What Are Browser Cookies?
They are very small text files that are created by a website through a browser on your computer. They are used to help you navigate a website, identify preferences and perform specific functions, for example, you input a room’s dimensions into a text box on a website and the website then automatically calculates the materials required for each product page that you visit on that website.
For more information on Cookies and how to control their use please visit AboutCookies.org
How We Use Browser Cookies
- Site performance cookies
These improve site performance by caching some of the website information on your computer.
- Anonymous analytics cookies
Anonymously tracking page visits, hits, search terms, visitor locations etc. for statistical purposes, which help us to improve our services. We use Google Analytics to provide us with information about the use of the website, examples of this statistical information would be how many visitors from the United Kingdom we have had, how many visitors used Internet Explorer as a browser, how many pages were visited today, what words visitors search for to find our website etc.
- Geotargetting cookies
These cookies are used by software which tries to work out what country you are in from the information supplied by your browser when you click on a web page. This Information is completely Anonymous and is designed for the site to serve the correct content for your particular location. For example: changing the default site language to Italian if we detect that you are trying to access CELT From Italy.
Cookie Control via Your Browser
On 25th May the Data Protection Act 1998 became the Data Protection Act 2018 and General Data Protection Regulation (GDPR). CELT will always be transparent with you about how we use, store and share your personal data, and we are committed to ensuring this information is only used for the purpose it is intended.
Data Protection Officer: Neil Harris, CELT Centre for English Language Teaching, 6-8 Salisbury Road, Cardiff CF24 4AD. firstname.lastname@example.org
Students and the Application Process
Why we need your personal information:
To process your application to study with us and issue you with an offer letter, we ask for your personal details and additional documentation to support your application. We use your passport to ensure the information in your offer letter is accurate and to verify your identity at enrolment. We may use your personal details to contact you about your application. The personal information we request from you may vary depending on the type of course you apply for. For example, to apply for a Holiday English Course for a junior, we need to receive completed and signed Parent Consent forms. If your application is being made through an agent, we will send your offer letter directly to them. Your offer letter will contain personal information such as your date of birth and passport number. If you are applying for homestay accommodation, we share key information with your homestay provider to find you the most suitable accommodation.
How we use your personal data:
We use your personal data to process your application to study with us and to issue your offer letter. We collect other information about you, such as medical information and emergency contact details to see if we need to make any special arrangements for you. The information you provide will only be shared within CELT if we feel there is a legitimate reason to do so. For example: we may pass your phone number to our Admin team if they need to contact you outside your class hours regarding a homestay issue.
We have a duty of care to ensure any medical conditions you declare are communicated to the relevant people. For example, if you declare a medical condition and are applying for homestay accommodation, we may need to make the homestay provider aware to ensure your safety. There may be occasions that we will need to inform school staff and teachers of your medical condition to make them aware of issues which may happen in class. Whenever there is a genuine need to share your personal information, we will always seek your permission first and inform you of how this information is being shared.
How your data is stored:
All of your information is stored on a secure student database used solely by CELT and we also hold this information within your personal student file, which is also held securely.
Personal data will also be stored electronically. Whenever such information is stored in this way (for example, in a Word or Excel document) the information will be held securely using a password. We have introduced strict internal procedures to ensure your personal information is protected.
We will always do our very best to obtain your consent. As a business, we have taken steps to ensure these procedures are maintained. There will be instances where, given legitimate cause, we will share your personal information. For example, we may pass your personal data (such as your name, date of birth and address) to a doctor if you ask us to help you secure an appointment for medical treatment.
Sharing Your Personal Data
There may be occasions which arise during your course when we need to share your personal data for other reasons, which include, but are not limited to:
- Sharing information about your course, attendance and progress to your agent/representative, sponsor, parent or person responsible for paying your course fees
- Sharing personal data for academic purposes including student reports, grades, transcripts and references. For example, helping you in an application or with a reference for a university course of study
In any situation where we do not have your permission to use your personal data, we will obtain this as detailed below.
