Privacy & Cookie Policy

1.Overview

This Policy covers the data collected and processed by The National Association of Licensed Paralegals (NALP) who can be contacted at:

National Association of Licensed Paralegals

LG.02 Lincoln House,

1-3 Brixton Road,

London

SW9 6DE

Tel: 0207 112 8034

NALP is the Data Controller of the personal data we process on our own behalf and the Data Processor of data processed on behalf of our Centres and Members. We have a legal duty to protect the privacy of all, personal and business data obtained from you while you are using our website, as well as in the provision of our services to you. This Privacy Policy explains what information we may collect from you and the purposes for which it will be used. This Policy complies with all current data protection and privacy regulations in the UK, including, but not limited to, the General Data Protection Regulations (the GDPR) and the Privacy and Electronic Communications Regulations (the PECR).

The GDPR relates to ‘personal data’ which covers any information which makes an individual (the Data Subject) identifiable.

 

2.Purpose of and Legal Basis for Processing Personal Data

NALP will only process personal data for the purposes of delivering the services contracted by our Centres, Learners and Members, unless we are provided with specific consent to process for other purposes, such as marketing, or for the purpose of complying with local laws or regulations. Personal data will never be processed without the knowledge and/or permission of the Data Subject.

In addition to acting as a self-regulatory body for its Members, NALP is also a Recognised Awarding Organisation under The Office for Qualifications and Examinations in England (Ofqual). Ofqual have been granted its powers by an Act of Parliament, meaning that the regulations they enforce are backed by UK Law. NALP therefore has a Legal Obligation to process certain Personal Data necessary to ensure compliance with those regulations. More information about the powers granted to Ofqual can be found at: https://www.gov.uk/government/organisations/ofqual/about

By using our services, including accessing our website and the forms, etc. therein, you give your agreement to our processing any personal data we may have as described in this policy.

 

3.Types of Personal Data Processed

Personal Data is any information which could potentially make an individual identifiable and can include, but may not be limited to, your name, address, date of birth, email address and IP address.

We collect data in a number of ways including, but not necessarily limited to:

  • Contact forms on our website completed and submitted by a Data Subject, whether in respect of our qualifications or our professional membership body
  • As part of a Contract for Services, i.e. names and contact information of individuals, including current and former Members of NALP or where the individuals are acting on behalf of an Approved Centre
  • Provided to us by Approved Centres in order that we can provide the regulated qualifications required by the Learners
  • Other forms of contact direct from Learners such as for replacement Certificates, complaints, enquiries and Appeals
  • Our contact forms make it clear that the information will be used for the purposes of the contact (e.g. to respond to a query) but also provide the option for consent to expand the processing of that data for marketing purposes. Similarly, any contract for services will set out what the personal data will be used for.

Personal Data provided to us by our Approved Centres or Members as part of our service provision will be processed only in accordance with the contract for services and no such data will be used for the benefit of NALP.

 

4.Our Website and Cookies

4.1.Who manages our website?

The content of our website is owned and edited by the NALP. The website is hosted by IONOS and managed by the NALP (including its freelance marketers). When a user utilises the Contact Us forms, data is stored on the administration end of the website which is not accessible to the public. IONAOS have access to this data, however they do not process it in any way, other than if necessary to for the purposes of administrating the website itself. Please see https://www.ionos.com/terms-gtc/privacy-policy/  for details of IONOD Privacy Policy.

4.2.Website usage information

NALP uses Google Analytics to assist in the collation of data from users of our website. To provide website visitors the ability to prevent their data from being used by Google Analytics, Google have developed the Google Analytics opt-out browser add-on for the Google Analytics JavaScript (ga.js, analytics.js, dc.js).

If you want to opt out, download and install the add-on for your web browser. The Google Analytics opt-out add-on is designed to be compatible with Chrome, Internet Explorer 11, Safari, Firefox and Opera. In order to function, the opt-out add-on must be able to load and execute properly on your browser. For Internet Explorer, 3rd-party cookies must be enabled. Learn more about the opt-out and how to properly install the browser add-on here.

