UKCA Privacy Policy
You can access the personal information you have provided us by making a Subject Access Request to the Data Protection Officer using the details available in the Privacy Summary. Upon receipt and following any necessary proof of identification checks, Subject Access Requests will be responded to within one calendar month.
Privacy Summary
The Data Controller, UK College Admissions Ltd, a company registered in the United Kingdom (Registered No. 12138795) at 1 Sharples Close, Bristol, BS16 1AQ, UK is committed to protecting your privacy in accordance with the Data Protection Act 1998 (the ‘Act’) and the General Data Protection Regulation (the ‘GDPR’). If you have any questions about this policy, the representative responsible for Data Protection, the Data Protection Officer, can be contacted by sending an email to info@ukcollegeadmissions.com
UK College Admissions Ltd is an independent online information source. Our services include online information and consultancy services. Our website is www.ukcollegeadmissions.com
In order to operate the services we offer, we must ask you to provide us with information about yourself. This Privacy Policy describes the information we collect and how we use that information. We take the processing of your information very seriously and will use your information only in accordance with the terms of this Privacy Policy. For the purposes of this Privacy Policy, personal data is referred to as ‘information’ which means any information relating to an identified or identifiable natural person.
Please note that we are not responsible for the privacy practices of other websites and we recommend that you check the privacy policy of any other websites you may visit. The inclusion of links to such websites does not imply any endorsement of the material on such sites nor any association with their owners or operators. If you have any complaints relating to such sites, please contact them directly.
This Privacy Policy will be updated from time to time and all future changes will take effect as specified at the time of the update by posting a revised version of it on our website. Please check back regularly for the most current version of our Privacy Policy.
Information We Collect
To use some of our services, you must provide your name, address, email address and in some instances your company name, job title and telephone number. In order to make payments, you must provide credit card, debit card or bank account information. We do not collect any special category data such as information on your racial or ethnic origins, political opinions, trade union affiliations, sexual life or criminal history.
Our websites use cookies (small data files placed on your computer or other device), web analytics and web logs to collect information about your use of our site, information about your computer such as your computer’s IP address and browser type, demographic data and, if you arrived at our site via a link from a third party site, the URL of the linking page. The data collected through cookies, web analytics and web logs may be transferred to third parties. For more information on how this website uses cookies, see our cookie policy.
When you access our services online using any device, we collect and store device data including but not limited to geolocation data to provide offers relevant to your region (using cookies). We also collect information such as which pages of our website you visit, IP addresses, the type of browser you use, details of the transactions you have made, time spent on the website, the type of device you are using, and the times you access our website.
We will only keep your information for as long as is necessary for the purpose of providing you with the service you have requested from us or to meet specific anti-fraud and legal requirements. If you would like more information, please contact the Data Protection Officer.
The provision of the information detailed above is a requirement necessary to provide our services. By providing your information and using our service you are entering a contract for the term of the service. If you object or are not willing to provide this information, please do not register or use these services.
How We Use the Information We Collect
Our primary purpose in collecting your information is to provide you with a service. You agree that we may use your personal information to:
• Provide the service to you
• Notify you about your service
• Carry out internal administration and analysis
• Monitor and improve the performance of, and products & services available via, our website
If you subscribe to our website, you will enter into a contract with us. This means that during the contractual period we will communicate with you about this contract. In this respect ‘performance of a contract’ is our legal basis for processing your data.
Similarly, advertiser data will be processed under ‘performance of a contract’ if the third party enters into a commercial contract i.e. pays for advertising on our website.
For client prospect data, we will use ‘Legitimate Interest’ as our legal basis for contacting prospective clients. An opt out for these types of communication will be offered on the channel used, for example, via email or telephone call.
How We Use the Information for Marketing
We will only send you direct marketing communications in circumstances where we have your specific consent or where we believe we can demonstrate a legitimate interest.
When you sign up to any of our services, we ask for your consent to send you direct marketing communication over a variety of channels. We will honour your right to withdraw your consent at any time.
When you enquire about or request a service from us, we may rely on our legitimate business interests to send you marketing communications (via post, email or telephone). This relates to individual customers as well as clients e.g. advertisers. These communications will always be related to our services and we believe will be of interest to you. We will always provide you with the opportunity to opt-out of marketing communications when you provide your information to us.
