CODE aims to meet the requirements of the Data Protection Act 2018, the General Data Protection Regulation (GDPR) and the guidelines on the Information Commissioner’s website.
The data controller is Gill Cox who is also the Information Governance Lead. This privacy notice is available on the company websites at www.codeuk.com, www.icomply.cc, by email email@example.com or by calling 01409 254 354.
You will be asked to provide personal data when joining as a member. The purpose of collecting your personal data is to provide the optimum membership services to you. We also process the personal data of our employees and for individuals who have expressed interest in CODE services.
Our lawful basis for processing data
The lawful basis for processing employees’ data is:
“9(2)(h) – Processing is necessary for the purposes of preventative or occupational medicine, for assessing the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or management of health or social care systems and services on the basis of Union or Member State law or a contract with a health professional.”
The lawful basis for processing members’ data is:
Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
The lawful basis of processing non-members data is:
The legitimate interests, see the CODE Legitimate Interests Assessment (P 217U).
The data subject has given consent to the processing of his or her personal data for one or more specific purposes.
The categories of data we process The categories of data we process are:
For definitions of Member or Client please see the CODE Contract as Data Processor.
We never pass personal data to a third party unless it is for processing on behalf of CODE
Where our data is stored
Personal data is stored in the EU in digital and hard copy formats. Personal data is stored in the USA but only with companies who are certified for the EU-US Privacy Shield and have appropriate GDPR compliance terms and conditions. Personal data is obtained when a Member subscribes to a membership, when a Client requests a service and when a non-member subscribes to a CODE email list.
Retention of personal data
The retention period for members’ data is 10 years as many members re-join after some years. The retention period for staff records and client data is 6 years. The retention period for non-member data is 2 years after it was last processed.
You have the right to withdraw consent for important compliance notifications, newsletters, surveys or marketing. You can inform us to correct errors in your personal details or withdraw consent from communication methods such as telephone, email or texts. You have the right to obtain a copy of your data records within one month of application, for which no fee will be charged.
Privacy Impact Assessment
We have carried out a Privacy Impact Assessment (M 217S) and the details of how we ensure security of personal data is in our Security Risk Assessment (M 217M). We have Information Governance Procedures (M 217C) and a Legitimate Interests Assessment (M 217W). Copies of these policies and procedures can be obtained from the contact details below.
Please contact Gill Cox at CODE for a comment, suggestion or a complaint about the processing of your data at firstname.lastname@example.org or by calling 01409 254 354 or by writing to CODE at Elm Tree House, Bodmin Street, Holsworthy, Devon, EX22 6BB. If you are unhappy with our response or if you need any advice you should contact the Information Commissioner’s Office (ICO). Their telephone number is 0303 123 1113, you can also chat online with an advisor. The ICO can investigate your claim and take action against anyone who’s misused personal data. You can also visit their website for information on how to make a data protection complaint.
CODE is the trading name of the Confederation of Dental Employers ltd company number 01763779. CODE is also a trading name of Codeplan Ltd company number 03927086. iComply is a trading name of Codeplan ltd.
Both the Confederation of Dental Employers ltd and Codeplan Ltd are incorporated in and established under the laws of England. Their registered office is at Elm Tree House, Bodmin Street, Holsworthy, Devon, EX 22 6BB.The