Back

Document Control

  • Document Title: Privacy Policy
  • Version: 1.0
  • Date: December 25, 2024
  • Organization: Oxford Mayfair College

1. Introduction

This Privacy Policy outlines how Oxford Mayfair College collects, uses, maintains, and discloses information collected from users, including students, staff, alumni, and visitors. Our commitment to privacy protection ensures compliance with relevant data protection regulations while maintaining the trust of our educational community.

2. Types of Personal Information Collected

Oxford Mayfair College collects various categories of personal information necessary for educational and administrative purposes:

2.1. Basic Personal Information

  • Full name and title
  • Date of birth and gender
  • National identification numbers
  • Contact information including postal address, email address, and telephone numbers
  • Emergency contact details
  • Photographs for identification purposes

2.2. Educational Information

  • Academic records and transcripts
  • Attendance records
  • Assessment results and feedback
  • Course enrollment details
  • Special educational needs documentation
  • Previous educational records

2.3. Financial Information

  • Bank account details for payment processing
  • Scholarship and funding information
  • Transaction records
  • Financial aid documentation

2.4. Technical Information

  • IP addresses
  • Browser type and version
  • Device information
  • Operating system details
  • Access timestamps
  • Location data when accessing online services

3. Information Collection Methods

3.1. Direct Collection

  • Application and enrollment forms
  • Registration documents
  • Financial aid applications
  • Course registration systems
  • Direct communication with staff

3.2. Automated Collection

  • Website cookies and tracking technologies
  • Learning management systems
  • Campus access systems
  • Library management systems
  • Online payment platforms

3.3. Third-Party Sources

  • Previous educational institutions
  • Government agencies
  • Reference providers
  • Partner institutions
  • Accreditation bodies

4. Use of Personal Information

4.1. Educational Purposes

  • Course administration and delivery
  • Academic assessment and progression
  • Student support services
  • Library and resource access
  • Career guidance and placement

4.2. Administrative Purposes

  • Enrollment management
  • Financial administration
  • Campus security
  • Health and safety compliance
  • Quality assurance processes

4.3. Communication Purposes

  • Course-related notifications
  • Administrative announcements
  • Marketing communications (with consent)
  • Alumni relations
  • Event invitations

5. Information Sharing and Disclosure

5.1. Internal Sharing

  • Academic departments
  • Administrative offices
  • Student support services
  • IT services
  • Security services

5.2. External Sharing

  • Government agencies (as required by law)
  • Accreditation bodies
  • Partner institutions
  • Third-party service providers
  • Research partners (anonymized data only)

5.3. International Transfers

  • Data protection standards for international transfers
  • Safeguards and security measures
  • Compliance with international data protection laws
  • Transfer impact assessments
  • Data processing agreements

6. Data Protection Measures

6.1. Technical Security

  • Encryption of sensitive data
  • Secure servers and networks
  • Firewall protection
  • Access control systems
  • Regular security updates

6.2. Organizational Security

  • Staff training and awareness
  • Access authorization protocols
  • Data handling procedures
  • Incident response plans
  • Regular security audits

6.3. Physical Security

  • Secure storage facilities
  • Access-controlled areas
  • CCTV monitoring
  • Document disposal procedures
  • Equipment security

7. Cookies and Tracking Technologies

7.1. Essential Cookies

  • Session management
  • Security features
  • User authentication
  • System preferences
  • Performance monitoring

7.2. Analytics Cookies

  • Usage patterns
  • User behavior analysis
  • Service improvement metrics
  • Performance monitoring
  • Error tracking

7.3. Marketing Cookies (Optional)

  • Preference tracking
  • Targeted communications
  • Campaign effectiveness
  • User engagement analysis
  • Content personalization

8. User Rights and Controls

8.1. Access Rights

  • Right to request personal data copies
  • Right to verify data accuracy
  • Right to know data processing purposes
  • Right to know data recipients
  • Right to know retention periods

8.2. Control Rights

  • Right to correct inaccurate data
  • Right to delete personal data
  • Right to restrict processing
  • Right to data portability
  • Right to withdraw consent

8.3. Exercise of Rights

  • Request procedures
  • Response timeframes
  • Verification requirements
  • Appeal processes
  • Complaint mechanisms

9. Data Retention and Disposal

9.1. Retention Periods

  • Student records (permanent)
  • Financial records (7 years)
  • Employment records (6 years after employment)
  • Application records (2 years)
  • Security recordings (30 days)

9.2. Disposal Methods

  • Secure digital deletion
  • Physical document shredding
  • Media destruction
  • Third-party disposal certification
  • Disposal documentation

10. Children’s Privacy Protection

10.1. Special Protections

  • Age verification procedures
  • Parental consent requirements
  • Limited data collection
  • Enhanced security measures
  • Restricted communications

10.2. Parental Rights

  • Access to child’s data
  • Modification rights
  • Deletion rights
  • Consent management
  • Communication preferences

11. Policy Updates and Communications

11.1. Update Procedures

  • Regular policy reviews
  • Stakeholder consultation
  • Legal compliance checks
  • Implementation planning
  • Communication strategy

11.2. Notification Methods

  • Email notifications
  • Website announcements
  • Student portal updates
  • Staff briefings
  • Direct communications

12. Contact Information and Support

12.1. Data Protection Officer Name: Yeanne Liem
Email: [email protected]
Phone: +44 (0)78 9703 6500
Office: Unit 279 182-184 High Street North, LONDON

12.2. Support Channels

  • Online help desk
  • Privacy support email
  • Telephone helpline
  • In-person assistance
  • Emergency contact numbers

13. Legal Framework and Compliance

13.1. Governing Law

  • UK Data Protection Act 2018
  • General Data Protection Regulation (GDPR)
  • Privacy and Electronic Communications Regulations
  • Education sector regulations
  • International data protection laws

13.2. Regulatory Oversight

  • Information Commissioner’s Office (ICO)
  • Educational regulatory bodies
  • Professional accreditation bodies
  • International oversight authorities
  • Industry standards organizations

Document History

Version 1.0 – Initial Release
Approved by: Board of Directors
Date: December 25, 2024