To ensure that we comply with all of its requirements we have added the important points and clauses to help users understand what information we collect, how the information is collected and processed, and what rights the users have under GDPR.
We have divided the content into separate sections to make it easy for users to read the relevant section(s). Furthermore, all the processing of your personal information complies with the GDPR requirements. Please note that we ask you to give your explicit consent on the student registration form before using our services.
IMPORTANT TERMINOLOGY UNDER GENERAL DATA PROTECTION REGULATION (GDPR)
Any information related to a natural person or ‘data subject’ that can be used to identify the person directly or indirectly.
A natural person whose personal data is processed by a data controller.
The entity that determines the purposes, conditions and means of the processing of personal data.
Any freely given, specific, informed and explicit expression by statement or action signifying agreement to the processing of the personal data by the user ‘data subject’.
Any operation performed on personal data, whether or not by automated means, including collection, use, recording, etc.
WHAT TYPE OF PERSONAL INFORMATION WE COLLECT
We may collect and process the following kinds of personal information:
- Name and important personal information
We may collect your full name, gender, date of birth, profession, personal public service number and education history.
- Your contact details and account registration information
Your personal contact details may include your postal address, mobile telephone number, landline telephone number and email address. In addition, when you sign-up or register on our website, we also save other information such as state, city, eircode, postal code and other relevant details.
- Online communication
When a user/reader communicates with us through email, telephone, or chats with us online, we may record their communications with us for future use.
AUTOMATIC COLLECTION OF DATA
We may also collect some information automatically when you visit our website. This information includes:
- IP (Internet protocol) address
- browser type
- session (time) of user on the website
- operating system
HOW WE PROCESS PERSONAL INFORMATION
The personal data of users is saved on our databases and is processed further for course administration and marketing purposes.
WHY PERSONAL INFORMATION IS PROCESSED
We use personal information for various purposes, including:
Course administration. Personal information is gathered to register students with our external validating agency, to enroll students on our courses and on our online learning platform, and to document and retain students’ academic records.
Monitoring of user activity. The responses of users (especially students and potential students) are also processed in order to monitor overall engagement of users with our website (https://prioryinstitute.com/) and report if something unusual happens. To stop activities that may harm our Priory Institute website or users’ data (such as spam messages and software applications that run automated scripts over the Internet to obtain data from websites), a continuous evaluation of automatic data (such as IP address and search history) is monitored.
Feedback and improved user experience. This provides improved services to students, users and readers who use our website. We encourage our students and website users to share their user experience feedback with us through chat, e-mail or our ‘contact us’ form.
Advertising. We advertise to people who have registered for our courses or given us their contact details by email. We also advertise to people who have visited our website by recording their IP addresses.
DISCLOSURE OF INFORMATION TO THIRD PARTIES
The Priory Institute does not sell or distribute personal information of students to random third parties. Some information is shared with or stored with our reliable and designated third parties such as our academic validating agency, our database provider, the company hosting our online learning platform, our online accounting provider and our online credit card payment provider.
In order to ensure compliance with EU GDPR regulations, we will update our subscribed users on the use of their information by third parties This step will be taken in order to ensure transparency for our users.
PROMOTION AND ADVERTISING
We abide by the law to protect the sensitive information gathered from users. We undertake to carry out promotions and advertising campaigns in compliance with the EU’s GDPR. Also, people will only see or receive promotional emails that relate to their general interests as indicated by website cookies or tracking tools, such as Google Analytics. Website visitors may also choose to receive promotional content through our newsletter.
The Priory Institute retains all the personal information of students for a period of six (6) years after the completion of their studies The Institute will hold some data indefinitely (such as academic records of courses followed and grades awarded). If students wish us to remove other personal information from our databases, they can contact us at [email protected]. See ‘right to erasure’ below.
The security of personal information is important to us. We follow the GDPR to protect submitted personal information during its transmission and after we receive it. No method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security.
We have not faced any data breach in the past. However, we will report any unlawful data breach of our online databases to all relevant individuals and authorities within the prescribed time period of 72 hours when it is obvious that personal information or data stored in an identifiable manner has been stolen or breached.
USERS’ RIGHTS AND CONTROL OVER INFORMATION UNDER GDPR
Profile updates. Users have the right to access and update information in their profiles, such as name, email address, postal address and telephone number(s).
Email preferences. We respect the privacy and personal choices of our users. Individual users can unsubscribe at any time from promotional emails. We try to cater for the unsubscribe requests of our users in a timely and prompt manner.
Right to erasure. Users have the right to contact us if they want us to delete their information from our databases. If they do not wish their data to be stored by us, they should request that we remove their personal information (apart from their academic records of courses followed and grades awarded) and we will erase it.
Right to be informed. Users have the right to know how we process their information/data.
Right to access. Users have the right to ask what information about them is stored in our databases.
Right to data portability. Users have the right to receive the personal data which they have shared with us, in a structured and machine-readable format, to transfer it to another data controller with their consent and/or under any binding contract.