1. WHAT IS THIS PRIVACY POLICY IS FOR?
This privacy policy applies to personal data that we collect from you as a user of this Site or as a membership applicant, member or customer. It provides information on what personal data we collect, why we collect the personal data, how it is used and the lawful basis on which your personal data is processed, and what your rights are under the applicable data protection and privacy laws, including the General Data Protection Regulation (“GDPR”) which will become applicable to us and you as of 25 May 2018.
‘Personal data’ as used in this Privacy Policy means any information that relates to you from which you can be identified.
By using our Site or submitting your personal data you are taken to accept the terms of this Privacy Policy, so please read it carefully.
2. PERSONAL DATA WE COLLECT
We collect the following personal data about you:
• Registration Application Form: This is the personal details you provide when submitting a registration form on our site. This includes your child’s first name, your child’s surname, your child’s date of birth, your address, your mobile number, your e-mail address, if you are an international student, your proposed programme, your name and other information that you elect to provide to support your application.
• Paypal: We use Paypal as a means for members to pay for sessions online. Therefore we also collect information about your debit/credit card and bank account information provided by you to our payment service providers, that we require for payment of sessions and registration fee payment.
• Subscription to Mailing List: Requests information, such as your first and last name and email address. Data collected to hear latest news and events we are holding.
• Other Information: Personal details you choose to give when corresponding with us by phone or e-mail, participating in our intensive holiday sessions or otherwise visiting and interacting with this Site and personal data that you may provide to us when you visit one of our centres or other premises.
3. HOW WE USE YOUR PERSONAL DATA
We use your personal data in the following ways:
• To acknowledge, confirm and deal with your registration application (and where necessary put you on our waiting list). Such use of your data is necessary in order to implement your request to become an EIE member.
• Where you are an EIE member, provide you with membership services, allocate you to relevant materials and/or accounts and contact you regarding programmes we have. Such use is necessary to benefit from what EIE has to offer.
• To complete and fulfill your EIE membership, for example, to process your payment for the registration fee, Saturday sessions or holiday sessions. Such use is necessary for to become a member and continue being a member and receiving membership benefits.
• To contact you in connection with queries you may have posted on the site or in response to registration forms you may have filled, provided that you gave us your consent to being contacted in this way at the time you provided us with the personal data.
• As necessary for certain legitimate business interests, which include the following:
- where we are asked to deal with any enquiries or complaints you make.
- if you ask us to delete your data or to be removed from our marketing lists and we are required to fulfil your request
- for internal business/technical operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
• We may use your personal data for other purposes which you have consented to at the time of providing your data.
4. HOW WE STORE DATA
For security reasons, data is stored on the cloud, and not downloaded onto remote computers. We do not sell any data we collect.
5. YOUR PERSONAL DATA PROTECTION RIGHTS
You have a number of rights in relation to your personal data, including:
• Right to be informed: You have the right to be clearly informed of your rights and how we use your information.
• Right of access: You have the right to ask for data we have on you. If asked by you, we will confirm whether we are processing your personal data and, if so, provide you with a copy of that personal data along with certain other details such as the purpose of the data processing.
• Right to rectification: If your personal data is inaccurate or incomplete, you are entitled to ask that we correct or complete it. If we shared your personal data with others, we will tell them about the correction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your personal data so you can contact them directly.
• Right to erasure: This is also known as ‘The right to be forgotten’. This means you may contact us to delete or remove your personal data, such as where our legal basis for the processing is your consent and you withdraw consent. If we shared your data with others, we will tell them about the erasure where possible.
• Right to restrict processing: You may ask us to restrict or ‘block’ the processing of your personal data in certain circumstances, such as where you contest the accuracy of the personal data or object to us processing it. This means we won’t be able to use your data but can still store it.
• Right to data portability: You have the right to obtain your personal data from us that you consented to give us or that was provided to us as necessary. We will provide you with your personal data in a structured, commonly used and machine-readable format. You may reuse it elsewhere.
• Right to object: You may ask us at any time to stop processing your personal data, and we will do so.You have the right to object to certain types of processing, including processing for direct marketing and profiling. You can object by changing your marketing preferences or disabling cookies.
• Right to withdraw consent: If we rely on your consent to process your personal data, you have the right to withdraw that consent at any time. This will not affect the lawfulness of our use of your information while consent had been given.
• Right to lodge a complaint with the data protection authority: If you have a concern about our privacy practices, including the way we handled your personal data, you can report it to the UK data protection authority (the Information Commissioner’s Office or ICO), or, as the case may be, any other competent data protection authority of an EU member state that is authorised to hear those concerns.
For any questions on this policy, email info@excellenceineducation.org.uk
