The College is bound by the terms of the Data Protection Act 2018, which came into force on 23rd May, 2018.
The College is a Data Controller under the terms of the Act and has a designated Data Protection Officer. The data protection statement below is a very simple outline of how we manage personal data.
Data Protection Statement
For students: Nearly all the data we collect and process is used directly in providing education and welfare services which are a necessary part of the agreement you make with us when you enrol. This now includes the provision of remote (offsite) learning and support.
For staff: Nearly all the data we collect and process is used directly in providing you with employment and welfare services which are a necessary part of the agreement you make with us when you sign your contract of employment.
The law requires us identify the "lawful basis" on which we process data. As described above, most of the data we hold is used directly in providing the services our students and staff require: this means that it is processed on legal bases which mean that we don't need ask you again to opt in or out:
- The core data we hold is processed on the basis of contract, i.e. to allow us to provide you with all the services you'd expect when you enter into that contract.
- Some data is collected and processed in order to fulfil our legal obligation to government agencies such as the Education and Skills Funding Agency.
- Some data, such as medical and safeguarding information, is necessary to protect your vital interests.
If we ask for any optional information not covered by these bases, we will require your specific consent, which means we will ask you to opt in to the processing of the information, and you can opt out at any firstname.lastname@example.org