Privacy Policy

Privacy Policy Green Valley Academy

Data Protection Act 2018
General Data Protection Regulation 2016

Green Valley Academy Limited is registered in England and Wales under company number 11278050. Our registered address is Unit No 06, 54-56 Dover Road East, Gravesend, England, DA11 0RG. This privacy policy explains how we use the personal information we collect about you. We take data protection very seriously and understand the importance of protecting your privacy and Personal Information. “Personal Information” is information that identifies you as an individual such as your name, date of birth, email address, IP address, application for a course, educational documents, and CV.

Please do not submit such Personal Information to us if you do not wish us to collect it.

Please be aware that we may also infer certain information about you from your expressed search preferences. We also collect from:

  • Our websites (the “Websites”);
  • The software applications made available by us for use on or through computers and mobile devices (the “Apps”);
  • Cookies (“Cookies”);
  • Publicly available information; and,
  • Other tools and applications (our “Online Content”).
  • Third parties.

What Personal Information do we collect?

Personal Information we collect about you may include the following:

  • General identification and contact information: your name; address; email; IP address; telephone details; gender; marital status; family status; date and place of birth; physical attributes including photos.

  • Other sensitive information: trade union membership, religious beliefs, political opinions or racial or ethnic origin, and criminal record.

  • Information that enables us to provide products and services: age, location that enables identification of course search (for example, post code, job roles or career development).

  • Marketing preferences: enter a contest or prize draw or other sales promotion, or respond to a voluntary customer satisfaction survey.

  • Statistical information: aggregate statistical information about site visitors and users for internal use and for other lawful purposes. We provide this information to customers, advertisers, suppliers, and other reputable third parties. Where we provide such information, we will provide this in an anonymous format and not include any Personal Information.

  • Information from Apps: submit comments to the Site, participate in message boards, blogs, send us emails or any other user-generated content facility.

  • Publicly available information in relation to professional history: educational background; employment history; skills and experience; professional licences and affiliations; educational and professional qualifications.

What legal basis do we rely on to process your Personal Information?

  • Consent: On some occasions, we process your data with your consent. For example, we rely on consent when we send promotional material or when you link your Green Valley Academy account to your Social Network account. You have the right to withdraw consent at any time. Where consent is the only legal basis for processing, we will cease to process data after consent is withdrawn.
  • The processing is necessary to fulfill a contract: Green Valley Academy may process your data when we need to do this to fulfill a contract with you, such as to send your application to an education institution, employer, or recruiter for a specific course or job application.
  • Legitimate Interest: We also process your data when it is in our legitimate interests to do this and when these interests are not overridden by your data protection rights. Our legitimate interests include:
    • Ensuring the security and integrity of our Services and in ensuring that our Website and Apps operate effectively;
    • Selling and supplying goods and services to our customers;
    • Protecting customers, employees, and other individuals and maintaining their safety, health, and welfare;
    • Promoting, marketing, and advertising our products and services;
    • Sending promotional communications which are relevant and tailored to individual customers;
    • Understanding our customers’ behaviour, activities, preferences, and needs;
    • Improving existing products and services and developing new products and services;
    • Handling customer contacts, queries, complaints, or disputes; and,
    • Fulfilling our duties to our customers, colleagues, shareholders, and other stakeholders.
  • The processing is necessary because of a legal obligation that applies: Green Valley Academy may process your data to comply with our legal and regulatory obligations, e.g. preventing, investigating, and detecting crime, fraud, or anti-social behaviour and prosecuting offenders, including working with law enforcement agencies.

Who do we share your Personal Information with?

