Data Protection and Privacy

ICS Learn Data Protection and Privacy Policy

Updated 18th May 2018.

 

At ICS Learn we are committed to protecting and respecting your privacy.

This policy explains who we are, what, when and why we collect personal information, how we use it, the conditions under which we may disclose it to others and how we keep it secure.

Any questions regarding this policy and our privacy practises should be sent:

  1. by email to studentservices@icslearn.co.uk
  2. by phone to 0870 9000 384
  3. by post to ICS Learn, 274 Sauchiehall Street, Glasgow, G2 3EH

 

Who are we?

We’re ICS Learn, the world's most experienced distance learning organisation.  Our aim is to make learning as accessible as possible in a way that lets you decide when, where and how you learn. 

International Correspondence Schools Limited trading as ICS Learn is a company incorporated under the laws of Scotland (registered number SC434382) having its registered office and address for service at Breckenridge House, 274 Sauchiehall Street, Glasgow, G2 3EH. We are registered as a data controller with the UK Information Commissioner's Office (ICO) under registration number Z3410565.

 

How do we collect information about you?

Information is provided to ICS Learn by:

  1. Filling out an enquiry form on the ICS Learn website
  2. Filling out an enquiry form for one of our courses on a third party website, such as an awarding body, online job noticeboard website, or a generic course enquiry website, which is then automatically sent to us
  3. Correspondence by phone; email or chat
  4. Requests to join our social media channels such as Facebook, LinkedIn and Twitter
  5. Information provided when contact is made with the Student Service team to report a problem, resolve a query or provide general system and support.
  6. Surveys to support continuous improvements in the student experience
  7. Career development tools to support your continued learning.
  8. Completion of an Apprenticeship enrolment form
  9. Any pre-enrolment diagnostic test that may be required.

 

What information do you provide?

When you submit your details to us through an enquiry on our website [or a trusted third party], we’ll collect the following information:

  1. Your full name
  2. Your email address
  3. Your telephone number

When you speak to our course advisors or enrol on a course, we may ask for the following information:

  1. Your full name
  2. Your email address
  3. Your telephone number
  4. Your education and work experience, where relevant to the course
  5. Your postal address
  6. Your date of birth
  7. Payment information including credit card number and bank account details
  8. Company Name and Address
  9. Copy of your identification, either passport of driving license.

If a third party is paying for your course then we will ask them for the following information:

  1. Full name
  2. Email address
  3. Postal address
  4. Date of Birth
  5. Payment information including credit card number and bank details

When you are studying, we may collect the following information about you:

  1. Service queries or problems
  2. Academic tutor queries
  3. Coursework or assessments submissions
  4. Student event or survey
  5. Career development plans

When you enrol as a student, we’ll ask if you have any special educational requirements that might require us to make adjustments to the course or assessments. We ask this so that we can take reasonable steps to accommodate your needs and give you the best student experience possible. Any such health information is known as special category personal data under data protection laws. We may share this with our Awarding bodies so that they can take your requirements in to consideration when setting assignments or exams.

This information will only be used to help you.

As with all your data, you can ask us to delete or modify this information at any time. Please see further information about your privacy rights below.

 

How and why we use your personal information

Under data protection law, we can only use your personal information if we have a proper reason for doing so, e.g.:

  1. to comply with our legal and regulatory obligations;
  2. for the performance of our contract with you or to take steps at your request before entering into a contract;
  3. for our legitimate interests or those of a third party; or
  4. where you have given consent.

A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.

The list below explains what we use (process) your personal information for and our legal basis for doing so:

  1. Students: If you are a student, our processing of your personal data is necessary for the performance of our contract with you, i.e. to provide you with the course you have enrolled on. If you do not provide us with certain personal information that we request when you apply for one of our courses, then we may not be able to offer this course to you. We will seek your consent to process any special categories of personal data (such as health information) that we may request when you apply for one of our courses.
  2. Enquiries and Feedback: We use personal information submitted to us when you make an enquiry or when you provide feedback to us for our legitimate interests of engaging with potential students and identifying how we can improve our services.
  3. Job Applications: We collect personal information in the context of processing job applications as necessary to comply with our legal and regulatory obligations to ensure that our application processes comply with applicable laws, and also for our legitimate interests to ensure that candidates are appropriately qualified and suitable for working with us. Such processing may also be necessary for us to take steps before entering into an employment contract with a candidate.
  4. Business Contacts: We use personal contact details of business contacts (including agents, contractors and individuals that represent our suppliers and business partners) for our own legitimate interests of running our business.
  5. Website: The technical information gathered from the use of our website (including through our use of cookies) which may include personal data, is used for our legitimate interest of ensuring that our website is functioning properly and to help us make business decisions about the information to be provided on our website.
  6. Marketing: We may use your personal information to send you updates about our services, including exclusive offers, promotions or new courses. We have a legitimate interest in processing your personal information for marketing purposes. This means we do not usually need your consent to send you marketing communications. However, where consent is needed, we will ask for this consent separately. You have the right to opt out of receiving marketing communications at any time (please see "How to unsubscribe from marketing communications" below). We will always treat your personal information with utmost respect and never share it with other organisations for marketing purposes.

