Activate Learning Further Education Corporation is the controller of personal information, and is subject to the Data Protection Bill 2018 and the General Data Protection Regulation (GDPR).
We may collect, use and share your personal information in order to carry out our public task to provide education and training to you.
What information we hold
The categories of personal information that we collect, hold and share include:
- Personal information (such as name, unique learner number, contact details, previous address, employment status, ethnicity, household income where relevant, your eligibility for pupil premium whilst at school, criminal convictions, emergency contact/parent or carer details, photographs);
- Characteristics (such as residency status, nationality, date of birth, and including special category data such as ethnicity, gender, religious beliefs, sexual orientation and sex life);
- Educational records information (such as previous qualifications attained, assessment grades, predicted grades, behavioural sanctions, targets set and achieved);
- Medical information (such as relevant medical or health conditions);
- Special educational needs information (such as special educational needs declarations, disability details, details of additional learning support requirements and whether you are in receipt of any additional support from the College);
- Bank Details (allowing us to collect payments and pay you any awards you are eligible to receive);
- Browsing history on Activate Learning networks.
Why we hold your information
We use applicant information to:
- Support learning;
- Provide appropriate guidance and support;
- Assess and improve the quality of our services;
- Comply with the law regarding data sharing;
- Keep you safe;
- Comply with our contractual obligations;
- To keep you informed about issues affecting and related to your studies.
The lawful basis for using this information
Under GDPR, we are able to process information on certain legal grounds (bases). In the case of applicant information, we collect and use information under the following bases:
Article 6b - the fulfilment of contract
Article 6c – legal obligation
Article 6e – public task
Article 9j – Statistical purposes
Collecting applicant information
The majority of applicant information you provide to us is necessary for us to fulfil our contract with you to provide educational services tailored to your needs and failure to supply such information may mean that we are unable to provide the support you require and are unable to enrol you onto one of our programmes. It is also collected to ensure that we are able to receive funding to provide education services and failure to provide information will mean that we are unable to enrol you onto one of our programmes. On the other hand, some applicant information is provided to us on a voluntary basis. We will inform you whether you are required to provide certain information to us or if you have a choice in this.
Under some circumstances, we may obtain information from third parties, such as your previous school or the local authority where applicable, for reasons such as ensuring continuity of support for those with additional learning needs or monitoring safeguarding concerns.
Storing applicant information
We store applicant information securely and in line with our Data Protection Policy and associated procedures. A copy of our Data Protection Policy can be obtained from the Data Protection Officer, whose contact details are listed below. The majority of evidence we collect is required by our funders who stipulate the amount of time we need to hold your records. We hold applicant information until the end of the year in which you apply/enquire.
The exception to this is where you apply for programmes funded through specific bodies that require a different retention period. This difference currently applies to adult (19+) funded courses and those courses funded through European Social Fund or National Lottery contracts, where we are required to retain the above documentation until 1/12/2030.
Who we share applicant information with
We routinely share applicant information with:
- The college’s local authority and the local authority in which you reside now and, if different, the local authority you lived in whilst at school;
- The Department of Education (DfE);
- The Education and Skills Funding Agency (ESFA);
- The Office for Students (OfS) for Higher Education provision;
- Your parent/carer/emergency contact if you are aged under 18 at enrolment for your safety, wellbeing and to support your learning;
- Your employer if they are sponsoring your course/you are an Apprentice;
- Any employer that you are undertaking work experience with;
- Your previous school for their destination monitoring;
- Awarding organisations to allow us to claim certification;
- External software suppliers so that they can store your information externally and securely in order to display it in their tools, or where they need a copy of our data to resolve software issues;
- Childcare and travel providers if you are awarded a childcare or travel bursary;
- Our delivery partners if your course is being delivered by one of our partners.
We do not share information about our applicants with anyone unless it is necessary and in line with the lawful basis for processing listed above, or with the consent of the applicant concerned. Where data is routinely shared, a data processing agreement will be established to ensure the protection of applicants’ information.
Requesting access to your personal data
Under data protection legislation, applicants have the right to:
- Request access to the information we hold about them (Subject Access Request);
- Be informed of the identity of the controller, the reasons for processing their personal data and other relevant information necessary to ensure the fair and transparent processing of personal data;
- Object to processing of personal data that is likely to cause, or is causing, damage or distress;
- Prevent processing for the purpose of direct marketing;
- Object to decisions being taken by automated means;
- In certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed; and/or
- Claim compensation for damages caused by a breach of the data protection regulations.
Ref: SS0002 Version: 001 Date: May 2018