Macclesfield College is committed to protecting your personal data and respecting your privacy. This Privacy Statement outlines how we collect, use, store, and share your personal information in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Macclesfield College is a further education institution based in the United Kingdom. Our address is:
Macclesfield College, Park Lane, Macclesfield, Cheshire, SK11 8LF. We are registered with the Information Commissioner’s Office (ICO) under registration number: Z6341263.
Under the UK GDPR, you have the following rights:
To exercise these rights, please contact our Data Protection Officer.
Based on our lawful basis for processing (see below) your data rights will change.
We process personal data under one or more of the following legal bases:
We may collect and process the following types of personal data:
Data we collect | Purpose for processing | Lawful basis and
|
Personal identifiers (e.g. name, address, date of birth, NI number) Education records (e.g. prior qualifications, grades, references, certificates) Employment records (e.g. work hours, references, employment status, wage slips) Equality, Diversity and Inclusion information (e.g. gender, preferred pronoun, ethnicity, nationality. Personal Characteristics (e.g. gender, age, ethnicity, first language, nationality, country of birth and free school meal eligibility) Learning difficulties or disabilities (e.g. medical conditions) | Fulfil our legal obligations to share information with the DfE and ESFA and other government agencies. Fulfil our public task of providing students and employers with the most appropriate learning opportunities and the best possible education, training and pastoral support to meet their goals. Obligation to monitor and improve the way we work. Process details of medical conditions if they are needed to protect the vital interests of yourself or other learners. | Legal obligation
The following data rights will not apply: · Right to erasure · Right to data portability · Right to object
|
Contact details (e.g. address, phone numbers, emails) | Fulfil our legal obligations to share with the DfE and other agencies. | Legal obligation
The following data rights will not apply: · Right to erasure · Right to data portability · Right to object |
Contact details (e.g. address, phone numbers, emails)
Learner Identifiers (e.g. Student ID, ULN) | If you consent, we will use your name, home address and student number to register you to vote in elections based on where you live. | Consent
The following data rights will not apply: · Right to object (but you do have the right to withdraw consent)
|
Contact details – address, phone numbers, emails. | Communicate with our students, parents/carers and employers. Administer the enquiry, application and enrolment process. Contact you with information about open days and other information which will be directly related to your enquiry, application or enrolment. | Public task
The following data rights will not apply: · Right to erasure · Right to data portability
|
Contact details – address, phone numbers, emails. | Marketing purposes to promote course provision, events, research or surveys. | Consent
The following data rights will not apply: · Right to object (but you do have the right to withdraw consent)
|
Attendance information (e.g. sessions attended, absences, reasons for absence) Progress information (e.g. assessment details, grades, tutor meetings, learning and behavioural targets) | Providing students and employers with the most appropriate learning opportunities and the best possible education, training and pastoral support to meet their goals. Obligations to monitor and improve the way we work. | Public task
The following data rights will not apply: · Right to erasure · Right to data portability
|
Applicant details (e.g. employment references, details of applications for jobs, courses studied at other educational institutions)
Interview Records (e.g. notes of interviews, any advice and guidance given and offers made, and your responses to offers) | Administration of the enquiry and application process to enable us to provide the best possible advice and guidance to a potential student. | Public task
The following data rights will not apply: · Right to erasure · Right to data portability
|
Website functional data (e.g. functional cookies) | Required to ensure the website works as intended for the visitor. | Legitimate interest
The following data rights will not apply: · Right to data portability
|
Website visitor tracking data (e.g. tracking cookies) | Additional cookies to track user journeys to inform marketing and website development. | Consent
The following data rights will not apply: · Right to object (but you do have the right to withdraw consent)
|
Criminal convictions (e.g. DBS checks and proof of ID) which are relevant to safeguarding or the safety of others.
