Horizon is committed to protecting and respecting your privacy. This policy (together with Horizon’s Legal Notice and any other documents referred to on it) sets out the basis on which any personal data that you provide to Horizon (including its subsidiaries), will be processed by Horizon. Your personal data is information which by itself or with other information available to us can be used to identify you, the data subject. By ‘processing’, we mean any activity that involves using your personal data. This includes collecting it, recording it, storing it, retrieving it, using it, amending it, disclosing it, destroying it, and transferring it to other individuals or organisations outside of the Horizon Group. Please read the following carefully to understand Horizon’s views and practices regarding your personal data and how Horizon will treat it.
(2) The types of personal data Horizon may collect from you
Personal information about individuals is usually provided to Horizon by the individual (young person, their parent or guardian, foster carer, contractor, customer or visitor). Personal information that individuals provided to other organisations may also be forwarded to Horizon (for example from a local authority social worker when placing a young person with us).
Horizon may collect and process the following personal information:
Personal details about physical or mental health, alleged commission or conviction of criminal offences are considered “sensitive” personal information. We will process any such information only if you have given your explicit consent, it is necessary for a legal reason or you have deliberately made it public.
If you contact Horizon, we may keep a record of that correspondence; details of your visits to Horizon’s site, and the resources that you access.
(2) The reasons why Horizon collects personal information.
We collect personal information to enable us to fulfil our legitimate business needs, such as:
(4) Horizon’s legal basis and purposes for using your personal information
We collect and use your personal information in the following situations:
Please note that if you do not agree to provide us with the requested information, it may not be possible for us to agree a contract with you or provide services under a contract.
We will always make it clear where we need your permission to process your personal information. Where we rely on your consent to use your personal information, you have the right to withdraw that consent at any time, using the same method by which you gave us your consent originally.
(5) Who will Horizon share your personal information with?
In fulfilling our business needs, we may share your information for any of the purposes mentioned at section 3 and 4, above. These are: (a) to perform the contract or contracts that we have with you (b) our legitimate business needs (c) to comply with a legal obligation (d) to carry out a task in the public interest (e) to protect vital interests; or (f) where we have your consent.
Specifically, information may be shared with:
(6) Transferring your personal information internationally
It may sometimes be necessary to transfer personal information overseas (outside of the United Kingdom). When this is needed information is only shared within the European Economic Area (EEA). Any transfers made will be in full compliance with all aspects of the General Data Protection Regulations and Data Protection Act 2018.
(7) The period for which we will keep your personal information
We will only retain your personal information for as long as it is required in relation to the purposes for which it was originally obtained or based on our legal and regulatory requirements. For example, the law requires us to keep information about the protection of children for 25 years after birth.
How long personal information will be retained for depends on the type of information it is and what it is being used for. For example, if you ask us not to send you marketing emails, we will stop storing your email address for marketing purposes (although we will keep a record of your preference not to be emailed).
We are updating our data retention schedule and it will be published on this site when completed. We will review our data retention periods for personal information on a regular basis. We also continually review the information that we hold and delete anything that is no longer required.
(8) How we keep your personal information safe and who has access to it
We follow strict security procedures in the storage and disclosure of your personal data, and to protect it against accidental loss, unauthorised access, destruction or damage.
Personal information held by us electronically are stored on secure computer systems and we control who has access to them. Our staff receive data protection training and we have data protection policies and procedures in place which teams are required to adhere to.
Where we use external companies to collect or process personal data on our behalf, we undertake detailed checks on these companies before we work with them and put a contract in place that sets out our expectations and requirements, especially regarding how they manage the personal data they have collected or have access to.
Horizon’s site may, from time to time, contain links to and from third party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that Horizon does not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
(9) Automated decision making and processing
Automated decision making involves processing your personal information without human intervention to evaluate your personal situation, such as your personal preferences, interests or behaviour. For instances, in relation to a decision on whether to admit or exclude a pupil from one of our schools. All such decisions regarding your personal information are made by one of our employees. Decisions are therefore not made solely by automated devices.
(10) Your Data Protection Rights
Under certain circumstances, by law you have the right to:
If you want to exercise any of these rights, please email your request to email@example.com FAO: Data Protection Officer, or by visiting our registered office which is at Venture House, 12 Prospect Park, Longford Road, Cannock WS11 0LG.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
(11) IP addresses and cookies
(13) Contacting our Data Protection Officer
We have appointed a Data Protection Officer (“DPO”) to oversee compliance with this policy. You can make a complaint or raise a concern about how we process your personal information by contacting our Data Protection Officer using the details given in section 10.
(14) Your right to contact the Information Commissioner
If you are not happy with how we have handled your complaint, or you believe that we have not handled your personal information in keeping with the law, you have the right to complain to the Information Commissioner’s Office (ICO), which oversees the protection of personal information in the United Kingdom. Alternatively, you may choose to contact either the ICO directly about your complaint, regardless of whether you have raised it with us first.
(15) Contact us