Privacy Policy

Links below to external sites will open in a new window

PIABC Ltd is committed to respecting and protecting your personal data and privacy. The purpose of this Privacy Policy is to explain how and why we process personal data about people who apply for our qualifications, who we share it with and what your rights are under the General Data Protection Regulation (GDPR).

We will keep this Privacy Policy under regular review and may update it from time to time. We would encourage you to visit this page regularly to keep informed about the purposes for which we process your information. This Policy is effective from 25 May 2018.

Who are we?
PIABC Ltd is a specialist awarding body with a suite of regulated and nationally recognised qualifications in the materials cycle, Registered Company no. 10371273. PIABC is a wholly owned subsidiary of the Institute of Materials, Minerals and Mining (IOM3). IOM3 is a registered professional engineering institution in the UK and a Registered Charity No 269275, with registered address is 297 Euston Road, London NW1 3AD.

PIABC is a Data Controller in respect of the personal information that we process in relation to candidates who apply for our qualifications. In this policy, references to “we” “us” or “our” are references to PIABC.

PIABC Limited provides access to qualifications and examination services via our Recognised Centres. We are regulated to do this by Ofqual, SQA Accreditation and CCEA Regulation. PIABC Limited is committed to protecting the privacy and confidentiality of information provided and that we use to award our qualifications. We uphold the relevant data protection principles and process all personal data in accordance with the GDPR. Our policy is not to disclose or share personal information to any third parties unless we are required to do so by law or consent has been given for disclosure.

This policy provides information on the rights of individuals and our obligations regarding privacy of the data we hold. This policy determines how PIABC Limited collects and uses personal information that is supplied to us by individuals and organisations.

Collection of Information
PIABC Limited collects only personal information where we have a Legitimate Interest, a Statutory Requirement or a Contractual Obligation. The prime purpose is to register individuals on their Qualification(s). We regard this information as confidential and will treat this information with due care with regard to the GDPR.

The data PIABC Limited collects includes but is not limited to; name, date of birth, home address, business address, gender and ethnicity. PIABC Limited uses the data we collect only for the legitimate interest purpose of awarding qualifications; this will include communicating with Centres about queries, developing/improving the qualifications, complaints, our service and providing information by newsletters or emails. We will not send marketing or sales information related to other organisations.

Sending Personal Data to PIABC Limited
Personal data is sent to PIABC Limited for the registration of learners. This data can only be sent by an Approved Centre that is contracted to PIABC Limited. The data is submitted electronically to a dedicated email address (piabc@iom3.org). Access to these emails is restricted to employees approved by the Data Controller.

PIABC Limited Website
Our website uses cookies to monitor user website activity and to provide registered user services such as access to restricted content. You can choose to turn off cookies via your web browser, but by doing this you may limit your access to certain services on the website. Useful information on cookies and how to manage them can be found at:  www.allaboutcookies.org/manage-cookies

The following cookies are used on our site:
__utma, __utmb, __utmc, __utmz, _ga, _gat - Third-Party: Google Analytics

When you visit the website, Google Analytics may be used to collect standard internet log information and details of behaviour patterns. The website may record your IP address for statistical purposes and to monitor trends in website use.

Data Protection

Disclosure of Personal Data
PIABC Limited does not share personal data other than for the purposes specified in this Policy. Learners or Centres will not be contacted by PIABC Limited or any associated organisation for marketing purposes.

The information provided will be processed in accordance with Data Protection Principles as set out in the GDPR. The information provided will be treated as ‘confidential’ and not be used for any other purpose than stated in this Policy.

All Centres are contracted to PIABC Limited and we will communicate to fulfil our obligations. This will include providing information about our qualifications, administrative support and audit of performance.

As part of our Legitimate Interest we will provide newsletters, updates on our services and qualifications.

If we are required by law we may process or disclose personal data, this will be with law enforcement authorities or government regulators.

PIABC Limited share candidate data with RM Education, the Data Processor on behalf of the Department of Education (DfE). This data sharing is in the public interest and is necessary for the DfE to perform its legal obligation. PIABC Limited has a data sharing memorandum of understanding with the DfE.

Achievement data of learners is shared by PIABC Limited with the Education and Skills Funding Agency (an executive agency of the DfE) through the Learner Records Service. The Learning Records Service (LRS) stores learner participation and accredited achievement data supplied directly from awarding organisations. This information is known as the Personal Learning Record (PLR).  Learners are able to get a copy of their PLR. PIABC Limited has an LRS Awarding Body Agreement in place with the Education and Skills Funding Agency.

PIABC Limited needs to share some personal data to contractors (external quality assurers) to fulfil our Contractual Obligations and Legitimate Interest for awarding qualifications. We limit the personal data to those with a legitimate need to hold the information. There are contracts in place with all external quality assurers to ensure the data is treated in strict confidence in accordance with this policy.

PIABC Limited will make reasonable arrangements to keep the personal data secure. This will include only sending to dedicated, secure email addresses and restricting the data sent to only that required to fulfil the Legitimate Purpose.

Retention of Data
PIABC Limited only retains personal data for as long as necessary for the purpose of awarding qualifications.

For any individual that is issued with a Certificate (Full or Unit) using their personal data, our policy is to retain the information indefinitely. This is primarily in the interest of the learner, should the learner require a replacement certificate, confirmation of achievement or in the case of any dispute. We can also validate any request for confirmation of certification.

Your rights
Under the General Data Protection Regulation you have the right to access, update, erase, change or correct your personal information.

You can also:
•    Withdraw your consent for our use of your information, where our processing is based on your consent
•    Restrict and/or object to the use of your personal information

Full explanations of your rights are available on the ICO website at https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

You have the right to request a copy of the information we hold about you. Please contact us at the address given at the end of this notice.

Please note that in some cases, if you do not agree to the way we process your information or wish to have it deleted, it may not be possible for us to continue to provide services to you, confirm achievement or provide replacement certificates for qualifications.

Please contact us if you have any questions about how we use your information. If you are unhappy with how we have handled your information you should let us know so that we can investigate your complaint or you can contact the Information Commissioner’s Office at www.ico.org.uk.

Security
PIABC Limited use organisational, administrative, technical and physical security measures to safeguard your personal information and help ensure that it is processed promptly, accurately and completely. We require Service Providers who act as Data Processors on our behalf to safeguard your personal information and only use it for the purposes we specify.

Action in the event of a Data Breach
PIABC Limited takes all reasonable steps to protect personal data. There is a duty with in GDPR to notify the ICO of all data breaches that are likely to result in a high risk of an adverse effect to an individual or individuals. We shall inform the ICO and the individuals, as appropriate, regarding the details of any breach.

Contact us
If you have any questions regarding this policy or PIABC Limited’s data protection practices, you can email piabc@iom3.org or write to Louise Morgan, Responsible Officer, PIABC Limited, The Boilerhouse, Caunt Road, Grantham, Lincolnshire, NG31 7FZ, Email louise.morgan@iom3.org.

This Privacy Policy was last updated on: 04 June 2018