RADIATION PROTECTION ADVISER SERVICES
How we collect your information
Why we collect this information
The types of information we collect
How we store your information
Sharing your information with others
How long your information is kept
Contact & Complaints
This notice explains how YourRPA collects and stores your personal data when you interact with us. This notice outlines the types of data we collect and how this data is used to provide our services to you.
We may collect your information directly from you in the following ways:
- face to face meetings;
- telephone conversations;
- email correspondence.
We may also collect your information from third parties who you have contacted us on your behalf regarding the services we may provide for you.
We routinely collect the following types of personal information about you:
- Contact information, including email addresses, telephone numbers and postal addresses;
- Contact details of any of your staff with whom you wish us to communicate;
- Records of communications and interactions we have had with you;
- Information relevant to the provision of our services to you.
We may collect GDC numbers and places of employment.
We may also collect bank account details from you.
We use your personal data to respond to any enquiries you make to us about our services.
We use your personal data in order to enable us to deliver and charge for the services we provide in accordance with the administration of our contractual obligations.
We use any other information as necessary to advise you regarding the services you have requested from us or that we have provided under our contractual obligations with you.
GDC numbers and empoyment information are collected in order to comply with GDC requirements for verifiable CPD.
Bank account information is only collected when you have requested a refund from us.
For the purposes of the General Data Protection Regulation (GDPR) and UK data protection laws, when processing your personal data we are relying on the legal basis of:
- our contract with you;
- legitimate interest in being able to use the information you have provided in ways you would reasonably expect us to do so in order to fulfil our services to you;
- legal obligation to use the data to fulfil any relevant statutory obligations.
The information we collect and process is required for us to be able to perform our contractual obligations and receive payment from you for the services we provide. Should you fail to provide this information, we would not be able to deliver these services under the terms of our agreement with you. We rely on you to inform us regarding any changes to contact details and will update our records when we receive such information from you.
Your information may be held in paper and/ or digital format.
We hold the majority of your information in individual client folders. Your contact details and other contractual information is held securely on file in a manner that enables us to fulfil our business obligations.
All digital information is contained in and added to Microsoft OneDrive servers. Microsoft have stated that they comply with GDPR data security principles.
We only share your information with our employees and associates that provide advisory services on our behalf.
Personal information is not shared with third parties unless you specifically request us to contact them on your behalf or unless there is a statutory duty to do so.
Contractual information is shared with our accountant for the purposes of auditing our accounts.
Although YourRPA has accounts on the Facebook, Twitter and LinkedIn social media sites, we do not collect or share information posted on them.
Bank account information is deleted once you have confirmed receipt of any payment.
Client folders are archived within three months of the termination of a contract but are retained indefinitely as they contain information on aspects of health and safety which may need to be referred to in the event of a future query.
Our annual accounts (which contain contract information) will be retained until six years after the termination (or sale) of the business.
If you have any queries about this privacy notice or how we process your personal data, or if you wish to exercise any of your legal rights, you may contact us by email at: firstname.lastname@example.org.
If you are not satisfied with how we are processing your personal data, you can make a complaint to the Information Commissioner. You can find out more about your rights under applicable data protection laws from the Information Commissionerís Office website: