Privacy Policy

This Policy applies as between you, the User of this Web Site and Thrive at University the owner and provider of this Web Site.  This Policy applies to our use of any and all Data collected by us in relation to your use of the Web Site and our Services. This Policy was last updated on the 10 August 2020.

The Regulation 

This Data Protection Policy applies to the services of Thrive at University. If you live in or outside the European Economic Area, Regulation (EU) 2016/679 (General Data Protection Regulation) is the applicable regulation and in the UK, it is the Data Protection Act 2018. 

The Controller 

LEÏLA POWELL LTD trading as Thrive at University with Company Number 12779602 of Unit 24 Wilford Business Park, Ruddington Lane, Nottingham, United Kingdom, NG11 7EP is the Controller of your personal data.

The Supervisory Authority

The Information Commissioner’s Office (ICO) in the UK is the for us relevant authority in matters of data protection. You have the right to make a complaint at any time to the ICO (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance. 

Accuracy

It is important that the data we hold about you is accurate and current, therefore please keep us informed of any changes to your personal data.

Children Data

Children need particular protection when collecting and processing their personal data because they may be less aware of the risks involved. Compliance with the data protection principles and in particular fairness is central to all our processing of children’s personal data. Where we process 

a child’s personal data consent from whoever holds parental responsibility for the child is obtained.

Children have the same rights as adults over their personal data. These include the rights to access their personal data; request rectification; object to processing and have their personal data erased.

What is personal data?

Personal data refers to any information relating to an identified or identifiable natural person (“Personal Data”).

What data do we collect?

We may collect data or ask you to provide certain data when you use our website and services. The sources from which we collect Personal Data are:

Academic Data

Academic Data includes eligibility data such as education and academic history, training records, qualifications, personal statements, CVs, personal achievements and references.

Identity Data

Identity Data includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender, nationality, residency status, disability declaration.

Contact Data

Contact Data includes billing address, term-time and permanent residential address, country of residence, personal email address and telephone numbers. 

Emergency Contact Data

Emergency Contact Data about next of kin names and contact details for use if there is an emergency that has involved you.

Financial Data

Financial Data includes bank account and payment card details.

Transaction Data

Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.

Profile Data

Profile Data includes any of your usernames and passwords, enquiries made by you, purchases or orders made by you, your interests, preferences, feedback and survey responses.

We link data and if we have already collected some of your data, we will only ask you for the remaining data that is necessary to carry out the service contracted for.

How personal data is collected

We collect personal data in the following ways:

direct interactions  

you may provide personal data when you complete online forms, request products/services, subscribe to our services, create a user account, join our mailing list, use our feedback form or otherwise or correspond with us (by post, phone or email) 

automated technology

we automatically collect personal data (technical and usage) when you browse or interact with our website, by using cookies, and other similar technologies. We may also receive technical data about you if you visit other websites which use our cookies.

Special Category Data

When you make an application for a course or programme, we will ask whether you have any disabilities. You are not obliged to inform us but any information you do provide will assist us to assess how we will meet our Legal and Statutory obligation in relation to your disability. Special category data in this context refers to data that we share with our Disability Support Service.

On what grounds do we use Personal Data?

We use your Personal Data for the following purposes and on the following grounds:

To respond to your request for a call (or email), course enquiries, applications.

To enter into and manage our agreement with you and to provide services to you under the agreement.

To manage our relationship with you e.g. provision of learning material, timetable etc. 

When relying on ‘necessary for the performance of a contract’, we consider the child’s competence to understand what is agreed before obtaining parental consent.

When relying on consent, we make sure that the child understands what they are consenting to, and we do not exploit any imbalance of power in the relationship between us.

On the basis of legal obligations (for obligations such as tax, accounting, anti-money laundering, or when a court or other authority asks us to)

On the basis of our legitimate interest (for communications about security, privacy and performance improvements of our services. Or for establishing, exercising or defending our legal rights.)

Of course, before relying on any of those legitimate interests we balance them against your interests and make sure they are compelling enough and will not cause any unwarranted harm.

When do we disclose your Personal Data?

We disclose your Personal Data in response to your business enquiry or your request for information within our Company in order to provide the best service possible and within our legitimate interest.