  • Universities, Colleges, Schools, Recruiters, and other agents: In the course of our business to help you search for and get a job, Green Valley Academy may make Personal Information available to third parties such as universities, colleges, schools, recruiters, and other intermediaries and agents and other business partners.
  • Our service providers: This includes external third-party service providers, such as accountants, auditors, experts, lawyers, and other outside professional advisors; IT systems, support and hosting service providers; printing, advertising, marketing and market research and analysis service providers; document and records management providers; technical engineers; data storage and cloud providers and similar third-party vendors and outsourced service providers that assist us in carrying out business activities.
  • Governmental authorities and third parties involved in court action: Green Valley Academy may share Personal Information with governmental or other public authorities (including, but not limited to, workers’ compensation boards, courts, law enforcement, tax authorities, and criminal investigations agencies); and third-party civil legal process participants and their accountants, auditors, lawyers, and other advisors and representatives as we believe to be necessary or appropriate: (a) to comply with applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our group companies; (f) to protect our rights, privacy, safety, or property, and that of our group companies, you or others; and (g) to allow us to pursue available remedies or limit our damages.
  • Other third parties: Occasionally, we may share Personal Information with other third parties. We will always do this under contract and in accordance with your instructions.

How do we use Personal Information?

We use Personal Information to do some or all of the following:

  • Communicate with you as part of our business;
  • Send you important information regarding changes to our policies, other terms and conditions, the Green Valley Academy Website and App and other administrative information;
  • Provide improved quality, training, and security and manage other commercial risks;
  • Carry out market research and analysis, including satisfaction surveys;
  • Provide marketing information to you (including information about other products and services offered by selected third-party partners) in accordance with preferences you have expressed. Please be aware you can always change these in your account;
  • Personalise your experience on the Green Valley Academy Website and App by presenting information and advertisements tailored to you;
  • Allow you to participate in contests, prize draws, and similar promotions, and to administer these activities. Some of these activities have additional terms and conditions, which could contain additional information about how we use and disclose your Personal Information, so we suggest that you read these carefully;
  • Facilitate social media sharing functionality;
  • Manage our infrastructure and business operations, and comply with internal policies and procedures, including those relating to auditing; finance and accounting; billing and collections; IT systems; data and website hosting; business continuity; and records, document, and print management;
  • Resolve complaints, and handle requests for data access or correction;
  • Comply with applicable laws and regulatory obligations (including laws outside your country of residence), such as those relating to anti-money laundering and anti-terrorism; comply with legal processes; and respond to requests from public and governmental authorities (including those outside your country of residence);
  • Establish and defend legal rights; protect our operations or those of any of our group companies or insurance business partners, our rights, privacy, safety, or property, and/or that of our group companies, you or others; and pursue available remedies or limit our damages.

Google Analytics cookies

Google Analytics cookies are used to collect information about how visitors use our site. We use this data to build reports and to help us improve the website. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from, pages they visited, and which geographic area they are from. You can find out more about Google Analytics and opt out of being tracked across all websites. This non-personal information we receive from Google Analytics is held by us, and we do not allow Google to use or share any of this data.

How can you manage or delete Personal Information?

When you access our website online, we store some information about you. This is anonymous and used for statistical purposes.

When you apply for a course your application can be viewed by Green Valley Academy affiliated institutions. This is the default setting.

Please note that Green Valley Academy reserves the right to remove from our database, any material which includes any content that we consider to be illegal or offensive.

You can deactivate or delete your profile at any time by sending an email to our Data Protection Officer (DPO) (see below) with the subject line “Permanently delete my information and account”. Please do not forget to tell us who you are.

Security

Green Valley Academy is committed to keeping your personal data safe and secure from unauthorized access to or unauthorized alterations, disclosure, or destruction of information that we hold.

Our security measures include:

  • Encryption of our services and data;
  • Review our information collection, storage, and processing practices, including physical security measures;
  • Restrict access to personal information to Green Valley Academy employees, contractors, and agents who need to know that information in order to process it for us and who are subject to contractual confidentiality and processing obligations. They may be disciplined or have their contract terminated if they fail to meet these obligations;
  • Internal policies setting out our data security approach and training for employees.

