Full Student Privacy Policy
Student Privacy Policy
Oxford Learning College (OLC) is a company incorporated in Gibraltar. Our registered office is at Oxford Learning College, 4 Pitmans Alley, Gibraltar, GX11 1AA. Company registration number: 103614.
This statement sets out how Oxford Learning College (“we” or “us”) uses and protects personal information that you provide when you use our website (oxfordcollege.ac), in compliance with the General Data Protection Regulation (GDPR) which replaces the previous European Union (“EU”) and Gibraltar data protection requirements.
There is a two-page summary version of this Policy available here.
We are established and based in Gibraltar. As such, we comply with General Data Protection Regulation (GDPR) that covers the protection of personal data of all individuals who are resident within the European Economic Area (EEA). If you are a resident outside of these areas, we cannot confirm that our collection and treatment of personal data is compliant with your local data protection/privacy laws.
If you do not agree to your data being dealt with in the manner described in this Policy, please do not submit your personal details. However, please note that where you do not submit personal details that we request, your access to the services/materials offered by this website will be restricted.
With all personal data that we collect on you, you have the right to access this data, correct any incorrect information and request for the data held to be erased from our systems by contacting gdpr@oxfordcollege.ac.
We may change this Policy from time to time by updating this page. Should we make any changes to our Privacy Policy, we will inform users of the changes and give you the opportunity to re-accept our Privacy Policy before continuing your studies with us.
1. Collection and Processing of Personal Information
1.1 To gain the full benefits of Oxford Learning College online services and to allow us to respond to queries and requests, we need to collect and process a limited amount of personal data. You may be asked via the telephone, on the website or by completing a word document for personal data.
1.2 The personal information we collect is used solely to provide our services to you, to keep records of who uses our services, and so that we can contact you.
1.3 Personal data that we collect:
- Your full name for communication with you and for production of certificates.
- Your address for postal of materials and/or certification.
- Your date of birth and ID to confirm you are over 16 years of age (minimum age for students of Oxford Learning College).
- Your telephone number should we need to contact you urgently.
- Your email address for the office to be able to contact you as well for you to be able to receive notifications (eg tutor or centre messages, feedback on your work etc) from your Campus account.
- Your email address will also be used to:
- provide you with appropriate services
- send you further information
- help to solve something you may be struggling with
- receive feedback on our products and services and improve our service.
- Your bank details to be able to process the payment for your course.
1.4 Your information will also be used as appropriate to analyse patterns and trends of use and the uptake of educational courses and facilities. This helps with the continual development of our service to students.
1.5 Your information will also be used as required to register you with the Awarding Body for your course and to claim your certificate.
1.6 We will only use your personal information for the purposes for which we collected it unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need your personal information for an unrelated purpose we will notify you and we will explain the legal basis which allow us to do so.
1.7 You may request, in writing, for your personal data to be removed from any College records, including your Campus account at any time. However, please be aware that this may affect the efficient and effective use of your Account.
1.8 We may use your personal data to send you updates about developments that might be of interest to you. You have the right to opt out of receiving promotional communications at any time by contacting us at GDPR@oxfordcollege.ac.
2. Security of your Personal Data
2.1 Your personal details are not shared with anyone, except for the purposes of providing the best service we always strive to deliver, delivery of materials you may have requested and to Awarding Bodies to claim your certificate (if appropriate). For this reason, we provide you with a username and password to your account. When you receive your password, it is your responsibility to change the password for additional security.
2.2 If you have reason to believe that your password is no longer secure, you must promptly change your password by updating your member/user name information.
2.3 The College has taken responsibility to ensure data privacy by all third parties. Third parties are:
- Our IT Support team teams:
- IComms, Gibraltar – http://www.icomms.gi
- Bright Software Solutions – brightsoftwaresolutions.com
- Payment Services – Sage Pay – https://www.sagepay.co.uk
- Credit Management Ltd – https//www.ccicm.com
- Kingsbridge Print Limited – http://www.kingsbridgeprint.co.uk
- Clarendon Business Centre, Belsyre Court – https://clarendonbc.co.uk/offices/oxford-clarendon-house
- Live Chat Inc – https://www.livechatinc.com
- Stison E-Book Manager – http://www.stison.com
- Awarding Bodies (all based within the UK/EU) – see below
2.4 The Awarding Bodies with whom we may register you and claim certificates from have their own privacy policy and have confirmed with the College that any personal data provided by the College for registrations and certifications is safe and secure. The Awarding Bodies we use are:
- ATHE – athe.co.uk
- ABC Awards – abcawards.co.uk
- CIE Global – http://www.cieglobal.co.uk
- Edexcel (BTEC courses) – https://qualifications.pearson.com
- CPD UK – cpduk.co.uk
2.5 We will not transfer, disclose, sell, distribute, or lease your personal information to other third parties, unless we have your permission or are required to do so by law.
