- To comply with our obligations under the General Data Protection Act and any other relevant legislation.
- To keep your personal information and the business you do with us in strict confidence.
- To obtain your personal information lawfully and fairly.
- To maintain appropriate procedures to ensure that personal information in our possession is accurate and, where necessary, kept up-to-date.
- Where we choose to have certain services, such as data processing, provided by third parties we do so in accordance with applicable law and take all reasonable precautions regarding the practices employed by the service provider to protect personal information.
- To maintain appropriate technical and organisational safeguards to protect personal information against loss, theft, unauthorised access, disclosure, copying, use or modification.
- Not to sell your personal information.
1- Who we are
International House London, International House Young Learners and International House Trust Assessment are trading names of International House Trust Limited. Hereafter International House Trust Limited will therefore be referred to as ‘we’, ‘us’ and ‘our’.
International House Trust is a company limited by guarantee, registered in England and Wales with company number 1239120 and a charity registered in England and Wales with charity number 270860, whose registered office is 16 Stukeley Street, London, WC2B 5LQ.
Our primary websites are ihlondon.com and testmylevel.com.
2- What is personal data?
Personal data is defined by the General Data Protection Regulations as:
“any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
3- Legal bases for processing your data
We use different legal bases for processing data that you provide us:
- Contract: when you use and participate our events, training or services
- Legitimate interest: where you have previously used our services or attended our events or training.
- Consent: where any processing or secondary processing of your personal data is shared with third parties or where you agree to the specific use of your personal data as per the terms and conditions of the event, training or other service you are registering for.
4- Personal data we collect, why we collect it and who we share it with
We collect personal data as set out below in order to promote and provide our services.
We collect student data in order to facilitate our teaching activities including monitoring, achievement, progression and feedback. We also require this data to provide and ancillary such as accommodation, welfare and to track participation in our social programme. We also use this data to inform students or past students about courses and events that we believe may be of interest to them.
When collecting data for students, we may occasionally collect personal data for children. This information is normally provided to us by the parents, the centre where they are studying or by agents.
For children younger than 16 years old, the use of any of our services is only allowed with the valid consent of a parent or a guardian. In limited cases as part of a reservation, purchase or travel-related services, or in exceptional other circumstances, we may collect and use information of children only as provided by the parent or guardian or with their consent. If we become aware that we process information of a child under 16 years old without the valid consent of a parent or guardian, we reserve the right to delete it.
We collect candidate data in order to enroll participants into their choice of examination, to supply them with the exam results, to facilitate any appeals and where explicitly stated to pass the exam details and result to a third party. We collect feedback from our candidates to improve our services. Additionally, we use this data to inform candidates about specific courses related to their examination.
We collect limited personal data from our agents to enable us to keep in contact about opportunities for their clients to use our services. We also provide agents with data about their clients’ participation of our programme.
Course Applicants (including in person/telephone enquiries)
We collect Course Applicant data in order to ensure smooth conversion of this data once the application has been processed. We also use this data to inform course applicants about courses and events that we believe may be of interest to them. We collect limited personal data from enquirers to enable us to provide our prospective clients with accurate and useful information regarding our services.
Homestay Accommodation Providers
We collect limited personal data from our homestay accommodation providers to improve the effectiveness of our services and maintain accurate communication. We also share limited student data with our homestay accommodation providers for safety purposes, following the British Council Guidelines on student housing.
- Statistical: anonymous information about how many users we have, how often they visit, which pages are visited most frequently, and by what types of users, in what countries.
- Technical: personal information to remember a visitor within the same browsing session and to ensure that the interface is adapted to their device (e.g. when you click ‘remember me’)
You can turn off cookies, but if you do, you may not be able to use all the features on our websites and we may not be able to store your preferences (such as whether you have accepted cookies). This will not prevent other cookies being placed on your device unless you adjust your settings.
5- How we collect this information about you:
We collect the information listed through different channels:
- Digital / online forms e.g. for event participation
- Phone calls and correspondence
- Visiting our websites and/ or social media pages
- Our participation at UK and international education events.
6- How we use your information
We process your personal data in accordance with our obligations under applicable data protection laws and regulations, for the following reasons:
|Service||Basis for processing|
|To provide you with details of events and services that you have requested or that are strongly related to services that you have used||Contract|
|To provide you with details of events and services that we think may be of interest to you.||Legitimate interest|
|To notify you of changes to our services, training and events.||Legitimate interest|
|To provide you with a service. This may include passing your data to a third party, e.g an accommodation provider, tour guide or exam board.||Contract|
|Your employer or similar sponsor of services we have provided to you, where we have notified you in advance or we hold a written consent from your sponsor||Consent|
|For internal administrative purposes, e.g. updating records or implementing credit control.||Contract|
|To comply with applicable laws and regulations in relation to requests from statutory agencies (such as the Information Commissioner’s Office, the police or HMRC).
|To meet our safeguarding obligations||Vital interest|
7- How long we keep your personal data
We only keep your information for as long as we need it to provide you with the services or information you have requested, to administer your relationship with us, to comply with the law, or to ensure we do not communicate with those that have asked us not to.
Our general retention period is five years after a record has ceased to be active.
