This website and its owners take a proactive approach to user privacy and ensure the necessary steps are taken to protect the personal data of its users. This website complies with all UK national laws and requirements, specifically the Data Protection Act 1998 and EU General Data Protection Regulation 2018 (GDPR).

The data we store is processed according to the six data protection principles:

  • Processed lawfully, fairly and transparently.
  • Collected only for specific legitimate purposes.
  • Adequate, relevant and limited to what is necessary.
  • Must be accurate and kept up to date.
  • Stored only as long as is necessary.
  • Ensure appropriate security, integrity and confidentiality.

Personal Information we Collect and why we Collect it

Personal data is data that can be used to directly or indirectly identify a natural person. We store personal data about customers. Personal data about learners may be stored if it is entered into the system by customers.

When an account is created we collect and store the name, address and contact details of the customer creating the account. This information is stored to ensure we can contact customers. This information can be viewed and edited by the customer at any time to ensure it is up to date and accurate. Credit card numbers are never stored in our database or servers.

Customers can add learners to the system and enter their forename, surname and date of birth. This information can be viewed, edited or deleted by the customer at any time to ensure it is accurate and up to date. This information can be personally identifiable so for enhanced privacy, instead of using the real names of learners, you may wish to use an alias or pseudonym.

The data entered during an assessment is numerical data that is not personally identifiable. Assessments do feature a text box which customers can use to enter notes or details about the assessment and in which personal data could be entered by the customer.

If a learner whose details you have entered onto the system requests information about them we will provide to them a copy of the information held and an explanation for why we are holding it.

Cookies

Cookies are very small text files that are stored on your computer when you visit some websites. We use cookies that may contain personally identifiable information, such as your IP address, to improve your user experience.

Cookies may be used to:

  • Recognise when you are logged in - so that we can tailor site content to individual users.
  • Remember your preferences - so we can tailor site content to give you a more personalised experience.
  • Record site analytics - in order to analyse how users use our site and improve future user experience.

You can disable cookies in your web browser but this may stop our website from functioning properly.

How we Transmit and Store Personal Data

We may store personal data in locations outside our direct control, for example on servers or databases located with hosting providers. We use Security Sockets Layer (SSL) encryption technology to encrypt all data before it travels over the internet.

We follow generally accepted industry standards to protect personal information both during transmission and storage. As no method of data transmission or storage is 100% secure we cannot guarantee its absolute security. If you have any questions about security or privacy you can contact us at data@otherwise.education.

We will not disclose any personal data without prior consent. However, personal information will be exempt from any non-disclosure provisions when we investigate a complaint, especially where the disclosure of personal information is required by law, or in connection with preventing/detecting criminal activities. In such cases we will need to share the information in question with the relevant authorities, organisations and/or bodies.

General Data Protection Regulation (GDPR) Compliance

Valid Consent

Customers have a right to expect clear and intelligible information about how their data will be stored and processed. All users are required to explicitly agree to the terms and conditions of use during the account creation process. These terms and conditions of use are publicly available in full before creating an account. Customers can cancel their account at any time and request deletion of their data via the e-mail address below.

Privacy by Design

Customers have a right to expect privacy of their data to be a core principle in the design of any system. We hold and process only the data absolutely necessary to maintain contact with customers and effectively process assessments. Customers can view, edit or delete all data entered into the system at any time.

Right to Access

Customers have a right to a copy of any personal data being held about them. Customers can view, edit or delete all data entered into the system at any time.

Right to be Forgotten

Customers have a right to request an end to the processing and storage of their personal data. Customers can edit or delete all data entered into the system at any time.

Data Portability

Customers have a right to move personal data from one service provider to another. Customers can view all data entered into the system at any time.

Breach Notification

In the event of any data breach that would be likely to result in a risk for the rights and freedoms of individuals affected customers will be notified within 72 hours of becoming aware of any such breach.

Third Party Data Processors

We use a number of third parties to process personal data on our behalf. These third parties are carefully chosen to ensure they all comply with relevant legislation.

  • Payments are processed by Stripe, their privacy policy can be read here.
  • Our newsletter is powered by MailChimp, their privacy policy can be read here.
  • Website analytics are powered by Google Analytics, their privacy policy can be read here.

Data Protection Officer

We are registered with the Information Commisioners Office as a data controller.

The registered data controller for the website is Otherwise Solutions Ltd. The data protection officer is:

Mr Matt Hupfield
Director, Otherwise Solutions Ltd.
Enail: matt.hupfield@otherwise.education