This page outlines how and why LDPRT keeps your Personal Data on file whilst you are studying and, subject to your consent, also for a period of time post graduation. New regulations (May 2018) dictate that every organisation holding such data must appoint Data Controllers who are the people responsible for its correct use. You are free to contact either appointed DC at any time to discuss any issues of concern you may have.
The document is ‘dynamic’ in the sense that updates are inevitable as good practice evolves.
We have decided it is important to distinguish between sensitive and non-sensitive data. If you feel that our interpretation of non-sensitive data headings is too wide, you are free to contact a data controller to discuss this. We would not knowingly share the sensitive data with anyone without your written consent (this could include an email confirmation). Sensitive data would include: Gender, ethnicity, disabilities, sexual orientation etc..
YOUR PERSONAL (Non-Sensitive) DATA:
The data we hold has been obtained purely from your own submitted Course Application Form. While you are studying, we keep e-records of:
- Email Addresses
- Telephone numbers
- Date of Birth
- Course payment details
- Status (e.g. 1st year, 2nd year or graduated)
You will have had the option to opt into email addresses being kept and for this to be a standard means of contact. Alternatively, you can contact a Data Controller at any time to effect this or to address other queries about your data.
USE OF YOUR DATA
We need addresses and telephone contacts in the event of unforeseen circumstances such as change of venue, indisposition of teaching staff causing cancellation or alterations to the schedule etc.. We are obliged to issue students quarterly VAT receipts of any payments made and while this is often done by personal hand-out in hard copy, sometimes it is necessary to post or (where appropriate) email these. It is possible that our records will be examined from time to time by VAT inspectors who will then have access to your non-sensitive data, for example, through VAT invoicing records.
Any sensitive data is gathered purely to help us enhance your learning and development experience on the course and for us more fully to be prepared for any special needs that might be required to assist your satisfactory progress on the course.
SPECIFIC SHARING OF YOUR (Non-Sensitive)DATA
We are obliged annually to supply the host accrediting University (currently Middlesex) with some of the details you have provided us. This takes the form of
- First Name
- Second Name
- Date of Birth
- Home Address
- Start date
We also supply COSRT with a subset of your non-sensitive data. This is part of our contractual obligation with COSRT who register every student on our course. It is mandatory for students to join COSRT as student members and therefore names are cross checked and references taken up.
We like to keep alumni details for the purpose of providing further guidance about events that might be of interest and also because we occasionally seek testimonials for promotional documentation (e.g. web-site). We annually invite alumni to opt in to this arrangement, otherwise all sensitive data is removed within a period of 3 years from graduation. (it is customary to keep records for this period in case of queries that might arise post graduation). Likewise, the original application forms are shredded at the end of this period.
Both Data Controllers keep non-sensitive data on their password and firewall protected computers. Only the Course Directors have access to the sensitive Data.
This is separate to any data which you give to your placement provider. Essays, marks and your Fitness to Practice reports are kept until graduation.
VAT regulations require the non-sensitive data to be archived for 6 years post-invoice. This is done on a stand-alone computer with no internet connection. No sensitive data is kept on a computer, it being purely in the paper form of the application you submitted which gets shredded as described above.
The site administrators use Google Analytics to view the anonymous statistics of the numbers of visitors to the site. No user is identifiable, nor do we participate in any part of the advertising features of the Google service.
If you feel data use has been violated, you have a right to complain to a Data Controller. At all times, you also have a right to complain to the Information Commissioner’s Office, (ico.org.uk) if you think there is a more serious problem with the way we are handling your data.