If you want to stop receiving direct marketing from us, you can use the unsubscribe mechanism on any email you receive, tell us when we call you, or alternatively you can contact the Data Protection Officer using the details available in the Privacy Summary.
Email Marketing
We use web beacons in our emails to track the success of our marketing campaigns. If you open an email from us, we can see which of the pages of our website you visited. Our web beacons communicate with our cookies on your computer and they can tell us when you have opened an email from us. We keep track of the emails that we send you. We also keep a record of what communications you have selected to receive or not to receive. We will only send you marketing emails if you have consented to receive these. You are able to access your preference centre from any marketing email that we send you and update your preferences through this mechanism. You may also unsubscribe by clicking on the ‘unsubscribe’ link in any of our emails to you.
Data Profiling and Remarketing
Periodically we conduct data profiling on the information we collect to better understand our customers in order to provide targeted communications which suit your needs. We rely on ‘legitimate interests’ as our lawful basis for processing this data.
In order to serve adverts on our websites and report on their performance, we use an advertising management system. This system gathers information using IP addresses. This allows us to target adverts by geo-location and device in order to make adverts from third parties more relevant to the user. We also serve targeted adverts for our own products based on user behaviour on our own websites.
Legitimate interest is used as the lawful basis for data profiling and remarketing. However, if we target email data for this activity we will use opted in data where the user has consented to marketing.
If you wish to stop your information being used for data profiling and remarketing, please contact the Data Protection Officer.
How We Share Information with Third Parties
We will not sell or rent your information to third parties for their marketing purposes without your consent. However, just like most service providers, UK College Admissions Ltd works with third parties who administer important functions for us that allow us to offer and enhance the services we provide. These providers are covered by an appropriate agreement. Sometimes it will be necessary for us to disclose information required for the specific purpose to them so that the services can be performed.
We reserve the right to disclose to third parties your information to comply with applicable laws including but not limited to disclosure in accordance with the Act, the Regulation of Investigatory Powers Act 2000 and lawful authority requests, to safeguard the proper operation of our systems and to protect ourselves and the companies we work with.
The third parties we work with are;
• Google Analytics for website analysis and data analysis & profiling
• Google AdSense to serve interest-based adverts
• Payment processors (e.g. Stripe & PayPal) for processing credit card payments
Information Security
UK College Admissions Ltd is committed to handling your information with high standards of information security. We collect, store and process your information on servers primarily located in the United Kingdom. We use safeguards such as firewalls and data encryption, we enforce physical access controls to our buildings and files and we authorize access to personal information only for those employees who require it to fulfil their job responsibilities. Our site uses industry standard Secure Sockets Layer (SSL) technology to allow for the encryption of information during transmissions to our servers. These security measures mean that we may occasionally have to ask you for proof of identity before we are able to disclose personal information to you.
Accessing, Deleting or Updating Your Information
Accessing Your Information
You can access the personal information you have provided us by making a Subject Access Request to the Data Protection Officer using the details available in the Privacy Summary. Upon receipt and following any necessary proof of identification checks, Subject Access Requests will be responded to within one calendar month.
Deleting Your Information
A request to have the personal information you have provided to us removed from our systems can be made to the Data Protection Officer using the details available in the Privacy Summary. Your information will be removed from our systems except in circumstances where we are required to retain this information for compliance with legal obligation or for future suppression purposes, where the minimal amount necessary will be retained in order to honour an individual’s right.
Updating Your Information
You can review the personal information you have provided to us and make any desired changes or rectifications at any time either online or by contacting the Data Protection Officer using the details available in the Privacy Summary.
The Right to Object
The GDPR gives individuals the right to object to the processing of their personal data in certain circumstances. Individuals have an absolute right to stop their data being used for direct marketing. An individual can make an objection verbally or in writing. We will respond to an objection within one calendar month.
Accountability
We will process your personal data for the purposes set out in this policy. However, if you have any queries or requests in relation to Data Protection or this Privacy Policy please notify our Data Protection Officer using the details available in the Privacy Summary. Alternatively, if you have any concerns about our information rights practices that our Data Protection Officer was unable to address sufficiently, you may report these to our statutory authority, the Information Commissions Office: ico.org.uk