 

How long do we keep your data?

If you submit your details as a prospective student, we’ll store this data for one year.

If you enrol as a student, we’ll store your data for 7 years after the completion of your course in line with regulatory and governing body requirements, where there may be a requirement to hold your data to evidence the completion of your studies or for audit purposes.

Technical information about your visit to our website may be kept for the following retention periods:

  1. Google unique visitor tracking - 2 years.
  2. Google analytics session - 30 minutes.
  3. Google referral - 6 months.

For more information about how long we keep your data, please contact us at the details above.

 

How do we keep your data secure?

We take your privacy and security very seriously, and take appropriate measures to ensure that your data is protected from misuse.

We have an ongoing programme of improvement and development in order to protect your personal data from unauthorised access, accidental loss and/or destruction.

We use the following security measures to protect your data:

  • Industry standard secure sockets layer (SSL) technology, to protect personal information, as well as the use of specific logins and secure passwords
  • Our web servers and database servers are held in a securely managed data centre and are further protected with a personal firewall and inherent security layers
  • firewalls, anti-virus, secure file transfers as used where required
  • encryption of emails is used where required
  • office security
  • access to personal data is granted on an "as-needed" basis
  • an incident and disaster recovery protocol framework is in place to help us manage any data security breaches

Please be aware that communications over the internet, such as e-mails/instant messaging, are not secure unless they have been encrypted. We cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control.

 

Who do we share your data with?

In order to provide and improve our services, we may share relevant information with the following third parties. All of our third parties are trusted and take appropriate measures to ensure your data is secure.

  1. Contracted Apprenticeship Partners to support enrolment on funded courses for Apprentices
  2. Awarding Bodies – Registration and Certification of your qualification, including CIPD whose privacy policy can be found at cipd.co.uk/privacy-policy
  3. Examination and Workshop venues – arrangement of workshops and exams
  4. The National Apprenticeship Service for Apprenticeships
  5. Your personally assigned tutor and assessor
  6. Publishers – to supply textbooks relevant to your studying

We may also share your information if:

  1. It’s necessary to enforce our Terms & Conditions or other policies
  2. It’s necessary to protect our rights, property, employees or students
  3. It’s necessary to protect ourselves or others against fraud or credit risk
  4. We’re required to by law
  5. You’ve given us your consent to pass your details to additional third parties

Coursework and assessment submissions will only be shared securely based on the terms of the student agreement; for example, with a designated person or department in the relevant Awarding Organisation.

Technical information gathered about your use of our website may be shared with Google Analytics. We work with Google Analytics to automatically collect information including: IP address; MAC (Media Access Control) address; unique identifier or other persistent or non-persistent device identifier; device software platform and firmware, mobile phone carrier and geo location data to help us understand your use of our website such as how often you return, what parts of the website you visit, how you use the website and how long you spend on the website. This third party provider is prohibited from using our data for any other purposes. Go to http://www.google.com/analytics/terms/us.html to read the Google Analytics Privacy Policy.

 

Transferring your data across borders outside the EEA

This is relevant as countries outside the EEA are not bound by the same data protection regulations as those within the EEA.

The European Economic Area (EEA) includes the EU member states plus Iceland, Norway, and Liechtenstein, and is covered by the General Data Protection Regulations (GDPR).

Your data might be shared with the non-EEA companies below contracted to provide a service to us. We trust these companies with your data because they’ve ensured that their data protection measures are at least as extensive as those required within the EEA by GDPR.

  1. Zapier – AWS US – as a seamless no code integration tool
  2. Bizible – MS Azure – to support the efficiency of our marketing campaigns
  3. Adobe E-sign – AWS US – to support electronic signatures
  4. RPNow – to support on-line proctored exams
  5. VWO – US – A/B testing tool

These companies participate in the Privacy Shield programme, which the European Commission considers adequate proof that they meet the standards of GDPR.

You can view these companies’ privacy policies here:

  1. https://zapier.com/privacy/
  2. https://www.bizible.com/privacy-policy
  3. https://www.adobe.com/uk/privacy/policy.html
  4. http://www.softwaresecure.com/privacy-statement/
  5. https://vwo.com/platform/security-compliance/gdpr/

 

Your rights regarding your personal data

Under data protection laws, you have many rights regarding your personal data which may generally be exercised free of charge. These include the right to:

  1. fair processing of information and transparency over how we use your use personal data (as contained in this policy)
  2. require us to correct mistakes in your information which we hold
  3. require us to delete your personal information in certain situations
  4. receive a copy of the personal information you’ve provided to us in a structured, commonly-used and machine-readable format
  5. object at any time to processing of personal information concerning you for direct marketing
  6. object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
  7. object in certain situations to our continued processing of your personal information
  8. otherwise restrict our processing of your personal information in certain circumstances
  9. claim compensation for damages caused by our breach of any data protection laws

For full information on your rights, including how and when they apply, please contact us or seek guidance from the ICO.