| Necessary to ensure the safety of our staff and students. | Legal obligation
The following data rights will not apply: · Right to erasure · Right to data portability · Right to object
|
Contact details of parents / carers (e.g. address, phone numbers, emails) | Contact details to be used in emergencies. Share data with parents, including details of interviews and open days, and offers made. Provide activation details for ParentPortal (for progress, attendance and exam result information). Provide activation to ParentPay platform (to pay for trips, equipment, course costs, etc). | Public Task
The following data rights will not apply: · Right to erasure · Right to data portability
|
Contact details of parents / carers (e.g. address, phone numbers, emails) | Contact you with information about open days and other information which will be directly related to the student’s enquiry, application or enrolment. | Legitimate interest
The following data rights will not apply: · Right to data portability
|
Contact details of emergency contacts (e.g. address, phone numbers, emails) | Contact details of a parent / carer to be used in emergencies. | Public Task
The following data rights will not apply: · Right to erasure · Right to data portability
|
Household information (e.g. including number in household, income and benefits claimed, and bank account details) | Collect and share this information with the government or its agencies, or when it is required to assess eligibility for fee remission or bursaries. Administer financial support applications fairly and to collect and retain evidence to support our decisions, and to administer payments. | Legal obligation
The following data rights will not apply: · Right to erasure · Right to data portability · Right to object
|
CCTV and identity information (ID card door access logs, photos, images and videos)
Vehicle data (e.g. Driver name, registered keeper, make, model, and colour)
| Used to maintain security and to assist staff in carrying out their tasks. Used to inform the car park monitoring company of authorised/unauthorised vehicles in the college car park. For the purpose of identifying and protecting our learners, staff, employers, visitors and premises. | Public task
The following data rights will not apply: · Right to erasure · Right to data portability
|
Photos, images and videos | Photos or videos taken for marketing or education purposes will not be published without consent | Consent
The following data rights will not apply: · Right to object (but you do have the right to withdraw consent)
|
Employer data (e.g. employee names, roles and contact details) | Carry out the apprentice or work placement contracts. Pay employers or subcontractors based on performance of contract. | Contract
The following data rights will not apply: · Right to object
|
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
We use your data to:
We only ask for as much information as needed to fulfil your enquiry, application, enrolment or financial support, transport or Additional Learning Support application and meet our legal obligations.
We only share personal data where necessary and in accordance with the law. Data may be shared with:
We never sell your personal data to third parties.
We will not transfer your data outside of the European Economic Area.
* In emergency situations where the College deems it to be in your (or a third parties) vital interest, the college may share your personal data, including sensitive personal data with relevant individuals or agencies, e.g. law enforcement or health professionals.
The information you supply is used by the Learning Records Service (LRS). The LRS issues Unique Learner Numbers (ULN) and creates Personal Learning records across England, Wales and Northern Ireland, and is operated by the Education and Skills Funding Agency, an executive agency of the Department for Education (DfE).For more information about how your information is processed, and to access your Personal Learning Record, please refer to:
www.gov.uk/government/publications/lrs-privacy-notices
This privacy notice is issued by the Education and Skills Funding Agency (ESFA) on behalf of the Secretary of State for the Department of Education (DfE) to inform learners about the Individualised Learner Record (ILR) and how their personal information is used in the ILR. Your personal information is used by the DfE to exercise our functions under article 6(1)(e) of the UK GDPR and to meet our statutory responsibilities, including under the Apprenticeships, Skills, Children and Learning Act 2009. Our lawful basis for using your special category personal data is covered under Substantial Public Interest based in law (Article 9(2)(g)) of GDPR legislation. This processing is under Section 54 of the Further and Higher Education Act (1992).
The ILR collects data about learners and learning undertaken. Publicly funded colleges, training organisations, local authorities, and employers (FE providers) must collect and return the data to the ESFA each year under the terms of a funding agreement, contract or grant agreement. It helps ensure that public money distributed through the ESFA is being spent in line with government targets. It is also used for education, training, employment, and well-being purposes, including research.
We retain your ILR learner data for 20 years for operational purposes (e.g. to fund your learning and to publish official statistics). Your personal data is then retained in our research databases until you are aged 80 years so that it can be used for long-term research purposes. For more information about the ILR and the data collected, please see the ILR specification at:
www.gov.uk/government/collections/individualised-learner-record-ilr
ILR data is shared with third parties where it complies with DfE data sharing procedures and where the law allows it. The DfE and the English European Social Fund (ESF) Managing Authority (or agents acting on their behalf) may contact learners to carry out research and evaluation to inform the effectiveness of training.