2.6 This process may involve sending personal information to other countries outside the EU, whose data protection laws may not be as extensive as in the EU. However, we have carried out appropriate steps to ensure that the same level of protection for the processing carried out in these countries is as within the EU.
3. Preventing Unauthorised Access to Safeguard your Personal Data
3.1 To prevent unauthorised access or disclosure we have put in place suitable physical, electronic, and managerial procedures to safeguard and secure the information we collect on-line. As long as your browser supports the Secure Sockets Layer (SSL), any personal information transmitted from your browser to its web service, or from the service to your browser, will be encrypted to make it unreadable.
3.2 Please note that Internet e-mail is never a 100% secure way of communicating. By using it, you agree that you will send any information by e-mail at your own risk.
3.3 As outlined in the Terms and Conditions of use, we may link to other websites which are not within our control. Once you have left the website we cannot be responsible for the protection and privacy of any information which you provide. You should exercise caution and look at the Privacy Statement applicable to the website in question.
3.4 You must not disclose your email address to anyone else besides the College’s Administration Centre. For example, do not provide your email address to your tutor. Equally, do not ask your tutor for their email address. The only email address that you should be receiving any emails from are:
- contact@oxfordcollege.ac
- deputyhead@oxfordcollege.ac
- Headofcentre@oxfordcollege.ac
- Notifications via your Campus Account which will be messages from the Administration Centre and advice and feedback on assignments from your Tutor.
- gdpr@oxfordcollege.ac
3.5 Any personal information that you voluntarily post on a public area such as Facebook and Twitter or an interactive area requiring registration and/or subscription, may be collected, and used by others. Please be careful what personal information you disclose in this way. You understand that we cannot control the actions of other users.
4. Cookies
We use cookies in relation to certain areas of the website. Cookies are files which store information on your hard drive or browser which means that we can recognise that you have visited the website before.
Cookies can make it easier for you to maintain your preferences on the website. By receiving information on how you use the website, we can tailor the website around users’ preferences and measure the general usability of the website.
We may use cookies to identify which pages are being most frequently used. This information is used for statistical analysis including the identification of patterns and trends in educational needs and demand. We do not release this information to third parties. No information obtained from a cookie will be used for marketing purposes.
If you prefer not to use cookies while browsing our website, you can set your browser to refuse all cookies that are stored on your computer. For more information on cookies and your browser settings, see http://www.allaboutcookies.org/ and our Cookies policy.
5. Retention of your Personal Data
5.1 We will keep your personal information only for as long as necessary to fulfil the purposes for which we are processing your personal information unless the law permits or requires longer. For example, we might need to keep your personal data for quality assurance by Awarding Bodies of the service we have provided for students.
5.2 Your personal data will be retained for the period of your training and for claiming your certification only. This period is determined by the Awarding Body policy and process associated with your course, but no longer than 4 years. During this time, you can contact us to request additional digital copies of your submitted work, notes on your records and other communications with the College.
After the 4-year period has passed, all information we hold on you will be securely deleted from our systems, except if you have not paid fully for your course – see 5.3.
5.3 For cases of failure to maintain payments on an instalment plan for course fees, Oxford Learning College will retain your personal data for a period of 6 years on the system. Course submissions and other course related communications will be deleted in line with section 5.2 above.
6. Summary of your rights
6.1 During your course, you will receive messages, emails, and telephone calls as part of your course from either the Student Advisor team or by your tutor. However, occasionally other notes may be made on your account by the College.
6.2 You have a right to correct any mistakes in your personal data. If you need to update the College on name, address or contact details change, please send an email to contact@oxfordcollege.ac.
6.3 You may request a copy of any personal data that we hold on you under the General Data Protection Act (GDPR). To make a request, write to our Data Protection Officer at Oxford Learning College, International Head Office, 4 Pitmans Alley, Gibraltar, GX11 1AA, or e-mail GDPR@oxfordcollege.ac. This information will be provided within 30 days.
6.4 If you consider that other information received in 6.3 above is incorrect or incomplete, please write or email the Data Protection Officer as soon as possible on GDPR@oxfordcollege.ac.
6.5 You have a right to object at any time to your personal data being processed for direct marketing or in certain other situations.
6.6 You have the right not to be subject to a decision based solely on automated processing;
6.7 You have the right to require us to delete your personal data – in certain circumstances.
6.8 The General Data Protection Regulation also gives you the right to lodge a complaint with a supervisory authority, especially in the European Union state where any alleged infringement of data protection laws has occurred. The supervisory authority in Gibraltar is the Gibraltar Regulatory Authority who may be contacted at info@gra.gi
7. Staff Training
7.1 We are committed to ensuring that your personal information is secure. All staff are made aware of the security procedures they must follow when handling personal information.