We are committed to safeguarding the privacy of our website visitors; in this policy we explain how we will treat your personal information.
WHO WE ARE
We are Cambridge Tutors College, a charity regulated by the Charities Commission under the laws of England and Wales with company number whose registered office is at 1 Water Tower Hill, Croydon, CR0 5SX. If you have any queries about how we use your data, please contact the College at firstname.lastname@example.org
WHY YOU NEED TO READ THIS
This policy relates to all the websites, services and products featured from time to time under the domain ctc.ac.uk (the Sites).
When you visit the Sites or access our services, you will be giving us information in a variety of ways as described in this policy (your Personal Data). The purpose of this policy is not to simply give you the small print. We want to protect and respect your privacy. We want to try and make it as clear as possible to you what you are agreeing to when you visit the Sites and use our services.
This policy (and any other documents referred to in them) set out the basis on which we will use, store, collect, disclose and transfer (process) your data.
Sometimes in this policy we will refer to a few legal terms such as:
The UK Data Protection Act 1998 (the DPA);
The General Data Protection Regulation (2016/679) (the GDPR)
Data processors (third parties who process your data on our behalf);
A data controller – that’s us CTC!
CHANGES TO THE SITES AND THIS POLICY
We may need to update the Sites and this policy at any time and without notice. Where you have given us your email address, we may use this to notify you of such changes and we will post a note on the Sites to inform you that this policy has been updated. Please check this policy regularly to ensure you always understand how we use your information.
It is a condition of using the Sites and our services that you need to agree with this policy and how we use your data for our legitimate business purposes as described in more detail below. However, where we consider that you might think that one of the ways we use your data is more intrusive than others, and that use is optional, then we will ask you to tick a box on the forms that collect your data to make doubly sure you are happy about this. You may change your options by emailing email@example.com.
WHAT INFORMATION WILL YOU COLLECT ABOUT ME AND WHY DO YOU NEED IT?
We will collect and process the following data about you:
Obvious information you give us
This is information about you that you give us by:
Filling in any forms on the Sites, subscribing to our services such as portal access; Using our services (for example by asking a question or participating in discussion boards or other social media functions on the Sites); or Corresponding with us by phone, e-mail or otherwise (for example if you report a problem with the Sites or have a recommendation or complaint relating to one of our services). In these scenarios, you know what information you are giving us and why we need the information as you are requesting us to use your information to fulfil your request. However, as a reminder, this may include your name, address, e-mail address and phone number, role, place of employment or School and any profile information you may give us that is linked to your website visit. Where you make a payment, your information may include your bank account and card information, which we do not hold on the Sites, but which is held instead by our secure payment providers. Ultimately, we need this information to provide you with the products and services you have asked for, to ensure it is relevant to you, to comply with the contracts we may have with you and to notify you about changes to our service.
Marketing and Research
By signing up to these terms, you are consenting to receiving relevant marketing and news about our college and services we offer which we feel may be of interest to you such as joining our alumni.
The Sites and our services are based on an education community where users share their concerns and experiences. It is therefore a necessary function of our service that we may contact you occasionally for research purposes, although you do not have to participate in any survey.
If you wish to opt out of receiving marketing or being contacted for research purposes, please email us at firstname.lastname@example.org
Less obvious information we collect about you:
Each time you visit the Sites or subscribe to our services, there is some data processing going on in the background telling us about you, as with many other websites. This is technical information including: the IP address used to connect your device to the internet, anonymous user ID, the full URL, the clickstream to, through and from the Sites (including date and time), pages you viewed or searched for, page response times, errors, length of visits to certain pages, server log files, page-interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, the platform and device you are using, SDK version, timestamp, API key, application version, device identifier, iOS Identifier for Advertising, Media Access Control (MAC) address, International Mobile Equipment Identity (IMEI), model, manufacture and OS version of device, locale (specific location where a given language is spoken), time zone, network status (WiFi, etc.), location information (not sufficient to derive city and street names), events, and page views, device type and time-zone of the user, and how you use the Sites. We also capture information about your browser type and version and operating system.
We need this data to: administer the Sites and keep them secure, improve our services and how the Sites appear to you, track how you used the Sites, and look at where you go after visiting the Sites to ensure we are tailoring our marketing and services appropriately to you, and that you don’t receive irrelevant information. We also use aggregated data on user activity within the Sites to generate and publish lists of popular content and search terms on the Sites. These published statistics will not include any information that could personally identify you or the content you have personally accessed.
We may also provide aggregate statistics about use of the Sites to stakeholders in the education sector such as the Department for Education, trade unions, local authorities or education data insight and research organisations, for statistical and research purposes, but these statistics will not include any information that could personally identify you or the content you have personally accessed. (For example, we may provide information that 50% of our parents accessing our service read a particular article).
If you access the Sites using a mobile device, your device may give us your location data.
Your calls to our helpline may be monitored or recorded for training and quality assurance purposes and to provide you with the services you request.
Will other Permitted Users be able to see my data?
Only users that have a specific need to see your information, in order for them to carry out the services that you have requested, will be able to view your data This may include admin, welfare, subject tutors.
Certain of our service offer a function to comment on an article or to add your own notes. Depending on the service, you may be asked for your permission to display your name, role and School, and you may be able to withhold this permission and instead be acknowledged anonymously.
