DATA PROTECTION POLICY OVERVIEW

Stoke on Trent College (the College) needs to process information about its employees, learners and other individuals to allow it to monitor, for example, performance, achievements and health and safety. It is also necessary to process information so that staff can be recruited and paid, courses organised and legal obligations to funding bodies and government complied with. To comply with the law, information must be collected and used fairly, stored safely and not disclosed to any other person unlawfully. To do this, the College must comply with the Data Protection Principles.

The College and all staff or others who process or use any personal information must ensure that they follow these principles at all times. To achieve this, we will:

  1. Ensure that personal data is processed lawfully, fairly and in a transparent manner in relation to individuals. We will inform people what data we collect and why, through a Privacy Notice
  2. Ensure that personal information is collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes. We will only process personal information for specific reasons, these include fulfilment of a contract (with a parent to provide childcare services or with an employee under their contract of employment)
  3. We will only share personal information where we have specific explicit consent or a legal basis to do so
  4. Ensure that where we ask for consent to use personal data we will ensure that we ask people to positively opt in, we use clear, plain language that is easy to understand, we specify why we want the data and what we’re going to do with it, we tell individuals they can withdraw their consent, we ensure that individuals can refuse to consent without detriment and we avoid making consent a precondition of a service
  5. Ensure that all information is adequate, relevant and limited to what is necessary in relation to the purposes for which it is collected
  6. Ensure that all information is kept accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that is inaccurate is erased or rectified without delay
  7. Implement appropriate record keeping standards and keep information in an identifiable form for no longer than is necessary for the purposes for which the personal data is obtained
  8. Ensure information is protected against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical and operational measures
  9. Demonstrate compliance with these requirements through appropriate documentation, training, spot checks and audits
  10. Comply with the rights for data subjects
  11. Ensure that every instance where we use a data processor (a third party with access to process personal data) we will have a written contract in place. Contracts will be provided by the Legal Advisor / Data Protection Officer
  12. Conduct a Data Privacy Impact Assessment (DPIA) where we are required to do so by law or best practice
  13. Report any data breaches promptly (using the form provided) and inform the ICO and data subjects where required

For the full Data Protection Policy, please download the pdf document available here: Data Protection Policy 2018

 

Please refer to our privacy policy for more details on Stoke on Trent College’s collection and use of personal information.

CONTACT
BUILD YOUR
PROSPECTUS
Apply
Apply Today   Step 1 - Select a Course