Lantra gathers and processes your personal information in accordance with this privacy notice and in compliance with the relevant UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018. This notice provides you with the necessary information regarding your rights and our obligations, and explains how, why and when we process your personal data.
Lantra is a registered charity and is committed to its charitable objects, which are…
…to advance the education of the public and carry out educational research…
This will be achieved through delivery of high quality training, assessment and qualifications (by the Awarding Organisation), and by undertaking other work that meets the charitable objects, where funding is available.
Lantra’s registered office is at Lantra House, Stoneleigh Park, Coventry, Warwickshire CV8 2LG and we are a company registered in England and Wales under company number 2823181.
Our Charity registration number is 1022991 and in Scotland SC039039
We are registered on the Information Commissioner's Office Register; registration number Z5878437. Sandie Absalom is Lantra’s Data Protection Officer, who can be contacted at 02476 696996
Lantra processes your personal information to meet our legal, statutory and contractual obligations and to provide you with our products and services. We will never request any unnecessary personal data from you and will not process your information in any way, other than as specified in this notice.
All data collected will be for legitimate business interest.
The fullest extent of personal data we will collect from you is:
- Date of Birth
- Home Address
- Personal Email
- Business Email
- Home Telephone Number
- Mobile Telephone Number
- Driver’s License Number
- Photographs (for the purpose of issuing skills cards or validating your identity)
- CV and supporting competence evidence.
- Video evidence relating to assessment activity.
If you are under the age of 13, please do not provide Lantra with any personal data. If you are under the age of 16, please ensure you have your parent/guardian’s permission before you provide any personal information to Lantra.
Lantra takes your privacy very seriously and will only share your information with third parties where there is a legitimate business interest.
If you engage with Lantra as a user of our website, your data will not be shared with any third party.
If you are a learner on a Lantra course with a Training Provider, a Lantra Training Provider, Instructor, External Quality Assurer (EQA) or Assessor then we may need to share your data with Training Providers, EQA’s, Technical Verifiers (TV’s), and bulk mailing organisations.
If you participate in our online proctored assessments, we share your data with our software suppliers, Proctor Exam and Coelrind, and our internal quality assurance teams and external suppliers of quality assurance services.
If you participate in a project funded by a third party then we may share your data with the funder and bulk mailing organisations.
We will never disclose, share or sell your data without your consent; unless required to do so by law. We only retain your data for as long as is necessary and for the purpose(s) specified in this notice and other guidance provided by Lantra. Where you have consented to us providing you with promotional offers and marketing, you are free to withdraw this consent at any time.
To withdraw consent please contact Sandie Absalom Data Protection Officer, telephone 02476 696996.
The purposes and reasons for processing your personal data are detailed below:
- We collect your personal data in the performance of a contract or to provide a service and to ensure that orders are completed, quality assured and validated and can be sent out to your preferred address
- We will process your personal data as part of verifying your identity for particular certification processes or skills cards
- As part of our contractual terms and conditions approved training providers, EQA’s and TV’s will receive regular updates regarding Lantra products and services and items of interest pertinent to our industry. Such information will be non-intrusive.
- You have the right to be informed of any information Lantra processes and why we are processing this information. You have the right to access any personal information that Lantra holds about you
- You have the right to rectification. If you believe that we hold any incomplete or inaccurate data about you, you have the right to ask us to correct and/or complete the information and we will strive to do so within 20 working days; unless there is a valid reason for not doing so, at which point you will be notified. Lantra will also advise any third parties holding your data to update as notified
- You have the right to have data erased, however in doing so Lantra may not be able to continue to provide the expected service delivery, at your request data will be erased within 20 working days.
- You have the right to restrict processing of your personal data when:
- the accuracy of the data is contested (for a period of time to enable the controller to verify the accuracy)
- the processing is unlawful and you object to the erasure of the data and request restrictions of its use instead
- You object to processing based on the grounds of legitimate business interests
- Where Lantra as the controller no longer requires the data but you do to exercise or defend a legal claim.
If you exercise this right it may mean that Lantra will not be able to continue to provide the expected service delivery.
- You have the right to data portability allowing you to obtain and reuse your personal data for your own purpose across different services. It allows you to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability.