Marketing and Advertising

Under Privacy and Electronic Communications Regulations (PECR), we might contact you in your professional capacity by email, or post with marketing/design news, offers, and updates. We have identified it as the most unobtrusive way to contact you. We will never contact you with marketing communications more than once a calendar month and only if:

  • We have a pre-existing professional, or personal relationship with you
  • We have a financial or contractual agreement with you
  • We believe the information is of genuine and legitimate interest
  • We believe that the information is useful, or relevant to your job role.

We will not send you marketing messages via automated calls, texts, or fax.

We will contact you regarding current or potential projects as necessitated by the project or campaign.

If you do not find our marketing communications of use or interest, you can easily choose to unsubscribe by sending us an email.

Your Rights

You have the following rights:

  • The right to ask what personal data that we hold about you at any time, subject to a fee specified by law;
  • The right to ask us to update and correct any out-of-date or incorrect personal data that we hold about you free of charge; and
  • The right to opt out of any marketing communications that we may send you.

If you wish to exercise any of the above rights, please contact us using the contact details set out below.

Children and minors

Green Valley Academy is not directed towards individuals under the age of eighteen (18), however we are aware due to the nature of some of the admissions, those between 16 and 18 may use the Services.

Individuals under the age of sixteen (16) are expressly prohibited from using Green Valley Academy Website and App, unless parental consent is provided and we are notified.

Third Party Privacy Practices

This Privacy Policy does not address, and we are not responsible for, the privacy, information, or other practices of any third parties to which the Green Valley Academy website and App link. The inclusion of a link on the Website or App does not imply endorsement of the linked site.

Who to contact about your Personal Information

The data controller responsible for your information is Green Valley Academy.

If you have any questions about this policy or our use of your Personal Information you can email: info@greenvalleyacademy.com or write to the Data Protection Officer Mrs. Tahira Bi. Address: Unit No 06, 54-56 Dover Road East, Gravesend, England, DA11 0RG. If you do not think we are handling your Personal Information adequately, you have the right to lodge a complaint with the Information Commissioner’s Office. Further information, including contact details, are available at ico.org.uk.

OUR DATA PROTECTION POLICY

Our data protection policy statement reiterates the important data protection principles set out in the GDPR, it outlines how we intend to comply with them and clarifies what rights and obligations an employee has both in relation to their own personal data and when handling other people’s personal data.

DATA PROTECTION PRINCIPLES

The EU General Data Protection Regulation (GDPR) requires us to comply with six data protection principles in our data processing activities. These say that personal data must be:

  1. Processed lawfully, fairly, and in a transparent manner.
  2. Collected only for specified, explicit, and legitimate purposes and not further processed in a way that’s incompatible with those purposes.
  3. Adequate, relevant, and limited to what is necessary in relation to those purposes.
  4. Accurate and, where necessary, kept up to date.
  5. Not kept in a form which permits identification of data subjects for longer than is necessary for those purposes.
  6. Processed in a way that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against loss, destruction, or damage.

Businesses not only need to comply with these principles but also must be able to demonstrate that they comply. This is called the principle of accountability. So, we have implemented appropriate technical and organizational measures, including putting in place data protection policies and procedures and providing employee training, to ensure and be able to show that we carry out processing in accordance with the GDPR’s requirements.

COMPLIANCE

Our GDPR Data Protection Policy sets out the principles and legal conditions that we, and our staff, must satisfy when processing personal data in the course of our business activities. This includes not only employees’ and other workers’ personal data but also personal data belonging to customers, clients, and suppliers. The data protection principles are a central part of our policy statement as it outlines what those principles are and what our procedures are for ensuring that we comply with them. It also includes policy provisions governing the lawful basis for processing, subject access rights, the other rights of data subjects, data protection impact assessments, and data retention and erasure. It’s intended to outline both our responsibilities, and the employee’s rights and obligations, in relation to the processing of personal data. That way, our employees should clearly understand how to implement the data protection principles and apply them in practice. Finally, we’ve confirmed to our employees that a failure to follow data protection requirements is a disciplinary offense. We have adopted our policy statement to ensure it reflects the specific operational practices and procedures that we’ve put in place in relation to data processing activities.