Privacy Policy

Privacy Policy

INTRODUCTION

Welcome to the Global University Systems privacy notice.

Global University Systems, a trading name of Global University Systems B.V. and its subsidiary companies, respects your privacy and is committed to protecting your personal data. This privacy notice tells you how we look after your personal data when you visit our websites (regardless of where you visit from) and tells you about your privacy rights and how the law protects you.

This privacy notice is provided in a layered format so you can click through to the specific areas set out below. Please also use the Glossary at section 6 for the meaning of some of the terms used in this privacy notice.

  1. IMPORTANT INFORMATION AND WHO WE ARE
  2. THE DATA WE COLLECT ABOUT YOU
  3. HOW IS YOUR PERSONAL DATA COLLECTED
  4. HOW WE USE YOUR PERSONAL DATA
  5. PURPOSES FOR WHICH WE WILL USE YOUR PERSONAL DATA
  6. GLOSSARY

PURPOSE OF THIS PRIVACY NOTICE

This privacy notice aims to give you information on how Global University Systems collects and processes your personal data including any data you may provide through this website when you:

  • Arrive on our website from a social media site such as Facebook Twitter, Instagram, Snapchat, Pinterest, VKontakte or LinkedIn;
  • Complete a call back / enquiry form;
  • You register on our site to apply for a course or programme, corporate/ executive education, professional training, (online, distance learning or campus based) and whether you are applying for yourself or for employees or other staff at your organisation which may be or become a customer of ours;
  • Sign up for marketing materials; or
  • You provide us with your personal data by any other means.

This website is not intended for children and we do not knowingly collect data relating to children on this website. However where GUS processes personal data of children in its business operations, we ensure that appropriate safeguards and consents are obtained from parents or caregivers as applicable [and that we follow relevant guidance from the Information Commissioner’s Office in relation to the processing of children’s data]. You may contact dataprotection@gus.global for further information about this.

It is important that you read this privacy notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data.

This privacy notice supplements the other notices and does not replace them.

1. IMPORTANT INFORMATION AND WHO WE ARE

DATA CONTROLLER

Global University Systems B.V. is a company registered in The Netherlands under company number 55367453 and we have our registered office and our main trading address at Tower H, WTC Amsterdam, Zuidplein 36, 1077 XV Amsterdam, The Netherlands.

GUS Services UK Limited is registered with the Information Commissioner’s Office (ICO) with registration number ZA503946

Notification details can be accessed by searching the Data Protection Public Register.

The Global University Systems B.V. group of companies is made up of different legal entities, details of which can be found here. This privacy notice is issued on behalf of the Global University Systems group of companies so when we mention Global University Systems, "GUS", "we", "us" or "our" in this privacy notice, we are referring to the relevant company in the GUS Group responsible for processing your data. When you apply for programmes, courses or otherwise purchase a product or service with us, the controller will be the name of the institution that you are register with, unless otherwise indicated in writing to you in the application process. However, when you are just browsing our websites, the relevant data controller is GUS Services UK Limited, unless specifically mentioned otherwise on a particular website.

We have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the DPO using the details set out below.

CONTACT DETAILS

Our full details are:

Full name of data controller legal entity: GUS Services UK Limited

FAO Data Protection Officer

Email address: dataprotection@gus.global

Postal address: Legal Department, 30 Holborn, London, EC1N 2LX,

Telephone number: + 44 (0) 20 3435 4455

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We consider that the ICO would also be the lead supervisory authority for GUS since the UK is the place of the majority of our operations. For data protection issues in other countries, you have the right to complain at any time to the supervisory authority for that country.

We would always prefer that you come to us to help address any concerns of a privacy nature however before you go to the ICO or other applicable supervisory authority, so please contact us in the first instance.

CHANGES TO THE PRIVACY NOTICE AND YOUR DUTY TO INFORM US OF CHANGES

This version was last updated March 2019 and historic versions can be obtained by contacting us.

We may from time to time change the detail in this notice. Any changes we may make in the future will be posted on this page. Please check back frequently to see any such updates or changes.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

THIRD-PARTY LINKS

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.

2. THE DATA WE COLLECT ABOUT YOU

Personal data, or personal information, means any information about an individual from which that person can be identified. Anonymous data is therefore not treated as personal data.

We have grouped together different kinds of personal data which we may collect, use, store and transfer as follows:

