KONONOV.CLUB Europe GDPR Policy

Effective date: 20.10.2023  

Introduction

KONONOV.CLUB , is committed to the security and fair processing of personal and/or sensitive data. This privacy policy (“Policy”) explains what data we collect and how we process it thereafter in accordance with applicable data protection law, in particular the General Data Protection Regulation (EU) 2016/679 (“GDPR”).

            Please read this Policy carefully, as it contains important information about what information we collect, how and why we do so, how we process and protect this data after collection, your rights in relation to your personal data and how to contact us and / or the appropriate external authorities in the event that you wish to report a concern about the way in which we process your data.   

            The term “KONONOV.CLUB” (“KC”) or “us” or “we” refers to the owner of the website whose organization name is Privet Entrepreneur Kononov Oleksiy. The term “you” refers to the user or viewer of our website.

 

What data do we collect?

Under the terms of the GDPR, KC is considered the “controller” of data that individuals or companies provide us.

            Through our day-to-day business interactions with customers we may, where applicable, collect and process the following personal and / or sensitive data:

*Your name
*Your data of birth
*Your gender
*Your contact details (phone numbers, postal address(es) and email address(es))

 

How do we collect this data?

            Data is either sent directly to us via means such as email and online services or collected automatically via our website (e.g. items such as IP address and browser type). To find out more about the website data that is collected automatically, please see our privacy policy details!
            Wherever personal information is shared with us by anyone other than the person whose information we are collecting (the “data subject”), it is the responsibility of the third party to ensure that the data subject is fully aware that their information will be shared with us and has provided their consent for this to happen prior to their information being shared. An example would be a student, training provider or employer ensuring that a learner or Apprentice has consented to their personal information being shared with us during their sign-up process.

 

Why do we collect this data and how do we use it?

            We collect data in order to fulfil a variety of obligations, and we ensure that those sharing data with us are aware of what information is mandatory and what is optional in order for us to fulfil those different obligations.

            Under the terms of the GDPR, we collect and process this data on one or more of the following bases:

            Consent: for example, when you provide us with your email address and formally opt-in to receive marketing communications from us.  

            Contractual obligations: for example, in order to deliver contracted products and services to centres and/or individuals, we may use an individual’s personal information to contact them directly.
            Legitimate interests: for example, in order to assist with complaints or appeals or to optimise your website experience.

            Legal obligations: for example, to assist us and/or law enforcement agencies with fraud investigations.

 

Who do we share your data with?

            We take all reasonable steps to ensure that personal data is suitably protected and can only be accessed and processed by those with a legitimate reason to do so. Aside from the applicable KC and EuropeActive staff, personal data may be shared with the following third parties:

  • Members of staff at a learner’s/Apprentice’s training provider or employer
  • Our service providers (for example, companies that supply and/or host our IT services, our print service supplier and credit reference agencies)
  • Our partners (specifically, any Awarding Organisations with whom we offer joint or collaborative services)
  • Consultants and/or professional experts whose remit specifically requires access to personal data
  • Law enforcement agencies, in the event that we are required to assist with legal proceedings

            We also share aggregated (and usually anonymised) achievement data with regulatory bodies such as Ofqual, NFPT, Active IQ,Europe Active .

            Where personal data needs to be transferred to countries outside of the European Economic Area (“EEA”), we will take appropriate steps to ensure your personal information is afforded the same level of protection as described in this Policy.

 

Cookies

            A cookie is a small amount of data, which often includes a unique identifier that is sent to your computer browser from a website’s computer and is stored on your device’s hard drive in the form of a text file.

 

How do KC use cookies?

            Cookies are used to control an online session and provide security such as a time-out function. KC only issues session specific cookies which store no personal or transactional data.

 

How do we protect your data?

            We use a combination of organisational and technical methods to protect your data from unauthorised access and/or accidental loss. Where we use third parties to process personal information, we also require them to adhere to the same levels of security and protection.

            Any personal information that you voluntarily post via public platforms (for example, within a forum on the KC eLearning platform) may become accessible to others. We cannot be held responsible for any personal information you have shared in this way, so you are advised to exercise caution when deciding when and where to share your information.

 

How long do we keep your data for?

            We retain data for as long as is required to fulfil our ongoing regulatory, quality assurance and/or legal obligations. For example, learner and achievement data will be retained beyond the end of a contract between us and the learner’s training provider in case it should be required during regulatory audits, complaint handling, appeals and/or legal proceedings.

 

What rights do you have?

            The GDPR outlines various rights that a data subject has with regard to their personal data. Please see a summary below:

            The “Right to be informed”: individuals must be made aware of how and why their personal data is collected. In providing the Policy, KC meets this requirement.
            The “Right of access”: individuals can request access to copies of their personal data in order to verify that it is being processed in a lawful and correct way
            The “Right to rectification”: individuals can request that inaccurate personal data is corrected (or completed if it is incomplete).

            The “Right to erasure”: under certain circumstances, an individual can request that their personal data is deleted (e.g. if they wish to unsubscribe from receiving marketing communications and also have their contact details completely deleted from our systems. This would be possible provided there was no legitimate ongoing reason for us to retain their details).

            The “Right to restrict process”: under certain circumstances an individual can request the suppression of their personal data (e.g. allowing us to continue holding their data, but pausing all processing of that data whilst they seek to verify that it is accurate and / or being processed lawfully).

            The “Right to portability”: under certain circumstances, an individual can request that their personal data is electronically transferred from us to another data controller.

            The “Right to object”: under certain circumstances, an individual can object to the way in which their data is being processed (for example, if they believe that we do not have legitimate grounds for collecting and processing certain information about them). If the objection is upheld, we are required to stop processing that information

            If you wish to exercise any of these rights or raise a data protection issue with us, please find the appropriate contact details below.

 How to contact us

            If you have any queries or concerns about this Policy or wish to exercise your rights, please email us at [email protected]  Please note that your communication is addressed to KC as all data protection matters are handled by a centrally employed data protection lead (with assistance from the relevant business unit, as required).

Estonia. Tallinn. 15551
Lasnamäe linnaosa, Sepapaja tn 6
Phone: +380501017255

Oleksii Kononov