We use necessary cookies to make our site work. We would also like to set certain functional and advertising cookies to help us improve our site. We won't set optional cookies unless you enable them. Using this tool will set a cookie on your device to remember your preferences.
You can click "Accept all cookies" below to accept use of all cookies on this website, or select "Manage cookies preferences" to choose which cookies we can use. For more information about the cookies we use, see our Cookie Notice
The purpose of this policy is to explain how The College of Legal Practice (College) looks after your personal data and how we make sure that we meet our legal obligations to you under the UK and EU data protection laws including the General Data Protection Regulation (GDPR) and the Data Protection Act 2018 (the "Data Protection Laws"). This policy may be updated from time to time.
The College’s system for complying with UK and EU data protection laws includes:
- our commitment to compliance with privacy requirements
- our policy and approach to privacy, as explained in this information
- our resources allocated to privacy, including our technology systems and services, and
- our people and the training and education we undertake.
This policy applies to any personal data that we collect about you. When we collect and use your personal data, we are a controller of the personal data, which means that we are responsible for looking after it. We will use your personal data fairly, lawfully and in a transparent manner, and in accordance with the Data Protection Laws.
If you have any questions in relation to this policy or generally how your personal data is processed by us please contact Peter Liver by email at firstname.lastname@example.org or by letter to c/o Pinsent Masons Secretarial Ltd 1 Park Row Leeds LS1 5AB
What Information Do We Collect About You?
The College provides legal education and training to students and practitioners in the UK including practical legal training, postgraduate specialised degree programmes and continuing professional development seminars and workshops, and related information and assistance.
When you participate in our programmes and courses, we may therefore collect personal information about you. We collect a range of personal information including identity data, meaning any information from which that a person can be identified, this will include your name, gender and date of birth. We also collect contact data such as telephone numbers, address and e-mail addresses and emergency contact data.
When you make an application for a programme, we will ask whether you have any disabilities. You are not obliged to inform us but any information you do provide will assist us to assess how we will meet our legal obligations in relation to your disability.
We also collect academic data within your application e.g. education history. Once you are actively participating within a programme, we will collect a range of student data that includes your progress, results, tutor and student communications and feedback.
We may also collect financial data, including bank account and payment card details and marketing and communications data including contact preferences.
There is also mandatory monitoring data that we are required to collect and report to third parties, including but not limited to JISC and the Office for Students. JISC’s data collection notice can be found here.
Where Do We Get This Information From?
We collect some of your information directly from you, either through information that you give to us when you contact us, apply to enrol with the College or use our website, or related apps, social media or digital services. You are not obliged to provide your personal information to us. However, if you do not provide your information to us, we are unlikely to be able to provide our services to you, respond to your queries, allow you onto our sites, or process any applications you make to us.
We continue to collect data from you through your subsequent engagement as a participant on one of our programmes. We also may collect data from a third party that you have authorised to share your data with us including but not limited to your employer.
Why Do We Need Your Information?
Generally, we use your personal information for our activities and operations, and in our efforts to expand and improve our activities and operations. Examples include:
- to respond to and process your requests such as for information about our legal education and training programmes and courses, or to enrol you in one of our programmes;
- to administer and manage our legal education and training programmes and courses, including sending you course materials via post, recording details of progress of a student through a course and results achieved, and providing information to higher education regulatory bodies or government agencies;
- to confirm your identify, such as when you contact us with an enquiry;
- to notify you of any changes to our programmes and courses;
- to manage any appeals, complaints, concerns relating to conduct or matters of student welfare and wellbeing.
- to provide you with marketing communications and invitations and offers for legal education and training programmes including new courses and programmes that we have not offered before but believe may be of interest to you (always giving you a way to opt out of further offers if you prefer) and to assist in developing new courses;
- to operate programmes and forums in different media in which you are able to share information, including your personal information, with us and publicly (on the Terms applicable);
- to determine if you are eligible for certain products, services or offers;
- for a business or professional relationship we may have with you;
- if you apply for employment with us, to consider your application;
- to conduct market research about our legal education and training programmes;
- to process and fulfil any payments required;
- to amend records to remove personal information;
- for other everyday business purposes that involve use of personal information
We have a legitimate interest to process the personal information we collect to confirm your participation in a programme and engage further with you through offering you an agreed service, in connection with the development and progression of our plans.
Who Do We Share Your Information With?
We will share your information with our agents, contractors, employees, associate tutors and service providers under formal agreements, who help us to provide services to you and require such access in order to meet our contractual duties.
We use the IT and HR systems of our ultimate parent company, The College of Law Limited (incorporated in Australia) to store and process your personal information under a Group Data Sharing Agreement. We may also share your personal data with regulatory authorities including the Office for Students and the Higher Education Statistics Authority (HESA). HESA’s data collection notice can be found here.
When we pass on or share your personal information in this way, we take steps to ensure personal information is treated in the same way that we would treat it.
Where Is Your Information Stored and How Long Do We Keep It For
- 1. Transfers outside of the European Economic Area
We use various systems and services to safeguard the personal information we store, as part of our business systems and processes. Your personal information may be held and processed overseas by The College of Law Limited (our ultimate parent company) or our service providers.
When your personal data is processed within The College of Law’s IT systems in Australia, it is transferred outside the European Economic Area to a country that the European Commission has not yet deemed to have adequate security in place. As a result, we therefore enter into the European Commission approved clauses with The College of Law Limited, in Australia to ensure the security of your personal data. A copy of the European Commission approved model clauses is available here.
- 2. Retention of your personal data
We will retain, archive, and destroy your personal data in line with our Data Retention Schedule.
What Rights Do You Have?
In some instances, we may be unable to carry out your request, in which case we will write to you to explain why. You have the right to:
- request access to your personal data
- ask us to rectify your personal data
- ask us to erase your personal data (if we no longer have a good reason to keep it)
- (in certain circumstances) ask us to restrict or block the processing of your personal data
- port your personal data
- (in certain circumstances) object to our processing of your personal data
- object to any automated decision making where the decision has a legal or significant impact on you
- withdraw your consent where we are relying on it to process your personal data.
We will respond to requests as soon as reasonably possible, but no longer than 10 business days.
What If You Have A Complaint?
If you still have concerns, you can also contact the Information Commissioner's Office at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. www.ico.org.uk.