- You have the right to object to:
- direct Marketing which is absolute, you do not need to demonstrate grounds for your objection, there are no exceptions which will allow processing to continue
- processing based on legitimate interests or performance of a task in the public interest/ exercise of official authority
- processing for research or statistical purposes.
If we receive a request from you to exercise any of the above rights, we may ask you to verify your identity before acting on the request; this is to ensure that your data is protected and kept secure.
Lantra will always advise:
- why we require your data
- with whom your personal data may be shared
- how long we intend to hold your data for and means of storage and disposal
- If we did not collect the data directly from you, information concerning the source.
Automated decision making may be applied in the form of electronic marking of test papers where learners undertake a multiple-choice exam to achieve a formal outcome of their training.
For the purpose of recruitment or training of Lantra staff, profiling may occasionally be used. The administration of any profiling exercise will be in agreement with the individual and results made available to concerned parties. Lantra do not undertake profiling with Learners.
We do not share or disclose any of your personal information without your consent, other than for the purposes specified in this notice or where there is a legal requirement. Lantra uses dotmailer.com to provide the services below. However, all processors acting on our behalf only process your data in accordance with instructions from us and comply fully with this privacy notice, the data protection laws and any other appropriate confidentiality and security measures.
Lantra uses Dotmailer for bulk e-mail delivery services. They act as a processor on our behalf. The only information we provided them with is your e-mail address.
For more information about Dotmailer, please read their privacy notice here.
Lantra takes every reasonable measure and precaution to protect and secure your personal data. We work hard to protect you and your information from unauthorised access, alteration, disclosure or destruction and have several layers of security measures in place, including:
SSL/TLS for email encryption and SSL for website encryption
Full live network protection through our firewall
Network level protection between the secured and unsecured networks with centralised user authentication on our wireless network
Full antivirus scanning across all systems.
Personal data in the European Union is protected by the General Data Protection Regulation (GDPR) but some other countries may not necessarily have the same high standard of protection for your personal data.
Lantra transfers personal data outside of the EU for the below purposes:
- Email addresses to providers or organisations Lantra contracts with for legitimate business objectives to further our charitable objectives.
Where we transfer personal information for the above reasons, we utilise the aforementioned safeguarding measures and mechanisms to ensure that your personal data is always safe and secure.
Lantra only ever retains personal information for as long as is necessary and we have strict review and retention policies in place to meet these obligations. Our policy is to keep your personal data for a minimum of 6 years after which time it will be destroyed. However, should you have been issued a Lantra certificate or card Lantra’s policy is to keep your information indefinitely. You can request to have your data destroyed once you have received your certificate but in doing so Lantra will not be able to provide confirmation of achievement or re-issue lost certificates.
For video evidence obtained to validate assessment activities we only keep this for the period required to undertake the relevant quality assurance activities. This time varies but is normally no longer than 3 months. Once the quality assurance activity is complete all video records are permanently deleted.
Lantra maintains a Training Provider membership scheme, an Instructor membership scheme and a Learner membership scheme and we provide regular emails to let you know about information relevant to these schemes.
We will only send you marketing emails if you have provided consent to receive such e-mails. Where you have consented to us using your details for direct marketing, we will keep such data until you notify us otherwise and/or withdraw your consent.
Lantra only processes your personal information in compliance with this privacy notice and in accordance with the relevant data protection laws. If, however you wish to raise a complaint regarding the processing of your personal data or are unsatisfied with how we have handled your information, you have the right to make a complaint with the supervisory authority.
To make a complaint in relation to Data Handling, (UK) GDPR or Data Protection, in the first instance contact:
Sandie Absalom – Data Protection Officer (Sandie.firstname.lastname@example.org)
Lantra House, Stoneleigh Park, Coventry, CV8 2LG
Telephone: 02476 696996.
Report a Concern
Information Commissioners Office (ICO) – Supervisory Office
Wycliffe House, Water Lane, Wilmslow, Cheshire, SKP 5AF
Telephone: 0303 123 1113
Cookies are widely used in order to make websites work, or to work more efficiently, and our site relies on cookies to optimise user experience and for features and services to function properly.
Most web browsers allow some control to restrict or block cookies through the browser settings, however if you disable cookies you may find this affects your ability to use certain parts of our website or services. For more information about cookies visit https://www.aboutcookies.org.