Academy Online Learning’s (AOLL) processing of personal data complies with the eight enforceable principles of good practice. Data is:
• processed fairly and lawfully
• processed for limited or specified purposes
• processed adequately, relevant and limited for use
• accurate and where necessary up to date
• not stored longer than necessary
• processed in accordance with the data subject's rights
• stored securely
• not transferred to other countries outside the EEA without adequate protection.
Processed fairly and lawfully
· Fair processing requires that at the time of data collection the individual concerned is informed of the name of the organisation
· AOLL’s reason for collecting the information
· Who the data will be disclosed to
· Ensure processing is fair
· Consent has been given by the Learner and is noted in the agreement
· Processes have been put into place to secure data; filing cabinets are kept locked, any on-line data is secure.
· AOLL comply with all legal obligations
· AOLL pursue legitimate interest of the company without prejudice to individual rights
Sensitive and personal data is considered to be
Racial or ethnic origin
Physical or Mental Health
Criminal matters (AOLL is required to pass any information to the relevant third party or where required by law enforcement agencies)
Financial information is not considered to be sensitive information by law but personal financial details are considered to be vulnerable to identify fraud and AOLL will handle the data confidentially and not disclose this information.
Personal data is processed in accordance with the learner’s right to
(a) Access: an individual can have access to personal data on request. The information must be requested in writing and the individual verified before disclosure. References given by AOLL are exempt from access but the learner can ask for access to a received reference. References produced for UCAS applications and HEI’s are given by tutors of AOLL.
(c) To prevent processing likely to cause damage or distress
(d) To prevent direct marketing
(e) For no third party access unless agreed.