The type of website usage information that we collect during your visits to our site includes, for example, the date and time, pages viewed or searched for, publications ordered, guides printed, tools used, subscriptions and referrals made, some truncated postcode or telephone area code information entered on forms (which is not traceable back to you) and other information relating to your usage of our website.

Where you are a registered user of our website and have logged in, we may collect web usage information to enable us to build a demographic profile or to improve the services you have requested from us.

We may also use web usage information to create statistical data regarding the use of our website and we may then use or disclose that statistical data to others for marketing and strategic development purposes, however, no individual identities will or can be identified in such statistical data.

4.3.Cookies

Cookies are small pieces of data given to your browser by a website which may be stored as text files in the cookie directory of your computer. Cookies are not programs and cannot collect information from your computer. They do not damage your computer and are defined as “a piece of text stored on a user’s computer by their web browser. A cookie can be used for authentication, storing site preferences, shopping cart contents, the identifier for a server-based session, or anything else that can be accomplished through storing text data” (source: Wikipedia, 2011).

Each website may send cookie data to your browser which may save it if your browser’s preferences allow it to do so. To protect your privacy your browser only returns a cookie to the website that sent you the cookie and does not send it to any other website. A website cannot access your cookie directory or information on your computer, instead relevant cookies are included by your browser within each request you make to the website. A website can only obtain cookie data that your browser sends to it.

We use cookies to analyse website usage trends, understand user journeys and gather broad demographic information for aggregate use. Our cookies are not linked to personally identifiable information and we do not collect, store or process the IP addresses of visitors browsing our website.

You do not have to accept cookies and you can change the settings within your browser to accept all cookies, reject all cookies, reject cookies from certain websites, notify you if a site is requesting to set a cookie, and set various other options. Please see below in ‘4.4 Further information about cookies’ for more details on how you might do this.

Switching off cookies will still allow you to view the majority of content on our site, however, it may affect your logging in and accessing personalised information, plus it will stop us remembering your login User ID, if you ask us to do so, and may restrict your use of our interactive tools and of some services available through linked sites.

4.4.Further information about cookies

If you would like to opt out of, or restrict the use of cookies when visiting our, or any other third party’s website, you are able to adjust the settings in your Internet browser to do this. Exactly how this is done will depend on which browser you use for access to the Internet. Each browser has its own variation on how this can be achieved, but it is usually under ‘Settings’ which can be found at the end of the Search bar, e.g. on Chrome it is found as follows:

You then need to go to “Advanced”, then “Privacy and Security”, then “Content Settings” and “Cookies” and choose the most appropriate setting for yourself.

Users should check their Internet browser for details of how to amend, remove or restrict the use of cookies on their computer, tablet or other internet enabled device.

For further information about cookies, please refer to:

4.5. Third party content and linking to other websites

This privacy policy applies only to our website. We are not responsible for privacy practices within any other websites. You should always be aware of this when you leave our website and we encourage you to read the privacy statement on any other website that you visit. We embed external content from third-party websites such as YouTube, Twitter and LinkedIn including cookies. This content is not published on our website. It is delivered using devices and services from third party sites that can be inserted into our site such as media players, RSS feeds and widgets. These websites may use cookies. Their content is subject to the privacy policy of the relevant third-party provider and not ours.

 

5.Information sharing and disclosure

In addition to those companies mentioned in section 4.1 and 4.2 above, we may share your data with other specified third parties for the purposes of supplying the services you have contracted us for or if required to by law or by a regulation based on a law. We will not sell, rent or disclose your information to any third parties other than those set out in this privacy policy without your prior consent.

Where you are a named individual of an Approved Centre or a Learner who has taken a regulated qualification, we may share your data with Ofqual as part of an audit or during an investigation, etc.

We do not transfer your personal data outside of the UK and the European Economic Area. Regardless of where the information is held, however, it is all covered by the GDPR and all third party suppliers we use are subject to the principles and regulations therein.