8- Where we store your personal data
We store your data on two different platforms:
- on-premises server
- public cloud-based storage
We use appropriate business systems and procedures to protect and safeguard the personal data you give us. We also use security procedures and technical and physical restrictions for accessing and using the personal data on our servers. Only authorized personnel are permitted to access personal data in the course of their work.
Any payment transactions will be encrypted using SSL technology (SSL stands for ‘Secure Sockets Layer’ and creates encrypted connections).
Unfortunately, the transmission of information via the internet is not completely secure. We cannot guarantee the safety of your data during transmission, but once we receive your data it will be used and stored securely.
9- Access to your information
We allow our staff to access and use your information for the purposes for which you have provided it to us. For added security we require all staff with medium-high data access levels to utilise multi-factor authentication via our Cloud systems and storage.
Any third-party agencies engaged by us to carry out our services are carefully selected and required to demonstrate compliance to UK data protection legislation.
We will only share your personal information with third parties where it is directly relevant to the services you have requested. We require third parties to treat your data with the same level of care as if we were handling it directly.
We may also disclose your personal information to third parties if we are under a duty to disclose or share it in order to comply with any legal obligation, or in order to enforce or apply any agreements, or to protect the rights, property or safety of International House Trust or others.
10- Your consent
While we will seek consent at the point of collecting your data, in some cases we may process data without consent when we are legally allowed to do so and where it is in our legitimate interests.
You can withdraw your consent at any time – please see section 12
If you request not to receive any further contact from us, we will keep a record so we know not to contact you in the future. This will include your name, organisation and preference not to be contacted
11- Your rights
We understand that privacy and data are sensitive and important. You have a number of rights in relation to your data. These are:
- The right of access: you have the right to access the data and information we hold about you. Please see below for details on how to request this information
- The right to rectification: we want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate by contacting us using the contact details below
- The right to erasure: you can request that we delete the information we hold on you by contacting us using the contact details below.
- The right to restrict processing: you can let us know how you want us to use your data by getting in touch with us using the contact details below.
- The right to data portability: you have the right to request your data be provided in an easy to use format to another supplier.
- The right to object: you can opt out of hearing from us at any point by contacting us using the contact details below.
12- Legal information and how to contact us
The controller of personal data is the company that determines the purpose and means of processing your personal data. The controller of your personal data for marketing purposes is International House Trust.
You have a right to access the personal information we hold about you and in certain circumstances to be provided with a copy of that information. You can request this by using the contact details below.
If at any time you do not wish to receive further information about us and our services, or you wish to change your contact details or preferences, please contact us using the details below. Please note that we will keep some basic contact information to ensure we don’t contact you again in the future. If we completely erased your records then we wouldn’t be able to ensure we don’t contact you again in the future.
Data Protection Officer, International House Trust, 16 Stukeley Street, London, WC2B 5QL.
Requests will be dealt with and responded to within 30 days.
If you are unhappy with the way in which your personal data has been handled you are entitled to make a complaint to firstname.lastname@example.org.
What is a cookie?
Cookies are small text files that are sent by websites that you visit to recognise who you are when you return there. There files are stored on your computer’s hard drive, and are read by your web browser.
How are cookies used?
In short, cookies are a way of providing statistics on site visits as well as some limited functionality that makes your site visit easier. When used properly cookies are an asset to a site visitor and a site owner. They are not viruses, but some unscrupulous outfits will use them maliciously – we follow best practice for cookie use.
The following page lists all the cookies used on our site by us, and our technology partners.
Adobe uses a particular type of cookie called a ‘Local Shared Object’, which is typically collected if you watch a video for example that uses the Adobe Flash media player, i.e. an embedded YouTube video on a page that is being played via Flash. Please note that these types of cookie will not be found on iPads, which do not support Flash. Have a look at Adobe’s website if you want to control Flash cookies on your computer. If you’ve got a Firefox browser you can also get an add-on to detect and delete Flash cookies.
Opting out of cookies?
There are a number of options available so that you do not have to store any cookies at all. You can either set your browser so that it will not accept and store any cookie, or if you have a little more time and knowledge you are able to allow only certain ‘trusted’ sites to store cookies on your computer. These sites may include us (of course!), or the site where you carry out your online banking, or possibly your favourite news service.
It’s worth bearing in mind that if you decide to delete all of your cookies, then you will likely have to re-enter all of your usernames and passwords on all of the sites that you visit, which you previously didn’t even have to think about. As we mentioned before, cookies can be a real asset to your web surfing experience.
The Information Commissioner’s Office (http://www.ico.gov.uk/) provides some advice about cookies and their use, but it also provides a link to ‘About cookies’ (www.aboutcookies.org) which is run by the law firm Pinsent Masons. This website provides even more information about cookies if you feel that this page and the ICO is not enough information for you, but it also details how you might delete any cookies that you find, and it also shows you how to allow those trusted sites to store their cookies on your computer.
What is a web beacon?
Web beacons are also sometimes referred to as ‘web bugs’ and are small single pixel transparent image files. They allow website owners to know when a visitor has reached their website, and are used in conjunction with cookies to allow further website tracking to be monitored. Again, these files are not viruses, but are useful in helping us to make your web surfing experience better.