Privacy Policy
Introduction
SLL Plant and Quarry Training Services Ltd (“SLL”, “we”, “our”, “us”) is committed to protecting the privacy of individuals whose personal data we collect, process, store, and use. This Privacy Policy explains how we handle personal information in connection with our education, training, assessment, and qualification services.
The personal data we may process includes information about clients, candidates, employees, partners, suppliers, contractors, sub-contractors, training centres, awarding bodies and other business contacts. SLL is registered as a Data Controller with the
Information Commissioner’s Office (ICO), Registration Number: Z2119135.
Purpose of the Privacy Policy
This Privacy Policy aims to ensure that all personal data is:
• Collected and processed lawfully, fairly, and transparently.
• Used only for specified, explicit, and legitimate purposes.
• Adequate, relevant, and limited to what is necessary.
• Accurate and kept up to date.
• Retained only as long as necessary for the intended purpose.
• Appropriately secured.
This policy also outlines the rights of individuals under the General Data Protection Regulation (GDPR) 2018 and how SLL meets its legal obligations.
SLL’s Responsibilities
SLL collects and processes personal information as necessary for business purposes, contractual obligations, and legitimate interests. Individuals provide consent where additional personal data is required beyond what is necessary for service delivery.
Types of Data Collected:
Standard Personal Data
• Names, addresses, dates of births, telephone numbers, and email addresses
• National Insurance numbers, passports, driving license details
• Bank account or payment details
• Photographs, CCTV footage, voice recordings
• Details of training scheme completion
• Performance appraisals, disciplinary records
Special Categories of Personal Data
Sensitive personal data (e.g., racial/ethnic origin, political/religious beliefs, health, trade union membership, criminal offences) is only processed where:
• Explicit consent is provided
• Legally required (e.g., employment purposes)
• Necessary to protect an individual’s interests
• Required for legal proceedings or administration of justice
SLL ensures that access to sensitive data is strictly controlled and individuals are informed about who can access their data and why.
Data Security
SLL implements appropriate technical and organizational measures to protect personal data:
• Physical records are stored securely in locked cabinets
• Digital records are password protected and, where appropriate, encrypted
• Portable media and devices containing personal data are safeguarded
• Access is restricted internally to authorized personnel only
In the event of a data breach posing risk to individual rights or freedoms, SLL will notify both the ICO and affected individuals within 72 hours and take corrective action.
Sharing of Personal Data
SLL may share personal data with:
• Internal administrators, trainers, and assessors
• Training centres, providers, and employers
• Auditors, regulators, subcontractors, partners, and suppliers
• Government agencies
Information is shared strictly for legitimate business purposes and in compliance with GDPR.
Data Retention and Disposal
• Physical records are securely disposed of when no longer required (shredded or
placed in confidential waste).
• Digital data is retained in line with business needs; deleted securely from devices
when appropriate.
Your Rights as a Data Subject
Individuals have the following rights under GDPR:
1. Right to be informed: SLL will provide details about how data is collected, processed,
and stored.
2. Right of access: Individuals can request confirmation and copies of their personal
data.
3. Right to rectification: Inaccurate or incomplete data can be corrected without undue
delay.
4. Right to erasure: Individuals may request deletion where data is no longer necessary
or consent is withdrawn, subject to legal exceptions.
5. Right to restrict processing: Processing may be restricted where accuracy is
contested, processing is unlawful, or data is no longer needed but retained for legal
claims.
6. Right to data portability: Personal data can be transferred to another controller in a
structured, commonly used, machine-readable format, where processing is based on
consent or contract.
7. Right to object: Individuals may object to processing for profiling, direct marketing,
or research purposes unless required for public interest.
Requests are typically addressed within one month. Complex requests may take up to three
months.
Policy Review
SLL regularly reviews and updates this Privacy Policy to reflect changes in legislation, regulatory guidance, business practices, or stakeholder feedback. Appendix A – Definition of Data Processing
Data processing includes any operation on personal data, such as:
• Collection, recording, storage, or organization
• Consultation, use, or retrieval
• Disclosure, dissemination, or communication
• Alteration, combination, restriction, or deletion
Appendix B – Contact Information
SLL Plant and Quarry Training Services Ltd
Arclid Quarry
Congleton Road
Sandbach
Cheshire
CW11 4SN
ICO Contact:
Phone: 0303 123 1113
Website: www.ico.org.uk