Policy Statement

EAL and Engineering Talent website will ensure the protection of all information assets within the custody of the business. High standards of confidentiality, integrity and availability of information will be maintained at all times.


Purpose

Information is a major asset that EAL and Engineering Talent has a responsibility and requirement to protect.

Protecting information assets is not simply limited to covering the stocks of information (electronic data or paper records) that the Organisation maintains. It also addresses the people that use them, the processes they follow and the physical computer equipment used to access them.

This Information Protection Policy addresses all these areas to ensure that high confidentiality, quality and availability standards of information are maintained. The following policy details the basic requirements and responsibilities for the proper management of information assets at EAL and Engineering Talent. The policy specifies the means of information handling and transfer within the Business.


Scope

This Information Protection Policy applies to all the systems, people and business processes that make up the Business's information systems. This includes all Executives, Committees, Departments, Partners, Employees, contractual third parties and agents of the Organisation who have access to Information Systems or information used for EAL purposes.


Definition

This policy should be applied whenever Business Information Systems or information is used. Information can take many forms and includes, but is not limited to, the following:

  • Hard copy data printed or written on paper.
  • Data stored electronically.
  • Communications sent by post / courier or using electronic means.
  • Stored tape or video.
  • Speech.

Risks

EAL recognises that there are risks associated with users accessing and handling information in order to conduct official business. This policy aims to mitigate the following risks:

  • Breaches in confidentiality
  • Non-reporting of information security incidents
  • Inadequate destruction of data
  • The loss of direct control of user access to information systems and facilities
  • The misuse of data by and individual agent of the organisation
  • Failure to comply with statutory or regulatory requirement

Non-compliance with this policy could have a significant effect on the efficient operation of the organisation and may result in financial loss and an inability to provide necessary services to our customers.


Use of Data

EAL collects and uses your personal information to operate Engineering Talent website and deliver the services you have requested. EAL will also provide you with the opportunity to consent to opt in to provide feedback on Engineering Talent (so we can make service enhancements and improvements) and receive news and product updates.

EAL will not sell, rent, license or lease its customer lists to third parties. EAL does not use or disclose sensitive personal information, such as race, religion, or political affiliations, without your explicit consent.


Transfer of Data

Engineering Talent is operated by EAL. Teachers and Young People’s registered users data is shared with the employers offering STEM opportunities.


Policy Compliance

If any user is found to have breached this policy, they may be subject to EAL disciplinary procedure. If a criminal offence is considered to have been committed further action may be taken to assist in the prosecution of the offender(s).


Policy Governance

The following table identifies who within EAL is Accountable, Responsible, Informed or Consulted with regards to this policy. The following definitions apply:

  • Responsible – the person(s) responsible for developing and implementing the policy.
  • Accountable – the person who has ultimate accountability and authority for the policy.
  • Consulted – the person(s) or groups to be consulted prior to final policy implementation or amendment.
  • Informed – the person(s) or groups to be informed after policy implementation or amendment.

Responsible: Joanne Iceton – Head of Commercial
Accountable: Andrew McLachrie – Finance Director
Consulted: Alison Parkes – Chief Operating Officer
and Ann Watson – Chief Executive Officer Informed: All employees involved in Engineering Talent


Review and Revision

This policy will be reviewed as it is deemed appropriate, but no less frequently than every 12 months. Policy review will be undertaken by Joanne Iceton


Subject Access Requests

All individuals who are the subject of personal data held by EAL are entitled to:

  • Ask what information the company holds about them and why
  • Ask how to gain access to it
  • Be informed how to keep it up to date
  • Be informed how the company is meeting its data protection obligations

If an individual contacts the company requesting this information, this is called a subject access request.

Subject access requests from individual should be made by email to the data controller at customerservices@semta.org.uk

The data controller will aim to provide the relevant data within one month. The data controller will always verify the identity of anyone making a subject access request before handing over any information.


Disclosing data for other reasons

In certain circumstances, the Data Protection Act allows personal data to be disclosed to law enforcement agencies without the consent of the data subject.

Under these circumstances EAL will disclose requested data. However, the data controller will ensure the request is legitimate, seeking assistance from the company’s legal advisors where necessary.


Use of Cookies

Engineering Talent website uses "cookies" to help you personalise your online experience. A cookie is a text file that is placed on your hard disk by a web page server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you, and can only be read by a web server in the domain that issued the cookie to you.

One of the primary purposes of cookies is to provide a convenience feature to save you time. The purpose of a cookie is to tell the web server that you have returned to a specific page. For example, if you personalise pages, or register with websites or services, a cookie helps Engineering Talent to recall your specific information on subsequent visits. This simplifies the process of recording your personal information. When you return to the same website, the information you previously provided can be retrieved, so you can easily use the features that you customised.

You have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of the services or websites you visit.


Security of your Personal Information

Engineering Talent secures your personal information from unauthorised access, use or disclosure. EAL secures the personally identifiable information you provide on computer servers in a controlled, secure environment, protected from unauthorised access, use or disclosure. When personal information is transmitted to other websites, it is protected through the use of encryption, such as the Secure Socket Layer (SSL) protocol.