You can exercise any of these rights by emailing studentservices@icslearn.co.uk, by phoning 0870 9000 384 or by writing to ICS Learn, Third Floor, Breckenridge House, 274 Sauchiehall street, Glasgow G2 3EH and providing the following information: 

  1. Your name
  2. Your postal address
  3. A telephone number where you can be reached
  4. A photocopy of your passport or driving license
  5. Your signature and the date of the request
  6. Signed authority from the individual whose data is required if you are applying on their behalf

 

How to delete or modify your personal information

If for any reason you’d like us to delete or modify your data, or opt-out of any communications, you can do this for free. Contact us at studentservices@icslearn.co.uk and we’ll meet your request within one month.

However, you should be aware that we may not be able to delete your personal data if there is a legitimate reason for us to continue to hold your data; for example, we may continue to hold personal data where we are under a legal obligation to do so, or where such information may need to be used by us in the exercise or defence of any legal claim.

 

How to request a copy of your personal information

You can ask us for a copy of the information we hold on you at any time, free of charge, by contacting us on studentservices@icslearn.co.uk. We’ll respond within one month.

 

How to unsubscribe from marketing communications

To opt-out of our emails or other marketing communications, click the ‘unsubscribe’ button at the bottom of any email or text "STOP" in response to any marketing text message we send you.

 

How to make a complaint

We’ll do our best to resolve any complaint or question you have about the data you store with us.

If you believe we’ve breached data protection laws, you have the right to lodge a complaint with the relevant supervisory body where you work, live, or where the alleged breach occurred.

In the UK, this is the ICO, which can be reached here or by phone on 0303 123 1111.

 

Cookies

Cookies are very small text files that are stored on your device when you visit some websites or mobile apps.  They're used by many website owners, including ICS Learn.

We use cookies to collect information about how and when you arrive on our website, the pages you view when you’re on the site, how long you spend on each page, and actions you take on the site (for example, scrolling or downloading a course guide). You can find out more under ‘Cookies’ below.

We may also collect technical data such as IP address, login information, browser type and version, time zone setting, browser plug-in types and version, operating system, and platform, page response times, download errors, and phone numbers used to contact us.

We use this information to tailor and target our communications and adverts to your interests; analyse and enhance the effectiveness of our website and marketing campaigns; better understand our students and prospective students; and improve the student journey.

We may combine this information with other details you’ve submitted to gain a more detailed picture of our student journey and to provide you with a personalised service that meets your needs.

We may also receive information from third parties that we work with, for example: business partners; subcontractors in the technical, payment and delivery services; advertising networks; analytics providers; and search information providers.

You won’t receive marketing from third parties as a result of sharing your data with us.

 

How we use cookies

Functional Cookies

Cookies used: ASP.NET_SessionId, CourseName, DiscountAmountMulti, DiscountVPrice, Price, UMB_UPDCHK, XSRF-TOKEN, XSRF-V, cookieconent_status, discountCodeAmount, fornsubmit, golocal, liveagent_chatted, liveagent_oref, liveagent _ptid, liveagent_sid, liveagent_vc, schoolcoder, ncbt_segment_Mobile_Only, ncbt_segment_twitter, ncbt_visitorid

These do not contain any personal information and are automatically deleted when you close your internet browser.

 

Analytical Cookies

These cookies allow us to count anonymous page visits and traffic sources so we can measure and improve the performance of our site, using a service provided by Google Analytics.

Cookies used:  __utma, __utmb, _utmc, _utmz, _fvs, _fvm, _ga, _gid, _dc_gtm_UA-855577-1, _dc_gtm_UA-855577-** (with ** being the number of the view relating to the domain set up in GA. i.e. UK = 28)

 

Third Party Cookies

We use a number of web analytics and social media tools to measure and enhance visitor interaction on our site. If you already use these platforms their cookies may be set through our website. Data may then be collected by these companies that enables them to serve up adverts on other sites that they think are relevant to your interests. You can use your web browser settings to manage and reject third party cookies.

Cookies used:  _biz_flagsA, _biz_nA, _biz_pendingA, _biz_sid, _biz_uid, _ceg.s, _ceg.u, _uetsid, _vwo_uuid_v2, adiLP, adiS, adiV, adiVi, wp18327

 

Opting out of cookies

When you visit our site for the first time, you’ll be invited to review this policy and accept our use of cookies. Clicking ‘Continue’, clicking on the page or closing the panel will confirm that you’re happy for us to use cookies in this way.

You can turn off cookies in your browser settings, but it’s important to note that if you do, you might not be able to use all of the services on our website.

 

How and when we may change this policy

We will keep this policy under review and any changes made from time to time will be posted on this page.

Please check back regularly to keep informed of updates or changes to this privacy statement. We will notify any significant changes via an announcement on our website.