Academic Summer Ltd is a company incorporated in England and Wales under the company registration number 6729028. The registered office of Academic Summer is: 20 Rossiter Close, Bathpool, Taunton, TA2 8FN.
Our Privacy Notice covers all students, parents, staff and visitors to our website as well as enquiries received by email, telephone, live-chat and social media.
This notice explains your rights and how Academic Summer as the Data Controller collects, uses, protects and shares your personal data. You are encouraged to read this notice and to understand how we look after your personal data and the information you give us.
Anyone who works for Academic Summer are made aware of and must comply with our data protection policy to ensure we protect the data of our customers.
Why Academic Summer needs to process personal data
We need to process personal data about our students and their parents, our staff and other individuals connected to Academic Summer as part of our everyday operations. We process personal data in accordance with the Data Protection Act 1998 and the General Data Protection Regulations (GDPR).
Our data processing will be carried out as part of our legitimate business interests and to fulfil our legal duties and contractual obligations as an educational summer school provider.
What personal data is collected by Academic Summer?
We collect personal data relating to our students and their parents to provide them with an Academic Summer course. This includes the following:
• name and contact details such as address, email and telephone numbers
• date and country of birth
• photo of the student for our access cards and identification purposes during the courses
• passport or ID copies
• visa details as appropriate
• medical, dietary and special needs information
• emergency contact details
• parents’ contact details
• welfare concerns and behaviour information
• reports that are compiled by teachers
• flight details to provide transfers
• photographs and videos containing the student’s image but not revealing their identity
For our staff, we collect and process Information required for their employment with us. This may include the following:
• name and contact details
• date of birth
• emergency contact details
• photo for our access cards and CMS
• references from previous employers
• copies of qualifications
• bank details and National Insurance number
• passport copy / ID document
• DBS check
• health and dietary information
• photographs and videos that contain your image that are taken during the course
Staff should see our staff handbook that can be found on the staff area for more information.
Our host schools use CCTV cameras in various locations around the school/campus to ensure maximum security. All host centres must adhere to the ICO’s code of practice for the use of CCTV.
How we collect information from you
We normally receive information directly from you the individual on your application forms (in the case of students the information is received from their parents). This information comes through our website and contact with you by phone, email, live-chat, Skype, WhatsApp or social media.
Sometimes this information comes via an educational consultant that has been appointed by parents. We have a contract in place with our educational partners who send us students.
We collect and process the data through the following:
• Our website www.academicsummer.co.uk and supporting domains such as https://studies.academicsummer.co.uk/. Applications are normally made through our website so personal data is collected through this. All our data transmissions over the Internet are secured with data encryption and user areas are password protected.
• E-Newsletter. We use Mailigen to deliver our newsletters. The newsletter give essential information and news about the courses.
• Emails: We use Office 365 and we have policies in place to increase security of how we manage emails. We do not send attachments to you but we provide links to a SharePoint document or you can download important documents from our user area on the website.
How we use your personal information and our legal basis for this
The main use of the personal data we collect is to support the learning of our students during their time at Academic Summer, as well as looking after their wellbeing and safeguarding them. We ensure that the processing of your personal data is ‘necessary’.
We process your data to fulfil our contractual obligations with you in the delivery of our summer programme. This includes:
• answering enquiries and questions received about our summer courses.
• registering and processing student applications and for general administration including invoicing, offer letters, pre-arrival information and student reports.
• providing an academic summer course, including lessons, airport transfers, sports and the leisure programme.
• facilitating the efficient operation of Academic Summer.
• providing welfare and boarding for our students ensuring students are looked after safely and we meet all their needs. This includes the implementation of our rules and policies for students and staff
• dealing with any feedback or concerns that you have
• administration relating to staff recruitment and employment including processing DBS checks and the administration of payroll.
To comply with our legal obligations, we may use your personal data to:
• meet our compliance and regulatory obligations such as safeguarding and protecting students.
• assist with investigations by the police and other authorities.
We may also process your data:
• when it is necessary for medical or safety reasons
• to protect your vital interests, for example, if you are unconscious and you need emergency medical treatment
• where we have a legitimate business interest such as promoting our programmes on our website, social media and sending out regular newsletters to our students, educational consultants, staff and alumni.
• sharing photos and news from our courses so parents are receiving information about their child’s course.
Some of the personal data could be ‘sensitive personal data’ and could include information about race, religious beliefs and physical or mental health concerns. This type of data requires extra protection and will only accessed by individuals who need to know this information to provide the necessary support of the student.
Who we share your personal data with.
We may need to share your data with a third party and this could include to local authorities such as the Police, UK Border and HM Revenue and Customs. We do this because it is required by law or for contractual and legitimate interests, but if we need specific consent then we will tell you by email.
We share your information with those that are looking after our students, however, we only share with people as necessary to look after and keep them safe. These include:
• our boarding and leisure programme leaders
• our teachers
• our host schools as necessary (eg: catering department with dietary needs and the IT department for logins to their systems)
• our school nurse and / or a doctor if students are ill
• leisure programme providers if this is required for safety reasons for their risk assessments
• disclosures to the necessary authorities relating to safeguarding
• Endsleigh Insurance company as they provide the insurance for our students.
If you booked your child’s course through an educational consultant, then we communicate with them unless you request that we do not.
For staff, we share your data as necessary with:
• Atlantic Data to process staff DBS checks
• payroll manager (Shirley Webber) to process your PAYE
• our host schools as required to use the facilities within the school and issue you with IT login and access cards. Our host school monitors IT use and requires details of your DBS.