Data protection, copyright and confidentiality

Scope

This Data Protection and Confidentiality Policy covers all information and data generated, held, controlled, created or otherwise used by Multiverse. Multiverse reserves the right to amend any provision of this procedure subsequent to appropriate consultation.

The terminology used within this Policy describes as follows:

Apprentices – understood as any individual engaged under a Multiverse programme.

Customer – understood as any individual or third party accessing Multiverse services, information or equipment other than by way of being an Employee. This includes Apprentices, Jobseekers, Work Experience Participants and Service Users.

Copyright - does not include moral rights under the Copyright, Designs and Patents Act 1988 (UK), except if the works attracting moral rights are achieved in the course of an Employee’s employment.

Purpose

The purpose of the Data Protection, Copyright & Confidentiality Policy is to ensure that the information assets of Multiverse and its apprentices and customers are held securely and confidentially in accordance with legal requirements and best practice.

Data protection

Multiverse is registered with the Information Commissioner for the purposes of the Data Protection Act (ZA170420).

Multiverse takes data protection very seriously and as such complies with the eight principles of the Data Protection Act 1998.

In broad terms the Act states that personal data shall be:

  • obtained and processed fairly and lawfully
  • held only for lawful purposes, which are described in the register entry be used or disclosed only for those or compatible purposes
  • adequate, relevant and not excessive in relation to the purpose for which they are held
  • accurate and where necessary, kept up to date
  • held no longer than is necessary for the purpose for which they are held be surrounded by proper security.
  • Personal data held by Multiverse includes data for apprentices and customers. This data is held both electronically and in hard copy.
  • Apprentice data is held within the data department.
  • Access to apprentice data is strictly controlled. Hard copy data is stored in locked storage. Electronic data is held in secure locations, such as the Multiverse Platform and password restricted.

Similarly, Customer data is held in the form of hard copy documentation, internal documents including portfolios/action plans along with local and central databases of Customer information.

At site level, access to hard copy information (e.g. customer files) are restricted with information retained in suitable storage mediums away from general areas.

Access to this information is restricted to only those who have a legitimate requirement to use / view the information.

Any Customer databases is held securely in accordance with the overall Multiverse Data Management and Information Security Policy.

  • Access to customer data is restricted so that only those with a legitimate requirement to use / view the information are able to do so.

Wherever, information is held, appropriate safeguards are in place to prevent unauthorised use/disclosure of the data.

Hard copies are retained in suitable secure storage mediums with restricted access.

Data held on electronic media has security protocols built into the system, such as individual access codes, which are password protected.

Any disclosure of information is carried out strictly within the terms specified of the company registration with the Information Commissioner for data protection.