Home >
Privacy Policy
MESH is a Charitable Incorporated Organisation. CIO charity number 1180429. MESH exists to promote access to education for adult migrants in the Yorkshire and Humberside region, and further afield as the trustees see fit. In particular but not exclusively by providing comprehensive information about local opportunities for language education.
MESH wants to represent best practice in good information governance and data protection, so we want to tell you that:
- If you ever want to know what information we hold about you, you can ask for it using the contact details below.
- We will tell you what we would use your data for, and give you an opportunity to control what we do with it. You can do this at any time, as often as you like. We will always respect your decision.
MESH is known as a ‘controller’ of the personal information you give to us and we collect it for the following reasons:
- To be able to keep in touch with you and update you about our work
- To be able to log accurate information about ESOL classes on the Learning English in Yorkshire and the Humber website and to contact providers if there is a problem
- To be able to link students looking for ESOL classes with available classes
The kind of information we collect includes:
- Name, job title and business contact details including email address;
- Information about classes and venues;
- Information about students;
- Name
- Email address
- IP address
- Name
- Email address
- Phone number
- IP address
When a user clicks to send class to a friend we process and store their
- Name
- Email address
- Friends email address
- IP address
When a provider registers we process and store
- Any personal details such as their name, phone number, email address, job title plus a username and password to login;
- Any business details such as business name, email address, contact person, phone number and any business addresses.
When a provider logs-in we process and store
- Their attempted access in the system logs as well as a database log showing any recovery actions used, such as lost password or forgotten username.
When a provider adds a course we process, store and make public
- Full details of the business including the business name, contact person, phone number, email address and address along with any extra information such as additional locations and free text. When a provider adds contact buttons we process and store
The students name and email address;
- Any contact made via the Learning English in Yorkshire and the Humber website by way of system-logs and database captures.
When a student contacts a provider listed on Learning English in Yorkshire and the Humber
- The student should visit the providers own privacy policy to determine what the provider does with their personal information. Learning English in Yorkshire and the Humber will never use or share the data collected about any students with any third parties outwith MESH. Any personal information stored is used for statistical purposes only and will be purged from our systems every 30 days in most instances.
When MESH collects data
- MESH will be clear and explain why this information is being collected and the way it is to be used, however, only with your consent. At the same time ensure your privacy rights are protected;
- MESH collects information if you visit/use our website please refer to Cookies policy (under review);
- We do not share the information we hold about people with anyone. However, we would disclose information on request to the Police or any other statutory authority or regulator who has a reasonable need for these data to effectively conduct their business e.g. criminal investigations;
- When you provide permission to other organisations to share it with us (including Facebook or Twitter).
How we use your information
We will only use your information for the purpose or purposes for which it was collected for (or for closely related purposes). These purposes include:- Using information provided to produce clear and accurate information about English classes available. Sometimes, with your consent, we will process your personal data to provide you with information that you have requested about our work or our activities;
- We use personal data for administrative purposes (ie to carry out the work of our organisation). This can include processing grant applications, maintaining a database of supporters and helping us respect your choices and preferences (e.g. if you ask not to receive marketing material, we will keep a record of this);
- Where we need to do this to fulfil a contract, or where we are required to do this by law or other regulations;
- When it is in our legitimate interests to do this and when these interests do not override your rights. These legitimate interests include providing you with information of our work and future events, fundraising, newsletter requests, feedback, and other activities. Please see section 9 on ‘Legitimate Interest’ for more information. Retention
- We hold your information only as long as necessary for each purpose we use it. We regularly review what information we hold and delete what is no longer required;
- If you request that we have no further contact with you, we will keep some basic information in order to avoid sending you unwanted materials in the future and to ensure that we do not accidentally duplicate information. Data Security
- We employ a variety of physical and technical measures to keep your data safe and to prevent unauthorised access to, or use or disclosure of, your personal information;
- Electronic data and databases are stored on secure computer systems and we control who has access to information (using both physical and electronic means);
- Our electronic data is stored on a secure cloud server located in the UK (EEU). Our UK data centre is ISO27001:2013 certified. It has modern security features including: Photo ID and swipe card entry, 24-7 security on site, CCTV inside and out, gated access and secure perimeter fencing, redundant and uninterruptible power supplies. We use a third party web developer to manage our hosting and can provide any additional information upon request;
- Paper copies of any personal data that are stored in secure locked cabinets.
- Keeping you in control
- the right to ask us to remove your personal data from our records (though this will not apply where it is necessary for us to continue to use the data for a lawful reason);
- the right to have inaccurate data rectified;
- the right to request a copy of the information we hold about you;
- the right to ask us to stop using your information for marketing or profiling, and;
- where technically feasible, the right to obtain and reuse your personal data for your own purposes.
Cookies and website
We use traffic log cookies to identify which pages of our website are being used. This helps us analyse data about webpage traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from our system. You can find out more about our use of cookies by reading our Cookie Policy.Legitimate interests
Under the new GDPR laws started in May 2018, we have a number of lawful reasons that we can use (or ‘process’) your personal information. One of these lawful reasons is called ‘legitimate interests’. Legitimate interests mean that we can process your personal information if:- We have a genuine and legitimate reason and we are not harming any of your rights and interests.