data is being used
- access personal data
- have incorrect data updated
- have data erased
- stop or restrict the processing of your data
- data portability (allowing you to get and reuse your data for different services)
- object to how your data is processed in certain circumstances
Psychometric testing and assessment services
As part of our psychometric testing and assessment services, we receive the personal data of candidates. This includes candidate name, telephone number and email address/es.
We do not use candidate personal data for marketing purposes, nor share it with any third party companies (other than the test provider for the purposes of setting up the psychometric test/s or assessment/s). We store candidate data in accordance with “Data storage & security” (above).