How We Obtain Consent
In writing: Before obtaining your consent to share your personal data, we will always tell you why we need to do this. Where possible, we will always try to obtain your consent in writing. This may be on a form where you show your consent by ticking a box and signing a declaration. We may sometimes ask you to write a letter of authorisation – a document that shows you have given permission for us to share your personal data for a specific reason (such as sending your certificate of achievement directly to an agent).
Verbally: Where we are unable to obtain written consent, we may do this verbally. In cases like this, we will make a record that such consent has been obtained to demonstrate that you have given authorisation for us to share your personal data and for what reason.
Where Your Data is Stored
Your personal data is stored electronically and in files, which are stored under lock and key. We store your data in the following ways:
- When you apply to study with us we create a student file to store hard copies of your application form, copy of your passport, supporting documentation (such as proof of education) and your visa(s)
- Your personal data including your name, date of birth, sex, nationality, address, contact phone numbers, email address and age are entered into our student database, which is hosted on a remote secure server
- If we store information about you in Office products (such as Word and Excel), they will be protected with a secure password
- Information you supply to us by email will be retained for audit purposes for up to 5 years
- Academic information stored about you will be held as detailed above
- In cloud-based applications (such as Dropbox), with secure and monitored access
For applicants that apply to study with us but do not enrol:
In line with GDPR, and to comply with our internal policies, if you fail to enrol / register / start your course at CELT, we will securely destroy all data we hold about you, both in paper and electronic form and your offer will no longer be valid. This procedure, known as GDPR Erase, will be carried out 21 days following your start date if we have not been able to contact you. Should you wish to reapply for the same, or any other course, we will require a new application to be submitted along with the relevant supporting documentation.
For applicants that enrol:
We will retain records for those that enrol and complete their studies with us for 5 years from the start date of the course for audit and inspection purposes.
Deleting Your Personal Information
In line with our retainment procedure (above), you have the right to request and see the information we hold about you at any time. This request should be made in writing to the Data Protection Officer. Your request will be acknowledged within 48 hours and arrangements made to fulfil your request within one calendar month from the date the request was received.
We will take steps to verify your identity should such a request be received to ensure we are providing the information to the correct person.
Should there be legitimate cause to delete your personal data, it will be done in the following ways:
- Where information is held on our student database, we will delete all your data using ‘GDPR Erase’
- Electronic communication (email) that contains personal data and attachments (such as copies of your passport, application forms and supporting documents) will be permanently deleted from our systems
- Where your information is stored in Office documents (such as Excel and Word) we will remove your data from these files
- Paper copies of your personal data will be shredded using shredders that comply with GDPR
The above procedures will be used to securely destroy your personal data in line with our retainment procedure. Should you request to see/ask that your personal data is destroyed within the retainment timelines, we will discuss this with you and provide written confirmation detailing what information has been deleted and how it was destroyed.
Protecting Your Data
We have taken steps to ensure we protect your personal data and act responsibly as a business:
- Providing our team with awareness training relating to GDPR and keeping your personal data secure
- Informing all new staff, interns and volunteers about GDPR through induction
- A Data Protection Policy
- Strict internal procedures to ensure your data is kept safe
Verifying Your Identity
There are occasions when we need to identify you to ensure we are sharing information with the correct person. For example, there are occasions when a former student will request a copy of their certificate over the phone. In such instances, we will ask you three questions to verify your identity such as your full name, date of birth and dates of study.
If someone were to request information on your behalf, we would need (1) your written consent to do this, or (2) speak to you in person and gain your verbal permission before speaking to the other person.
Photographs and How We Use Your Image
The law states that verbal consent is considered to be enough when asking if we have permission to take your photo. However, to aid our transparency, we do on occasions ask you to complete a signed declaration that details how your image will be used and for what purpose. Use may include:
- Using your image for marketing purposes and in our marketing material such as brochures and leaflets
- Across our social media platforms, which include YouTube, Instagram, Facebook and Twitter
- On our website
- On display throughout the school
- In videos made for training purposes
We always do our best to limit the personal information we share about you. For example, we will only use your first name and never tag you in a post or directly link you in a way that could further identity you.
If you are aged under 18, we will ensure we have permission to use your image from your parent or guardian.
Page last updated: 06/03/2019