This Privacy Notice/Policy applicable to all (former/current/prospective) students (“you”, “your”). Students’ privacy is important to us and it is our top priority to ensure safety and security. “Global Admission”, “we”, “our”, “us”) is the data controller for your personal data. This notice will explain how the Global Admission processes personal information in accord with the General Data Protection Regulation (“GDPR”) and the Data Protection Act 1998(“DPA”).
Who we are:
Our registered office address is: 216 Whitechapel Road, London, United Kingdom, E1 1BJ. Global Admission is a trading name under a registered company and the company is registered with Companies House.
If you have questions about how we process personal data, or would like to exercise your data subject rights, please email us at firstname.lastname@example.org
Company and website within scope:
Company: Global Admission (trading name).
Collection of personal data:
Global Admission collects personal data from you for one or more of the following purposes:
- To provide you with information that you have requested or which we think may be relevant to a subject in which you have demonstrated an interest;
- To initiate and complete commercial transactions with you, or the entity that you represent, for the purchase of products and/or services;
- To fulfil a contract that we have entered into with you or with the entity that you represent;
- To ensure the security and safe operation of our websites and underlying business infrastructure, and
- To manage any communication between you and us.
How we collect your information?
From the information you provide to us when you interact with us before joining, for example-
- when you express your interest to take services from Global Admission by completing enrolment form, enquiry form, course advise form, register form etc;
- contact us by email, telephone, post, social media or in person;
- register for an event;
- make an enquiry;
- respond to a questionnaire;
- taking part in survey;
- or volunteer with the company.
What type of data or information we collect?
Global Admission accumulates and processes information relating to its clients, including images, personal details, family and social circumstances, education and training records and financial information in relation with application for further education.
In some instances, Global Admission may collect and process what may be considered ‘sensitive personal data’ as described under the DPA and ‘special category personal data’ as described under the GDPR.
Why we collect and process your data?
Global Admission collects and processes data for administrative and educational purposes. These include-
- To administer the aspects of your application; studies, academic progress and student record.
- To interact with your queries including the centre administrative and academic process such as- admissions; equality and diversity; feedback and health & safety.
- Providing advice and support in higher education, careers or other matters. This includes interactions with a client support and visa processing service.
- Compiling records and statistics for research and audit purposes and management information.
- Communications with clients (including by electronic means) relating to higher education, security incidents, Centre events, seminar on higher education etc.
- To undertake analytics, analysis and research so that we may improve the services offered by Global Admission.
- Disclosures to relevant external bodies needed in the course of Centre’s activities, such as- university, College, Training Centre etc.
Who we share personal data with:
We may share your data with other departments within Global Admission only where necessary, such as for the delivery of communication or development services.
For the purposes referred to in this privacy notice, we may share your personal data with certain third parties. For example-
- Third parties who work with us to provide student support services (e.g. counselling); internal and external auditors.
- Current or potential education providers.
- Government departments and agencies where we have a statutory obligation to provide information, e.g. the Home Office, Council Tax and Electoral Registration Officers at relevant local authorities, crime prevention or detection agencies (e.g. the police, the Department for Work and Pensions and Trading Standards).
International data transfers:
In some instances, your personal data may be subject to store at a destination outside the European Economic Area (EEA) under the GDPR Regulations.
How we keep data secure:
We will never give, rent or sell your data to anyone else, nor will we make use of it ourselves for any purpose other than those described above.
Firewall and Network security systems are embedded to protect your information. Databases are further protected by access restrictions. Key information (including your password) is encrypted when stored. Our systems are constantly updated and tested to ensure this security is maintained.
How long we keep personal information:
Global Admission will retain your personal data if necessary for the purposes described above. Please note that after completing the full process Global Admission may still require to hold your personal data for a period to satisfy statutory/legal obligations and/or to meet administrative requirements.
In addition, and in order to ensure that each visitor to our website can use and navigate the site effectively, we might collect the following:
- Technical information, including the Internet Protocol (IP) address used to connect your device to the Internet;
- Operating system and platform;
Storage of personal data:
- Global Admission is a UK-domiciled organisation whose only office is in the UK.
- Our payment processors and banking arrangements are based in the EU.
- We sometimes ship and deliver physical products around the world; we therefore use logistics companies that are based in the EU and operate in other countries. We follow the appropriate legal and security relationships with those partners in this regard.
We have what we believe are appropriate security controls in place to protect personal data. We always do risk assessment, including assessing risks to the rights and freedoms of data subjects. We do not, however, have any control over what happens between your device and the boundary of our information infrastructure. You should be aware of the many information security risks that exist and take appropriate steps to safeguard your own information. We accept no liability in respect of breaches that occur beyond our sphere of control.
Your rights as a data subject:
As a data subject whose personal information we hold, you have certain rights. If you wish to exercise any of these rights, please email email@example.com or use the information supplied in the Contact Us section below. In order to process your request, we will ask you to provide two valid forms of identification for verification purposes. Your rights are as follows:
The right to be informed
The right of access
You may request a copy of the personal data we hold about you free of charge. Once we have verified your identity and, if relevant, the authority of any third-party requestor, we will provide access to the personal data we hold about you as well as the following information:
a) The purposes of the processing
b) The categories of personal data concerned
c) The recipients to whom the personal data has been disclosed
d) The retention period or envisioned retention period for that personal data
e) When personal data has been collected from a third party, the source of the personal data
If there are exceptional circumstances that mean we can refuse to provide the information, we will explain them. If requests are frivolous or vexatious, we reserve the right to refuse them. If answering requests is likely to require additional time or occasions unreasonable expense (which you may have to meet), we will inform you.
The right to rectification
When you believe we hold inaccurate or incomplete personal information about you, you may exercise your right to correct or complete this data. This may be used with the right to restrict processing to make sure that incorrect/incomplete information is not processed until it is corrected.
The right to erasure (the ‘right to be forgotten’)
Where no overriding legal basis or legitimate reason continues to exist for processing personal data, you may request that we delete the personal data. This includes personal data that may have been unlawfully processed. We will take all reasonable steps to ensure erasure.
The right to restrict processing
You may ask us to stop processing your personal data. We will still hold the data but will not process it any further. This right is an alternative to the right to erasure. If one of the following conditions applies you may exercise the right to restrict processing:
a) The accuracy of the personal data is contested
b) Processing of the personal data is unlawful
c) We no longer need the personal data for processing, but the personal data is required for part of a legal process
d) The right to object has been exercised and processing is restricted pending a decision on the status of the processing
The right to data portability
You may request your set of personal data be transferred to another controller or processor, provided in a commonly used and machine-readable format. This right is only available if the original processing was on the basis of consent, the processing is by automated means and if the processing is based on the fulfilment of a contractual obligation.
The right to object
You have the right to object to our processing of your data where
Processing is based on legitimate interest;
Processing is for the purpose of direct marketing;
Address: Global Admission, 27 Old Gloucester Street, London, WC1N 3AX, United Kingdom
Phone: 020 3519 1401
Should you wish to discuss a complaint, please feel free to contact us using the details provided above. All complaints will be treated in a confidential manner.
Should you feel unsatisfied with our handling of your data, or about any complaint that you have made to us about our handling of your data, you are entitled to escalate your complaint to a supervisory authority within the European Union. For the United Kingdom, this is the Information Commissioner’s Office (ICO), who is also our lead supervisory authority. Its contact information can be found at https://ico.org.uk/global/contact-us/.
Our Privacy Notice is under regular review and any updates will be posted on this webpage. Please contact the Data Protection Officer if you have any questions.