Privacy and Cookies
Effective date: 31st July, 2024.
Northcoders is committed to protecting your personal data. This policy explains how and why we use your personal data to make sure you remain informed and in control of your information.
You can choose not to receive information or to change how we contact you at any time. If you would like to, please let us know by:
- Emailing: [email protected]
- Writing to us at our company address:
- Telephone: 0333 0143 699 (Mon to Fri: 9am-5:30pm. Sat & Sun: Closed)
Northcoders Group
Manchester Technology Centre
103 Oxford Road
Manchester
M1 7ED
This telephone number will put you through to our IVR (Interactive Voice Response). To speak to Reception, please select the ‘Any Other Queries’ option.
Northcoders will ask its learners or potential learners to ‘opt-in’ to receive information about our products and courses. This means you’ll have the choice as to whether you want to receive these messages.
We will never sell your personal data. However, we may share your data with specific organisations who work with us, in order to provide the service to you. Please see the ‘Disclosing and Sharing Data’ section for further information on this.
Any questions you have about this policy or how we use your personal data should be sent to: [email protected] or addressed to: The Data Protection Officer, at the postal address given above.
About Us
Your personal data (i.e. any information which identifies you, or which can be identified as relating to you) will be collected and used by Northcoders which is a private limited company.
For the purposes of data protection law, Northcoders will be the Data Controller.
What Information Do We Collect?
We collect data you give to us. For example:
- Personal details (name, address, date of birth, email address, telephone number education details etc) when you sign up to an agreement
- Sensitive information known as special category data (ethnicity, health and disability information, additional learning needs)
- Information about your nationality and right to study in the UK
- Financial information (including details of your course fees and payment information such as credit/debit card or direct debit details)
- Details of your course sponsorship
- Information created by your involvement with Northcoders
- Details of your course and course tier
- Details of your qualifications, skills, experience and employment/education history
- Details of your progress and performance and your learning activities
- Details of your schedule and attendance
- Student enrolment details
- Details of any assessments
- Details of any investigation into breaches of our Code of Ethics
- Details of any complaints you make.
We may also collect the following sensitive information (known as special category data) about you:
- Equal opportunities monitoring information about your race or ethnicity, religious beliefs, sexual orientation, and political opinions;
- Information about your health, including any medical condition, sickness records, disabilities and/or additional educational needs.
Information from Other Organisations
We sometimes receive personal data from other organisations, for example, where they have passed us information about people who are interested in our training courses.
Young People
As an education provider, we regularly process personal data relating to young people who enquire about courses and training opportunities.
Sensitive Personal Data
We may collect or store data known as sensitive personal data (such as information relating to additional learning needs or ethnicity). We will do this where we have been asked to do so by official Government agencies, or where the information is needed for the assessment of additional education support needs.
If we do this, we’ll take extra care to ensure your personal data is protected.
Accidents or Incidents
If an accident or incident occurs in one of our training centres, or involving one of our employees, then we’ll keep a record of this (which may include personal data and sensitive personal data).
How Do We Use Personal Information?
We only ever use your personal data with your consent, or where it is necessary:
- To enter into, or perform, a contract with you;
- To comply with a legal duty;
- To protect your vital interests: this means, for example, keeping you safe from harm;
- For our own (or a third party’s) lawful interests, provided your rights are not affected;
- We will only use your information for the purpose or purposes it was collected for;
- Administration.
We use personal data for administrative purposes. This includes:
- Receiving payment (e.g. direct debits or payment card details);
- Maintaining databases of our learners and their educational progress;
- Performing our obligations under training contracts;
- Helping us respect your choices and preferences (e.g. if you ask not to receive marketing materials, we’ll keep a record of this).
Research & Analysis
We may carry out research and analysis on the data we hold to understand behaviour and responses and identify patterns and trends.
We evaluate, categorise and profile personal data to tailor services and communications we send out (including targeted advertising) and to prevent unwanted material from being sent to you.
Anonymised Data
We may combine sets of personal data and change the personal data so that it can no longer be linked to any particular person. This information may then be used to monitor Northcoders’ business performance or to identify trends or patterns within our existing learner database.
Disclosing and Sharing Data
We will never sell your personal data. If you have opted-in to marketing, we may contact you with information about further opportunities in education.
We may share personal data with other organisations who provide us with services. For example, we may use an IT supplier to process personal data. However, these activities will be carried out under contracts which have strict requirements to keep your information confidential and secure.
Data Processor | Purpose of | Location of Data |
---|---|---|
BKSB LTD | Saas Provider for functional skills assessment | Hosted in Ireland |
Pellcomp “PICS2 | Saas Provider for Learner Management System | Hosted in UK Data Centres |
Northcoders works closely with assessment organisations who will receive personal data from Northcoders as part of the assessment process.
These organisations include:
- BCS
- SkillsFirst
These organisations will use assessment invigilators within remote invigilation organisations based in locations outside the UK and EU.
The following information will be processed as part of the remote invigilation:
- Picture
- First and Last Name
- Institution or Organisation
- Exam Information
- Time of Exam
- Picture of ID (which may include driver’s licence, address etc, or passport – which would include passport number and country of citizenship)
- Email Address
- Telephone Number
- Google Map Coordinates of IP Address.
Where we are under a legal or contractual obligation, we may also disclose information with the following:
- With the DfE.
- With your course sponsor.
- With our accountants, auditors, insurers, legal advisors and any other professional advisors.
- With courts and tribunals.
- With government bodies and law enforcement agencies.
- With health and welfare organisations.
