General Data Protection Regulation (GDPR)
CWE Training Ltd has always taken data protection seriously and has acted responsibly. With the introduction of the GDPR we've been checking our processes and documentation, updating where necessary in order to meet the new requirements of the new European data protection law coming into force today.
You will be aware that CWE Training uses a Certificate Generator and the Tutor Registration System. UKATA is the Data Processor for these systems and the Member is the Data Controller. The Data Processor Agreement outlines the Association’s duty under the GDPR to ensure lawful processing of Personal Data and ensures UKATA and its Members meet their obligation to have an agreement in place between the Data Controller and the Data Processor.
I would also draw your attention to specifically relating to obtaining consent that each individual who has signed up for a training course, accepts that we have the appropriate consent for the use of that individual’s personal data for the purposes of generating Certificates showing the successful completion of a training course.
The GDPR defines consent as “any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her”.
We do share any personal information with any third parties.
If you have any questions or if I am able to offer any advice on this subject please contact me.