We may share your information with organisations that help us provide the services described in this Data Protection Policy and who may process such data on our behalf and in accordance with this Data Protection Policy, to support this website and our services. For example, with our legal other professional advisors.

We may also share information with our secure payment gateway provider, and you may need to provide credit or debit card information directly to the provider in order to process payment details and authorise payment following a secure link. The information which you supply to in such cases is not within our control and is subject to the payment gateway provider’s own Privacy Notice and Terms and Conditions.

In relation to information obtained about you from your use of our website, we may share a cookie identifier and IP data with analytic and advertising network services providers to assist us in the improvement and optimisation of our website which is subject to our Cookies Policy.

We may disclose personal information in other circumstances such as when you agree to it or if the law, a Court order, a legal obligation or regulatory authority ask us to. If the purpose is the prevention of fraud or crime or if it is necessary to protect and defend our right, property or personal safety of our staff, the website and its users.

Data retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. 

Details of retention periods for different aspects of your personal data are available in our retention policy which you can request from us.  However, we are legally required to keep basic information about our customers (including contact, identity, financial and transaction data) for six years after they cease being customers, for tax purposes.

You can learn how long your information is held and when it is destroyed from our Data Retention Policy which you can request using our contact form.

Your Rights

You have the right to:

  • information about the processing of your personal data
  • obtain access to the personal data held about you
  • ask for incorrect, inaccurate or incomplete personal data to be corrected
  • request that personal data be erased when it’s no longer needed or if processing it is unlawful
  • object to the processing of your personal data for marketing purposes or on grounds relating to your particular situation
  • request the restriction of the processing of your personal data in specific cases
  • receive your personal data in a machine-readable format and send it to another controller (‘data portability’)
  • request that decisions based on automated processing concerning you or significantly affecting you and based on your personal data are made by natural persons, not only by computers. You also have the right in this case to express your point of view and to contest the decision
  • Where the processing of your personal information is based on consent, you have the right to withdraw that consent without detriment at any time through our contact form.

If you feel that your request is not satisfactorily resolved by us, you may approach your local data protection authority. The Information Commissioner`s Office (ICO) is the supervisory authority in the UK and relevant to Thrive at University.

How do we protect your Personal Data?

We protect your data using state of the art technical, and physical safeguards and operate a firm system of policies, confidentiality agreements, digital safeguards and procedures to ensure the highest level of administrative protection.

In more detail to access our database the user must be authorised, is challenged through a two-way authentication system and use an encrypted VPN. Also, the removal of Personal Data from our location is forbidden and made by using a complex encryption system very difficult. We use cutting edge antivirus and anti-malware software and up-to-date firewall protection. Moreover, authorised personnel must have a legitimate need to know interest such as being your point of contact or service your user account.

The data we collect from you may be stored, with appropriate technical and organisational security measures applied to it, on our servers in the UK. In all cases, we follow generally high data protection standards and advanced security measures to protect the personal data submitted to us, both during transmission and once we receive it.

To exercise any of your rights, or if you have any questions or complaints about our use of your Personal Data and this policy, please contact us using our contact form.

International transfers

We do not transfer your personal data outside the European Economic Area (EEA).

Changes 

This Data Protection Policy and our commitment to protecting the privacy of your personal data can result in changes to this Data Protection Policy. Please regularly review this Data Protection Policy to keep up to date with any changes.

Queries and Complaints 

Any comments or queries on this policy should be directed to us using the following contact details.

LEÏLA POWELL LTD trading as Thrive at University

Company Number 12779602

Unit 24 Wilford Business Park, Ruddington Lane, Nottingham, United Kingdom, NG11 7EP

[email protected]

If you believe that we have not complied with this policy or acted otherwise than in accordance with data protection law, then you should notify us. You can also make a referral to, or lodge a complaint with, the Information Commissioner’s Office.

Cookie Policy

What is a cookie?

Cookies are small pieces of data, stored in text files, that are stored on your computer or other device when websites are loaded in a browser. They are widely used to “remember” you and your preferences, either for a single visit (through a “session cookie”) or for multiple repeat visits (using a “persistent cookie”). They ensure a consistent and efficient experience for visitors, and perform essential functions such as allowing users to register and remain logged in. Cookies may be set by the site that you are visiting (known as “first party cookies”), or by third parties, such as those who serve content or provide advertising or analytics services on the website (“third party cookies”).