- With third parties to whom we may choose to transfer or merge parts of the Trust or our assets. Alternatively, we may seek to acquire other trusts, schools or academies or merge with them. If a change happens to the Trust, then the new management team may use your personal data in the same way as set out in this privacy notice.
This list is not exhaustive as there are other circumstances where we may also be required to share information, for example:
- To meet our legal obligations.
- In connection with legal proceedings (or where we are instructed to do so by Court order).
Marketing
Northcoders will ask its learners and contacts to “opt-in” for marketing communications. This means you’ll have the choice as to whether you want to receive these messages.
We use personal data to communicate with people and promote Northcoders. This includes keeping you up to date with our news and offerings.
Social Media
We work with external marketing agencies who provide information about people who have registered an interest in Northcoders’ courses and where they have given appropriate consent to be contacted.
Digital Media Service Providers
We periodically appoint digital marketing agents to conduct business to business marketing activity on our behalf, and such activity may result in the compliant processing of personal information. This includes contacting individuals within organisations which may be interested in the services Northcoders has to offer. We may also use your photographs and/or other digital images in our marketing material and social media, where you have given us permission to do so.
We sometimes share your data with trusted third parties (such as Google and LinkedIn) to perform advertising services on our behalf. This helps us make sure that the information we serve you is relevant and keeps you up to date with our products and services.
Within Google, two of the tools we use are called ‘remarketing’ and ‘customer match’.
Remarketing is a feature that lets us customise our advertising for users who have previously visited our site. Cookies enable us to serve ads based on your previous usage of the Northcoders site. The ads are served on Google as well as Google’s network of partner sites.
You can opt out of remarketing by turning off marketing cookies. More information about Google’s data use in personal ads can be found here.
Within LinkedIn we use ‘remarketing’ and ‘Matched Audiences’:
Remarketing: We use visitor data gathered via the LinkedIn Insights Tag on our site to run customised ads on LinkedIn.
You can opt out of remarketing by turning off marketing cookies.
Matched Audiences: These are custom audience segments that we use to target advertising campaigns. In some instances, we will share your information (email addresses) with LinkedIn to build these advertising segments.
More information on how LinkedIn keep your data safe can be found here.
How Do We Protect Personal Data?
We use a variety of physical and technical methods to keep your data safe and to prevent unauthorised access or sharing of your personal information.
Electronic data and databases are stored on secure computer systems, and we control who has access to information using both physical and electronic means.
Our employees receive data protection training, and we have a set of detailed data protection procedures which personnel are required to follow when handling personal data.
CCTV
Some of our premises have CCTV and you may be recorded when you visit them. CCTV is there to help provide security and to protect both you and Northdcoders. CCTV will only be viewed when necessary (e.g. to detect or prevent crime) and footage is only stored temporarily. Unless it is flagged to review, CCTV will be recorded over.
Northcoders complies with the Information Commissioner’s Office CCTV Code of Practice. We display notices to let you know when CCTV is in use.
Storage of Personal Data
Where Northcoders information is stored
Northcoders operations are based in the UK, and we store our data primarily within the UK and European Economic Area (EEA).
Northcoders will occasionally use services outside of the UK and EEA to process personal data, but only where the service ensures an adequate level of protection and where appropriate safeguards have been provided.
Northcoders has put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
How long does Northcoders keep information for?
We will only use and store information for as long as it is needed for the purposes it was collected for. How long we keep information depends on the information and what it’s used for. For example, if you ask us not to send you marketing emails, we will stop storing your emails for marketing purposes (though we’ll keep a record of your preference not to be emailed).
We continually review what information we hold and delete what is no longer required. We never store payment card information.
How do we ensure that you remain in control of your data?
We want to ensure you remain in control of your personal data and that you understand your legal rights which include:
- The right to ask and be told whether or not we have your personal data, and if we do, to obtain a copy of the personal data we hold (this is known as a subject access request);
- The right to have your data deleted (though this will not apply where it is necessary for us to continue to use the data to administer your training course);
- The right to have incorrect data amended;
- The right to object to your data used for marketing purposes or profiling.
Please note that there are some exceptions to the rights above and, although we will always try to respond to your satisfaction, there may be situations where we are unable to do so.
If you would like further information on your rights, please write of email our Data Protection Officer at the addresses given at the start of this policy.
We can provide you with a subject access request form template which includes guidance on how to make your request, and will help us respond more quickly. Please contact us for a copy of this.
Complaints
You can complain to Northcoders directly by contacting our Data Protection Officer, using the contact details set out at the start of this policy.
If you would like to make a complaint which does not directly relate to your data protection and privacy rights, please see Northcoders Complaints Policy.
If you are not happy with our response, or you believe that your data protection or privacy rights have been infringed, you can complain to the UK Information Commissioner’s Office which regulates and enforces data protection law in the UK. Details of how to do this can be found at www.ico.org.uk.
Cookies and Links to Other Websites
Cookies
For information relating to cookies and to set your preferences, please refer to our Privacy Preferences Page.
Links to other websites
Our website contains hyperlinks to many other websites. We are not responsible for the content or functionality of any of those external websites (but please let us know if a link is not working by using the ‘Contact Us’ link at the top of our web page).
If an external website requests personal information from you, the information you provide will not be covered by the Northcoders’ Privacy Policy. We suggest you read the Privacy Policy of any website before providing any personal information.
When purchasing goods or services from any of the businesses that our site links to, you will entering into a contract with them (agreeing to their terms and conditions) and not with Northcoders.
Changes to this Privacy Policy
We’ll amend this Privacy Policy from time to time, to ensure it remains up-to-date and accurately reflects how and why we use your personal data. The current version of our Privacy Policy will always be posted on our website.