For more information about how your personal data is used and your individual rights, please see the DfE Personal Information Charter (www.gov.uk/government/organisations/department-for-education/about/personal-information-charter) and the DfE Privacy Notice (www.gov.uk/government/publications/privacy-notice-for-key-stage-5-and-adult-education).
If you would like to get in touch with us or request a copy of the personal information DfE holds about you, you can contact the DfE in the following ways: Using the online contact form; By telephoning the DfE Helpline on 0370 000 2288; Or in writing to: Data Protection Officer, Department for Education (B2.28), 7 & 8 Wellington Place, Wellington Street, Leeds, LS1 4AW.
We are restricted in which data we can share with parents / carers about students due to data protection laws.
While parents of students under the age of 18 have rights to access educational records, these rights are not absolute and are often balanced against the student's right to privacy and their family circumstances. Once a student turns 18, or becomes otherwise independent, they generally have the right to control access to their own data.
Consent to sharing student information with parents, regarding academic progress, attendance, or conduct is captured during the application and enrolment process.
Parents can make a Subject Access Request (SAR) to access information about their child, but the response may differ depending on the student's age and whether the information is considered part of the ‘educational record’ of that student. Information deemed outside the scope of the education record will require additional consent from the student.
In cases of suspected safeguarding concerns, colleges may share information with parents without the student's consent, but this is usually done in accordance with established safeguarding procedures. Likewise, student information may not be provided to parents / carers whilst a safeguarding investigation is ongoing.
Once a student reaches the age of majority (usually 18), they generally have the right to control access to their own data and can instruct the college not to share information with their parents.
We retain personal data only for as long as necessary to meet our legal, operational, and educational requirements. Retention periods are based on statutory guidance and our college Data Retention policy.
The College as a corporate body is the Data Controller under the Data Protection Act, and the Board of Governors is therefore ultimately responsible for implementation.
Our Data Protection Officer (DPO) assists the College in monitoring internal compliance, informing and advising on our data protection obligations, provides advice regarding Data Protection Impact Assessments (DPIAs) and acts as a contact point for Data Subjects and the Information Commissioner.
The designated member of staff who ensures compliance with the Data Protection Act is the Head of IT.
This section applies to anyone accessing our college website.
A cookie is a small file, typically of letters and numbers, downloaded on to your device (e.g. your PC) when you access the College website. Cookies allow the website to recognise your device and so distinguish between the different users that access the site.
Session cookies will remember your selections as you browse the site. These cookies are for the browsing session and not stored long term. No personal information is collected by these cookies.
Google Analytics cookies help us to make the website better for you by providing us with user statistics, for example: which pages are the most visited; how a user navigates the site. No personal information is collected by these cookies.
You may delete or control the use of cookies through your browser settings.
To find out more about cookies and what cookies might be stored on your device, visit www.aboutcookies.org or www.allaboutcookies.org
During the course of your study you may be asked to use third-party websites or services or access linked/embedded content (e.g. YouTube) which may collect personal data about you. We encourage you to read their website’s own privacy statement as this will explain how they use your data.
Usage of the college equipment and computers and the websites you browse inside college are monitored and filtered. We have a legal obligation to protect our students and to ensure our network is secure and used for its intended purpose of supporting learning and teaching.
If you want to browse the internet privately while in college, you will need to use your own device and personal data connection (e.g. mobile data), which are not linked to the college’s network.
We understand that our students have a right to a certain degree of privacy at college and we aim to strike a balance between our legal obligations, duties and our students’ expectations of privacy. The monitoring and filtering process aims to be fair and reasonable.
Users found abusing the rules will be removed from the college IT network immediately and will be subject to the College’s formal disciplinary procedures.
If you have any questions about this privacy statement or your personal data, please contact our Data Protection Officer:
Data Protection Officer
Macclesfield College, Park Lane, Macclesfield, Cheshire, SK11 8LF
Email: dpo@macclesfield.ac.uk
You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you are not satisfied with how your data has been handled: https://ico.org.uk
If you haven’t found the right course for you, then tell us about the course that you are looking for.
