Website cookies

This website uses cookies to help us understand the way visitors use our website. We can't identify you with them and we don't share the data with anyone else. If you click Reject we will set a single cookie to remember your preference. Find out more in our privacy policy.

Home

Forward Fuse privacy notice

If you use Forward Fuse, this privacy notice tells you what to expect when Forward Fuse collects personal information about you.

As a service provider, The Forward Trust (Forward) must meet our contractual, statutory and administrative obligations. We are committed to ensuring that personal data is handled in accordance with the principles set out in the Information Commissioner’s Office (ICO) Guide to Data Protection.

This privacy notice tells you what to expect when Forward Fuse collects personal information about you.

Forward is the controller for this information unless this notice specifically states otherwise. Our Data Protection Officer is Tom Rottinghuis. You can contact us at dataprotection@forwardtrust.org.uk.

How we get your information

We get information about you from the following sources:

  • Directly from you
  • Forward client databases including Nebula and Illy
What personal data we process and why

We process the following categories of personal data:

  • Personal contact details such as your name, address, contact telephone numbers (landline and mobile) and personal email addresses.
  • Your relationship with Forward – for example, your Forward Connect membership, referral route, or programme
  • Learning and engagement data around your use of the Forward Fuse platform
Lawful bases for processing your personal data

Depending on the processing activity, we rely on the following lawful bases for processing your personal data under the GDPR:

  • Article 6(1)(a) because you have given your consent for us to do so
  • Article 6(1)(e) for the performance of our public task
  • Article 6(1)(f) for the purposes of our legitimate interest

Special category data

Where the information we process is special category data, for example your health data, the additional bases for processing that we rely on is:

  • Article 9(2)(a) you have given us your explicit consent

Criminal convictions and offences

We process information about criminal convictions and offences. The lawful basis we rely to process this data are:

  • Article 6(1) (a) Consent: the individual has clear consent to process their personal data for a specific purpose. In addition we rely on the processing condition at Schedule 1 part 3 paragraph 29.
  • Article 6(1)(e) for the performance of our public task. In addition we rely on the processing condition at Schedule 1 part 2 paragraph 6(2)(a).
  • Article 6(1)(b) for the performance of a contract. In addition we rely on the processing condition at Schedule 1 part 1 paragraph
Where we store your information and our use of sub-processors

We use FUSE as an online learning platform to provide this service. For more information please see Fuse Privacy Notice. FUSE use the following sub-processors. Please note that the sub-processors used by FUSE are bound by the same data protection obligations as FUSE themselves as detailed in the signed Data Protection Agreement / Addendum.

Name Address Description of processing
Amazon Web Services One Burlington Plaza, Burlington Rd, Dublin 4 Hosting Services – processed in EU West (Dublin, Ireland)
SendGrid

 

 (Twilio) 375 Beale St suite 300 San Francisco CA 94105 USA

 

 SMTP Relay email notifications – processed EU & US covered by EU-US Binding Corporate Rules (BCRs).

 
Good Data

 

 San Francisco 1 Post Street, Suite 400. San Francisco, CA 94104, USA System Analytics – processed in Rackspace, London
Telestream

 

 848 Gold Flat Road, Nevada City, CA 95959, USA Video Transcoding – processed in EU West (Dublin, Ireland)
SDL New Globe House, Vanwall Business Park, Maidenhead SL6 4UB, UK Language translation (if enabled) – processed in EU & US
Voicebase 44 Montgomery St, San Francisco, CA 94104, USA Audio Transcribing – processes in EU
DataDog

 

 New York Times Bldg, 620 8th Ave 45th Floor, New York, USA

 

 Logging and Application Performance Monitoring – anonymised data processed in EU & US

 
Dell Boomi US East Coast Office, 1400 Liberty Ridge Drive, Chesterbrook PA19087, USA Integrations (if enabled) – processed in EU West (Dublin, Ireland)
How long we keep your personal data

For information about how long we hold your personal data please contact us at info@forwardtrust.org.uk and request a copy of our Records Management Policy.

Data sharing

In some circumstances, such as under a court order, we are legally obliged to share information. We also have a duty to share information with or without your permission under certain circumstances, such as if we believes you may be at risk of self-harm or risk of harm to any person.

Your rights in relation to this processing

As an individual you have certain rights regarding our processing of your personal data, these include:

  • Your right of access: you have the right to ask us for copies of your personal information.
  • Your right to rectification: you have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
  • Your right to erasure: you have the right to ask us to erase your personal information in certain circumstances.
  • Your right to restriction of processing: you have the right to ask us to restrict the processing of your information in certain circumstances.
  • Your right to object to processing: you have the right to object to processing if we are able to process your information because the process in our legitimate interests.
  • Your right to data portability: this only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organisation to another, or give it to you.

You also have the right to lodge a complaint with the Information Commissioner as the relevant supervisory authority.

For more information on your rights, please see ‘Your rights as an individual’.

Transfers of personal data

We don’t routinely transfer staff personal data overseas but when this is necessary we ensure that we have appropriate safeguards in place.

Disclosures under the Freedom of Information Act

As some of our duties fall into the category of public authority we may receive information requests under the Freedom of Information Act (2000) about our services and we must consider whether to disclose information in response to these requests.

We will not provide any personal information under FOI requests however we may provide anonymous information such as:

The type of information you can expect we will disclose is as follows:

  • Number of individuals in our services
  • Number of female service users
  • Number of male service users

The list above does not include every area where we might disclose information.