This Privacy Notice provides details of the personal data we collect from you, what we do with it, how you might access it and who it might be shared with.

Who we are
JCA Seminars is registered in the UK. It operates as a wholly separate business as part of the Medica Group. We may share personal data within Medica as part of a systems and central marketing function, in order to provide you with our services. JCA and Medica are joint data controllers for the information we collect and process.
To provide our services to you, we need to collect, process and store data about you that may be personal or sensitive in nature. We use your data to administer, support, improve and develop our business generally, to provide statistical data to meet our regulatory requirements and to enforce our
legal rights. If we intend to use your data for a different purpose, we will do so in compliance with Data Protection legislation, wherever possible, by notifying you in advance. We only use your data for the specific purpose(s) for which it has been provided or collected.

Why do we process your personal data?
We process personal data only for the purposes for which they are collected. The purpose is dependent on whether you use only our website, or additionally, are interested in accessing our services via links and payments, where you will need to provide us with information as part of a registration or expression of interest. We may use your personal data for other related purposes through marketing and communications to you as part of our legitimate interests - but only where you have agreed to this.

Our Contact Information (as the Joint Data Controller with Medica Group Limited)

Data Protection Officer,
Medica Group,
6th Floor, One Priory Square,
HASTINGS,
TN34 1EA,
United Kingdom

Email: dpo@medica.co.uk

What personal data do we collect?
When you visit our website, you do not need to provide us with any personal data. However, your browser transmits some data automatically, such as the date and time of retrieval of one of our web pages, your browser type and settings, your operating system, the last web page you visited, the data
transmitted and the access status, and your IP (Internet Protocol) address. If you register for marketing or services, we will collect and hold that information on the website and in Medica systems for as long as there remains a purpose to do so and in compliance with the Medica Retention Policy. The Website includes links to third-party websites, plug-ins and applications. Clicking or enabling those links may allow third parties to collect or share your data. We do not control these third-party websites and are not responsible for their privacy policies. When you leave our website, we encourage you to read every website's privacy policy. These links include LinkedIn, What’s App, Facebook and Instagram).

Medica uses Google Analytics to review website traffic for marketing and business development purposes.
The information we collect varies according to how you are engaging with us.

• For example Eligibility Data includes education/academic history, qualifications and/or training records, personal statements and references, or other financial information to ensure visa requirements are met.

• Business contact details (including phone number, e-mail address or social media labels) – to contact you about your account, update you about the services you’ve requested or received from us, or contact you with other data related to our business.

• Financial Data includes bank account, billing information, and payment card details.

• In enrolling for a course and dependant on geo-location, JCA will also be required to process Identity verification data that includes first and last names, certain ID numbers, and usernames for JCA date of birth and gender. It may also include copies of identification documents (such as a passport, driver’s licence or national identity card) which are used to confirm your identity in enrolments and which we may hold on file subject to retention policy and which help us prevent fraud and manage our audit requirements.

• Marketing and Communications Data includes your preferences in receiving marketing from us and your communication preferences.

• Profile Data includes your usernames and passwords (for JCA platforms), purchases or orders made by you, your interests, preferences, feedback, reviews, survey responses and enquiries submitted to JCA.

• Technical Data includes internet protocol (IP) address, login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.

• Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.

• Aggregated Data, such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature.

• Your name, address and contact details, including telephone number and email address, and designations, roles or positions in your organisation; information about your preferred business contact (for example via another colleague).

• Details of your attendance at our training events and online courses.

• Your feedback and comments about our training events and online courses.

• Information about any medical, health or dietary conditions, including if you have a disability for which we need to make reasonable adjustments, to provide a duty of care and arrange accessibility during training events.

• Details from you completing forms on our website (see above) or by corresponding with us by phone, e-mail, webchat or otherwise. This includes information you provide when you when you change/update your personal details, contact preferences etc. and when you report a problem with our site

​

How do we collect your data?
We collect information:

• By direct interaction If you contact us by phone we may retain a written record of the conversation.

• If you contact us by post, telephone or e-mail we will retain a record of the contact.

• If you use our website, we will retain a record of the contact and we may collect additional data about you to provide a better digital service and website functionality.

• From publicly accessible sources such as social media including the use of any JCA social media channel (LinkedIn, What’s App, Facebook, Instagram) only for the purpose for which they are collected.

• When you register to use our courses or services when applying online, requesting a call back or creating an account.

• Subscribe to a service, email or marketing preference.

• Take part in a course or webinar.

• When you sign in at a venue.

• Register with JCA by any other means.
   

What is the legal basis we rely on?

In general, we rely on the basis to perform a contract that we are about to enter into or have entered into with you; for our legitimate interests (or those of a third party) and your interests and fundamental rights, do not override those interests; where we need to comply with a legal or regulatory obligation; or where we have your consent (see special categories of data here).

​

How do we look after personal data
We do not share or disclose your personal information with any third parties (with the exception of Google Analytics, CookieBot and Crisp) unless mandated to disclose your personal data in response to requests from a court, police services or other regulatory bodies. Where feasible, we will consult with you prior to making such disclosure and, in order to protect your privacy.

We have put in place appropriate system security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees and contractors and other third parties (technical support), who have a business need. They will only process your personal data on our instructions
and they are subject to a duty of confidentiality as well as their own organisational technical and
security measures.

JCA and Medica have put in place procedures to deal with any suspected personal data breach and
will notify you and any applicable regulator of a breach where we are required to do so.
All information that you provide to us is stored on secure systems including the website, and servers.
Any payment transactions will be encrypted using SSL technology.

Data retention
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

​

What are your data protection rights?
 

The right to access (also known as a ‘Subject Access Request’)
You can ask Medica for copies of any personal data we hold about you
The right to have your information corrected
You can ask Medica to correct any information about you that you believe is inaccurate or incomplete.
The right to have your data erased
You can ask Medica to erase your personal data, under certain conditions.
The right to restrict processing
You must ask Medica to restrict the processing of your personal data, under certain circumstances.
The right to object to processing
You can object to Medica processing your personal data, under certain circumstances.
The right to data portability
You can ask Medica in some limited circumstances to transfer the personal data we have collected from you to another organisation or copy directly to you.

If you would like to exercise any of these rights, (noting that some are conditional), you may make a request via email to dpo@medica.co.uk, by telephone or in writing to our office as detailed at the bottom of this page. We may need to request specific information from you to help us confirm your identity and ensure the validity of your request.
 

Where it may have been necessary to get your consent to use your personal data, at any moment, you have the right to withdraw that consent. If you withdraw your consent, we will cease using your personal data without affecting the lawfulness of processing based on consent before your
withdrawal.
We will respond to all legitimate requests within one month from the date you have verified your identity to the required standard unless the matter is complex and may be extended.

Our Data Protection Officer can be contacted via:
Email: dpo@medica.co.uk

The UK Supervisory Authority is the ICO
You have the right to make a complaint at any time to:
the Information Commissioner’s Office (“ICO”), the UK supervisory authority for data protection issues
(www.ico.org.uk).
The Information Commissioners Office (ICO),
Water Lane,
Wycliffe House,
Wilmslow,
Cheshire
SK9 5AF

We would, however, appreciate the chance to deal with your concerns before you approach the ICO (or other relevant authority) so please get in touch with us in the first instance.

Links to other websites and services
Our website may contain links to other external websites and services. This privacy notice only applies to this website, so if you visit another website, please ensure that you read their privacy notice, such as when following Medica on Instagram regarding the use of your data for analytics and
targeted products and services.

Changes to our privacy notice
We keep this privacy notice under regular review and any updates are published to this page. This notice was last updated on 01/02/2024.

​

​

​