Information we receive from other sources
Sometimes, other people give us data about you which we may need for our legitimate business purposes. This may happen when you use another website that we link to. For example, we may link through to third-party payment providers. They tell us that you have paid for your srvices. We also might engage third-party contractors to provide us with technical or delivery services that are related to your account with us. We may have to conduct credit-referencing checks where this is a condition of our contract with you.
We may enter partnerships with third parties to exchange information about you where we think it will give you an opportunity to get great service, but we will always ask for your express permission to do this.
DO ANY THIRD PARTIES GET MY INFORMATION FROM YOU?
We use some contractors and share your information with them as outlined above.
In addition, we hope we will continue to expand. So, eventually, we may have different group companies (we will all be owned by the same company, though). If this happens, we may want to share your information around our group so they can use it for the same internal purposes as we do, as described above (for example, we might want to store our data on one server). It is possible that we could sell our business to a third party, or re-organise our business or become insolvent. In that scenario, our database of customers is one of the biggest parts of that business, so we would need to share it with the buyer and their advisers.
We will co-operate with all third parties to enforce their intellectual property or other legal rights. We will also co-operate with law-enforcement requests from within or outside your country of residence. This may include disclosing your personal information to government or law-enforcement agencies, or private parties, when we have a good-faith belief that disclosure is required by law, or when we, in our discretion, believe that disclosure is necessary to protect our legal rights, or those of third parties and/or to comply with a judicial proceeding, court order, fraud-reduction or legal process served on us. In such cases, we may raise or waive any legal objection or right available to us.
We have no control over, and are not responsible for, the privacy policies and practices of third parties.
WHERE DO WE SEND YOUR PERSONAL DATA, WHERE DO WE STORE IT AND FOR HOW LONG?
The data that we collect from you will be stored here in the UK.
When we engage data processors, we will ensure they are contractually bound to take all steps reasonably necessary to ensure your data is treated securely, in accordance with applicable data-protection laws, and in accordance with this policy.
We only store your data for as long we need it to support the services that you have enrolled into. We will also delete your data on your request, though we may hold a list of the ‘opt out’ requests to administer your request.
We do sometimes need to send data outside of the European Economic (EEA) Area to support your application to college, such as applying for a visa with your agents support, or in response to a request from you or your family or agent who may be resident outside the EEA. Information that we collect may be transferred to the following countries which do not have data protection laws equivalent to those in force in the European Economic Area: China, Vietnam, Nigeria, The United States of America, Malaysia, Singapore
Although we have international clients and students agents, if you choose to use the Sites from outside the UK, you do so at your own risk.
BEING SAFE AND HOW WE PROTECT YOUR DATA
All information you provide to us is stored on our servers, and we have implemented reasonable and appropriate security measures to protect the data including HTTPS and the industry standard for encryption and SSL technology. Unfortunately, the transmission of information via the internet is not completely secure and we cannot guarantee that data breaches will never occur. Please keep your password safe and log out of inactive sessions.
For safety purposes, we may require users to verify their accounts and we might ask for your phone number, credit-card number, separate email address or for other ways to verify your identity. We won’t use this information for unexpected reasons.
We also do not recommend that you put email addresses, URLs, phone numbers, full names or addresses, credit-card details or other identifying or sensitive information in any online chat function on the Sites.
A cookie is a file containing an identifier a string of letters and numbers that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
Cookies can be used by web servers to identify and track users as they navigate different pages on a website and identify users returning to a website.
We use both session and persistent cookies on our website.
We use Google Analytics Universal to analyse the use of our website.
Our analytics service provider generates statistical and other information about website use by means of cookies.
The information generated relating to our website is used to create reports about the use of our website.
Most browsers allow you to refuse to accept cookies.
Blocking all cookies will have a negative impact upon the usability of many websites.
If you block cookies, you will not be able to use all the features on our website.
You can delete cookies already stored on your computer;
Deleting cookies will have a negative impact on the usability of many websites.
This website is owned and operated by Cambridge Tutors College.
If you have any other questions about this policy you can write to us at Cambridge Tutors College, Water Tower Hill, Croydon CRO 5SX or telephone: 020 8688 5284 or email: email@example.com.
You have the right to ask us not to process your data for marketing purposes at any time, and this can be done anyway as part of the checking of boxes on the forms we use to collect your data. Simply email us asking to opt out at firstname.lastname@example.org
You have the right to access information we hold about you. Simply email us at email@example.com@ctc.ac.uk .
You can correct your data if it is wrong. Email us using the same address as above. You can always withdraw consents you have previously given to us.
The laws are changing. The current UK law governing data protection is the DPA. Soon, it will become law under the GDPR that you can require erasure of your data in certain additional circumstances, that you can further restrict the reasons we process your data, and that you can ask us to ‘port’ your data to a third party. But we don’t need to wait for these laws to come into force. We have no intention of using your data in a way that makes you unhappy, so if you are unhappy with our use of your data, all you need to do is talk to us by emailing firstname.lastname@example.org and telling us what you want to do and we will do our best to accommodate you. You may also complain to your local supervisory data-protection authority about us depending on where you are located. In the UK, please read: https://ico.org.uk/for-the-public/raising-concerns/ for details of how to do this.