 

6.Retention of Data

Personal Data will always be held for the minimum amount of time required. This will depend on a number of factors, such as the terms and length of a contract or a relevant law or regulation based on law. For instance:

  • Centre details – held for a minimum of 6 years after the Centre has ceased to be approved
  • Member details – held for a minimum of 6 years after membership has been cancelled/lapsed

Learner details – held indefinitely for the purposes of being able to provide confirmation of a qualification at any time in the future, as required under Ofqual regulation

If you have made an enquiry and have opted in to receiving marketing information, you will continue to receive such communications until you opt out. A reminder of your option to unsubscribe is provided with every communication issued. Once you have opted out, if you do not otherwise fall into the above categories, your data will be deleted 12 months from the date of the opt out.

Information gathered via contact forms is stored on the website for a maximum of 12 months before being deleted by the website hosts, IONOS (see section 4.1 above) under their data retention policy.

Electronic Personal Data is encrypted and held in a secure manner on physical and cloud-based services. The encryption used meets all current requirements for encrypted services and is updated regularly to ensure that it remains fit for purpose. Electronic data is deleted following a secure process to ensure there is no lapse in security at the point of deletion.

Paper based Personal Data is held in secure, fire-proof, locked cabinets. It is destroyed under contract with a secure data destruction company.

 

7.Your Rights

Under current legislation, Data Subjects have the following rights:

  • To be informed – This policy is one of ways in which NALP informs you how and why we process your data
  • Of Access – All Data Subjects have the right to quest access to all of the data we hold on them. Any Data Subject requests received will be reviewed and responded to within one calendar month of receipt of the request. Most requests will be fulfilled free of charge, however, NALP reserve the right to charge a reasonable administration fee for any requests deemed to be excessive, unfounded or repetitive.
  • Of rectification – Should you find that any data we hold about you is incorrect, you can ask us to correct it and we will investigate and respond within one calendar month of receipt of the request.
  • Of Erasure – You can ask for your Personal Data to be erased permanently. All such requests will be responded to within one calendar month of the receipt of a request. Please note that, whilst we will always endeavour to fulfil requests, there may be some instances were this is not possible due to legal or regulatory reasons. We will always provide a full explanation in any such instances.
  • To restrict processing – If you do not wish for your data to be erased, you may ask for it to be restricted so that we continue to hold it but not process it or use it in any way – we would essentially ‘archive’ your data. This is only applicable in certain circumstances, however we will look at all requests and respond within one calendar month of the receipt of a request.
  • To data portability – All electronically held data can be transferred to another company in a structured, commonly used and machine readable format on request. Please note that this will only include the data you have provided to us and not any ancillary data produced as a result of the services we have created during the provision of our services or where that data includes information regarding a third party. All requests for moving data will be responded to within one calendar month of a request being received.
  • To Object – You can object to our processing data for the purposes of marketing, scientific/ historical research and statistics, or legitimate interests or in the performing of a task in the public interest /exercise of official authority (including profiling). All such requests shall be responded to within one calendar month
  • Rights related to automated decision making, including profiling – The GDPR sets out specific rights in relation to automated decision making. Please note that NALP does not use any form of automated decision making system whilst processing your data.
  • To complain – You have the right to raise a complaint regarding the processing of your data or our response to a request under the above rights. As part of this, you also have the right to escalate your complaint to a supervisory authority. In respect of data handling, you have the right to escalate your complaint to the Information Commissioners Office (ICO). Please go to https://ico.org.uk/for-the-public/raising-concerns/ for full details.

Data Subjects have the right to withdraw their consent to our processing their data at any time.

In respect of any of the rights indicated above, if you would like to make a request, require further information, or have a complaint regarding our processing of your data please contact us at:

Email:           info@nationalparalegals.co.uk

Website:       https://www.nationalparalegals.co.uk/

Address:

National Association of Licensed Paralegals

LG.02 Lincoln House,

1-3 Brixton Road,

London

SW9 6DE

Telephone:    0207 112 8034

8.Changes to this policy

We may make changes to this privacy policy at any time. Changes will be posted on our website and are effective immediately, except where they relate directly to a contract for services where all changes will be subject to the agreements in that contract. Regularly reviewing this Policy ensures that you are always aware of what information we collect, how we use it and under what circumstances, if any, we will share it with other parties.