Both websites and HTML emails may also contain other tracking technologies such as “web beacons” or “pixels.” These are typically small transparent images that provide us with statistics, for similar purposes as cookies. They are often used in conjunction with cookies, though they are not stored on your computer in the same way. As a result, if you disable cookies, web beacons may still load, but their functionality will be restricted. 

Advertising technologies

Our website uses the below technologies for advertising purposes. Those are modern, advanced analysis methods and tools to understand users’ habits on our website. This information helps us improve our products and services and provide relevant services and information. In principle, we use only anonymized data that does not allow us to identify the user.

Below we describe the analysis services and technology that we use for such purposes. Additionally, we show how you can prevent these services from analysis of your use of our website.

Google Analytics

We use Google Analytics to help us understand how you engage with our site so that we can improve it. Google Analytics reports website trends without identifying individual visitors. You may install a Google Analytics Opt-Out Browser Button here. The Google Analytics Privacy Policy can be read here.

Facebook Connect

Facebook Connect is a Facebook tool that allows Facebook users to log into other websites, apps and services using their Facebook account. Thus, the other service gains access to some of the preferences of the user’s Facebook account and social connections on which it can base its own products and services. This is dependent on the user’s Facebook settings. More details are available in the privacy policy of Facebook. Facebook may use data on how users use such other services in order to recognize visitors to our website on its services, which enables it to tailor its advertisements to the interests and preferences of the user. You can opt out of this form of advertising by changing the settings at the Facebook settings page.

Google Accounts/Google Services

When you sign in, share boards, attach files and perform other actions with Google services , Google sets various cookies. Their purposes among others are to authenticate users, prevent fraudulent use of login credentials, protect user data from unauthorized parties, as well as remember your preferences and other information, such as your preferred language.      

Instagram 

Instagram provides advertising services that use cookies, mobile device IDs or hash values for email addresses in order to recognize visitors to our website on its services and provide them with advertisements tailored to their interests and preferences. These measures can be limited or deactivated by changing the settings of your Instagram account.

LinkedIn API OAuth 2.0

Cookie authentication uses HTTP cookies to authenticate client requests and maintain session information. It works as follows: The client sends a login request to the server. On the successful login, the server response includes the Set-Cookie header that contains the cookie name, value, expiry time and some other info. You can learn more about how linked In’s Authentication Cookie works at LinkedIn`s Cookie policy

Social Media Widgets

We display sharing buttons so you can use social networking to share items from our site. It also includes the recommend buttons and other interactive programs that run on our site that collect your IP address, which page you are visiting on our site, and sets a cookie to enable the widget to function properly. Your interactions with these Widgets are governed by the privacy policy of the company providing them.

How we use cookies

We use cookies for a number of different purposes. Some cookies are necessary for technical reasons; some enable a personalized experience for both visitors and registered users; and some allow the display of advertising from selected third-party networks. Some of these cookies may be set when a page is loaded, or when a visitor takes a particular action (clicking the “like” or “follow” button on a post, for example).

Types of Cookie

The table below explains the types of cookies we use on our websites and why we use them.

Category of cookies        

Why we use these cookies

Functionality

These cookies are used to store preferences set by users such as language, and location.

Security

We use these cookies to help identify and prevent potential security risks.

Performance cookies collect information on how users interact with our website, as well as other analytical data. We use these details to improve how our website functions and to understand how users interact with it.

Changes  

This Cookie Policy  and our commitment to protecting the privacy of your personal data can result in changes to this Cookie Policy. Please regularly review this Cookie Policy to keep up to date with any changes.

Queries and Complaints 

Any comments or queries on this policy should be directed to us using the following contact details.

LEILA POWELL LTD trading as Thrive at University

Company Number 12779602

Unit 24 Wilford Business Park, Ruddington Lane, Nottingham, United Kingdom, NG11 7EP

[email protected]

If you believe that we have not complied with this policy or acted otherwise than in accordance with data protection law, then you should notify us.