  • Academic Data includes eligibility data including education and academic history, training records, qualifications, personal statements, CVs, personal achievements and references.
  • Identity Data includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender, NI number, Unique Learner Number, nationality, residency status, disability declaration, criminal conviction declaration, third party student reference number where that third party shares your data with us, (eg UCAS, HESA and similar such organisations), photographic images.
  • Contact Data includes billing address, term-time and permanent residential address, country of residence, email address and telephone numbers.
  • Emergency Contact Data about next of kin names and contact details for use when there is an emergency that has involved you.
  • Employment Data (if you are sponsored by your employer) includes employer details, start date, end dates, NI number, your job title, contact details at work (email address, telephone number and postal address).
  • Financial Data includes student loan information, bank account and payment card details.
  • Marketing and Communications Data includes your preferences in receiving marketing from us and your communication preferences.
  • Profile Data includes any of your usernames and passwords, enquiries made by you, purchases or orders made by you, your interests, preferences, feedback and survey responses.
  • Student Data includes your term time and home address, ID photo, subject of interest, chosen GUS course or GUS programme (or one of our partner establishments), your progress data and your results (coursework and exam, including mocks), other results from before final study years, exam scripts and transcripts, your attendance, lecturers’ and tutors’ feedback on you or your staff (if you are a corporate) (student references), communications with GUS received by you to or from your GUS email address, the extent of your use of any learning facilities / services by GUS information relating to your use of the GUS library resources (including materials checked out and overdue items), data about your membership of student groups, associations and any event attendances), information regarding mentor and mentee data, and your membership of any relevant alumni network, data around your taking part in events hosted by us or advertised by us, learner analytics and profiling data, any disciplinary data, student, course, or tutor- related complaints data and any claims involving you of any nature whatsoever, extenuating circumstances, appeals, additional information as required by professional/accreditation/awarding body.
  • Monitoring and Reporting Requirements Data includes destination of leavers of HE data and Student Data reported to third parties for regulatory purposes.
  • Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.
  • Technical Data includes your IP address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
  • Usage Data includes URL data, web analytics data in relation to how you arrived at our sites, from where, what search items you looked for, which pages you visited on our sites, the duration of your visits and such other information about how you use our websites and the information provided on them, and how you use our products and services so as to assist us to improve our website offering to you.
  • Visa Data for international students, including passport and previous visas data, bank statements or other financial information for satisfying ourselves that visa requirements are met

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.

SPECIAL CATEGORY DATA

When you make an application on our website for a course or programme we will ask whether you have any disabilities. You are not obliged to inform us but any information you do provide will assist us to assess how we will meet our statutory obligation in relation to your disability.

CRIMINAL OFFENCE DATA

For the purposes of compliance with our Safeguarding Policy, we may ask for DBS checks or seek criminal records information. This type of data is regulated under the GDPR and we ensure that we limit the use of any such data both in time and in scope and that we meet appropriate lawful grounds for processing such data.

For further information please contact us at dataprotection@gus.global

IF YOU FAIL TO PROVIDE PERSONAL DATA

Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.

3. HOW IS YOUR PERSONAL DATA COLLECTED?

We use different methods to collect data from and about you including through:

Direct interactions. You may give us your Identity, Contact and Financial Data by filling in forms or by communicating with us by post, phone, email or otherwise. This includes personal data you provide when you:

  • Apply for our products or services;
  • Create an account on our website;
  • Use our site;
  • Subscribe to our service or publications;
  • Request marketing to be sent to you;
  • Enter a promotion or survey; or
  • Give us some feedback.

Automated technologies or interactions. As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies. Please see our cookie policy (here) for further details.
Third parties or publicly available sources. We may receive personal data about you from various third parties and public sources as set out below:

Technical Data from the following parties:

a) analytics providers such as Google analytics, Google optimizer, Google Webmaster tools, Google tag manager, Facebook, Instagram and Conversant based out of Europe & Convertr Media based in UK and other similar services which we will be using in the future;

b) Advertising networks such as Google Advertising Network, Facebook, Instagram, Bing and Linkedin based outside the EU and similar network we will be partnering with; and

c) Search information providers such as Google, Bing and other search engines based inside and outside the EU, social media networks such as Facebook, Linkedin and Instagram, based inside the EU and others providing similar services.

d) Contact, Financial and Transaction Data from providers of technical, payment and delivery services such as Conversant, Google Analytics, Facebook, Instagram, Bing, Linkedin and Stripe, based outside the EU and Convertr Media based inside the UK including similar services we will partner with in future.

e) Identity and Contact Data from data aggregators

f) Identity and Contact Data from publicly availably sources such as the Electoral Register based inside the EU.

g) Student Data from staff, administrative functions of other educational establishments, mentees or mentors, complainants.

h) Academic, contact, identity, marketing and communications and technical data from (i) publishers, who are owners of private websites, and are based in and outside Europe and (ii) agents, referring organisations such as other universities and (iii) UCAS.

4. HOW WE USE YOUR PERSONAL DATA

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Where we need to perform the contract we are about to enter into or have entered into with you.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  • Where we need to comply with a legal or regulatory obligation.

Please see the table below to find out about the types of lawful basis that we will rely on to process your personal data.

Generally we do not rely on consent as a legal basis for processing your personal data other than in relation to sending direct marketing communications to you via email or SMS. You have the right to withdraw consent to marketing at any time by contacting us at dataprotection@gus.global by clicking the unsubscribe link in the relevant emails.

5. PURPOSES FOR WHICH WE WILL USE YOUR PERSONAL DATA

We have set out below a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

We may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.

GUS Website Visitor

Students or Prospective Students

GUS Job applicant

GUS Staff

GUS Former Employee

Clients of GUS (including employer clients)

Suppliers to GUS

COOKIES

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. For more information about the cookies we use, please see here.

6. GLOSSARY

LAWFUL BASIS

Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting our DPO (dataprotection@gus.global).

Contractual necessity means processing your data where it is necessary for the performance of a contract to which you are a party or to take preliminary pre-contractual steps at your request before entering into such a contract.

Comply with a legal or regulatory obligation means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.

THIRD PARTIES

INTERNAL THIRD PARTIES

Other companies in the GUS Group acting as joint controllers or processors and who are based throughout the world and provide shared services such as IT, legal services, system administration services and leadership reporting.

EXTERNAL THIRD PARTIES

SPECIFIC THIRD PARTIES

Third party systems on which data may be hosted include: