The following is a very broad description of the way this organisation/data controller processes personal information. To understand how your own personal information is processed you may need to refer to any personal communications you have received, check any privacy notices the organisation has provided or contact the organisation directly to ask about your personal circumstances.

We process personal information to enable us to carry out our regulatory duties which may include the consideration and investigation of complaints and policy issues, formal enforcement actions, providing advice and information, maintain our own accounts and records, support and manage our employees, send promotional communications about the services we provide, undertake research (including research relating to health), administration of licenses, maintenance of a public register, internal support functions, corporate administration and all activities we are required to carry out as a data controller and a public authority, the use of CCTV systems for crime prevention.

We process information relevant to the above reasons/purposes which may include:

• personal details
• family details
• lifestyle and social circumstances
• goods and services
• financial details
• employment and education details
• details of complaints, incidents and grievances
• visual images, personal appearance and behaviour
• responses to surveys

We also process sensitive classes of information that may include:

• physical or mental health details
• racial or ethnic origin
• religious or other beliefs
• political opinions, sexual life
• trade union membership
• offences (including alleged offences)
• criminal and legal proceedings, outcomes and sentences

We process personal information about:

• customers
• witnesses
• employees
• students
• suppliers
• complainants or their representatives
• subject of a complaint or their representatives
• individuals who we may contact when carrying out a complaint or enquiry
• services providers
• lobbyists
• offenders and suspected offenders
• applicants for a licence or registration
• authors publishers and other creators,
• individuals captured by CCTV images
• consultants and advisers
• survey respondents
• journalists and the media

We sometimes need to share information with other organisations. Where this is necessary we are required to comply with all aspects of the data protection act. What follows is a description of the types of organisations we may need to share some of the personal information we process with for one or more reasons.

Where necessary or required we share information with:

• data subjects listed above
• family, associates and representatives of the person whose personal data we are processing
• professional advisers and consultants
• services providers
• credit reference agencies
• debt collection and tracing agencies
• police forces
• private investigators
• current, past or prospective employers and examining bodies
• financial organisations
• central government
• other companies within our group
• suppliers
• financial organisations
• debt collection and tracing agencies
• persons making an enquiry or complaint
• organisation subject to a complaint or assessment,
• prosecuting authorities, courts
• other ombudsman and regulatory authorities

Consultancy and Advisory Services

Information is processed for consultancy and advisory services that are offered. For this reason the information processed may include name, contact details, family details, financial details, and the goods and services provided. This information may be about customers and clients. Where necessary this information is shared with the data subject themselves, business associates and other professional advisers, current, past or prospective employers and service providers.

It may sometimes be necessary to transfer personal information overseas. When this is needed information may be transferred to countries or territories around the world. Any transfers made will be in full compliance with all aspects of the data protection act.