Privacy Policy
Newcastle and Stafford Colleges Group (NSCG) recognise that your personal privacy and the security of your personal information is extremely important. Our privacy policy explains what we do with your information and the measures we take to keep it secure. The policy also details where and how we may collect your personal information, as well as your personal rights in terms of the information we hold.
The processing of personal data is regulated by the Data Protection Act 1998, and from 25 May 2018, by the General Data Protection Regulation (GDPR).
The policy is applicable to students, prospective students, employees, prospective employees and visitors who attend one of our campuses, visit our websites and social media pages or contact NSCG by other means.
1. What information do we collect about you?
NSCG is a large and diverse College interacting with multiple stakeholders, the information we collect is relevant to your interaction with the Group, as outlined below:
1.1 When you make a general enquiry, register to attend an event, register an interest in studying at NSCG or enter a competition:
a) We collect personal contact details under GDPR Article 6b (Contracts) including email address, mobile telephone number and postal address so that we can respond to you.
b) In some cases, we collect the name of your current/previous school and your subject interests under GDPR Article 6f (Legitimate Interests) so that we can tailor advice and guidance and monitor progression from our feeder schools.
c) We collect your consent to keep in touch with you about our products and services, future events and College news (GDPR Article 7 Consent).
1.2 When you apply for a course or enrol and become a student:
a) We collect the following personal data under GDPR Article 6e (Public Task) and 6c (Legal Obligation), to allow us to meet our legal obligations with the Education & Skills Funding Agency (ESFA) and Higher Education Funding Council for England (HEFCE). This information is vital in allowing us to carry out our public task to provide education and training. We are required by ESFA to retain this data until at least 2030:
• Personal identification details about yourself including your name, date of birth, unique learner number and gender
• Personal contact details – including address, telephone number and email address
• Details of your previous qualifications, educational and employment history
• Information about your nationality and residency, and previous addresses if applicable
• Information about medical or health conditions, including details of learning disabilities or difficulties
• Details of your ethnicity
• Household information (collected only for the ESFA and is not used by the College)
• Free school meals eligibility
• Attendance marks such as sessions attended, number of absences and absence reasons
• Information to monitor and report on student discipline and progress and support your learning
• Your destination after College.
b) We collect data about criminal convictions in order to protect vital interests of others under GDPR Article 6d (Vital Interest) and also in order to carry out our duty to support those with a conviction GDPR Article 6e (Public Task).
c) We collect parent/carer/emergency contacts under GDPR Article 6e (Public Task) and Article 6d (Vital Interests) in order to support your education and learning as fully as possible. For those over age 18 at the start of the academic year, the information is optional.
d) We collect your bank details if you need to pay for your course or you are in receipt of a bursary under GDPR Article 6b (Contracts). If you pay for a course online, your card information is not held by us. It is collected by our third party payment processors who specialise in the secure online capture and processing of credit/debit card transactions.
e) We collect the name of your last school under GDPR Article 6f (Legitimate Interests) to track progression from feeder schools.
f) We collect your consent to keep in touch with you about our products and services, future events and College news, and to take photography and record audio and video content to showcase the College to prospective students and the community (GDPR Article 7 Consent).
g) On enrolment, we take your photograph to display on your College ID card under GDPR Article 6f (Legitimate Interests). We do this as a safeguarding measure and to provide you access to our facilities.
1.3 When you apply for a job with NSCG:
a) We collect personal information in connection with your application for work with us. For full details of how we will collect, store, and use your personal information please see our HR Privacy Notice for candidates here.
1.4 When you visit our website
a) Our website uses cookies in order to improve your user experience by enabling our website to ‘remember’ you, either for the duration of your visit or for repeat visits. Cookies allow the collection of standard internet log information and visitor behaviour information such as the areas of the website you click on and how long you spend on each page. We collect this information under GDPR Article 6f (Legitimate Interests) to personalise your online experience, track visitor usage and compile statistical analysis on website activity.
1.5 If you visit/attend one of our campuses
a) We may capture your image on our CCTV systems under GDPR Article 6f (Legitimate Interests) to ensure the safeguarding of our students, staff and visitors, and for the protection of our buildings, estate and assets (see our CCTV Policy).
b) If you are a visitor, we will also collect your name, company (if applicable) and car registration number when you arrive on site, under GDPR Article 6f (Legitimate interests), to ensure the safeguarding of our students, staff and visitors and for the protection of our buildings, estate and assets.
c) We monitor your internet browsing under GDPR Article 6f (Legitimate Interests) to ensure the safety of our students.
2. How will we use the information we collect?
We collect and process your personal data to:
• Meet our statutory obligations as a further education college
• Process application or enrolment forms you’ve submitted for a course or apprenticeship programme
• Help answer your questions and solve any issues you have and reply to any enquiries you have made with us about our courses, products, facilities and services
• Effectively manage your learning, including monitoring and reporting on your progress and attendance, providing pastoral care, registering with awarding bodies, and administering learning loans
• Administer attendance in relation to any events you have booked on to or competitions you’ve entered into
• Send you communications which you have requested and that may be of interest in relation to courses and services, along with general news and events
• Seek your views, comments and feedback on our courses, services and events and notify you of changes
• Improve our website by monitoring how you use it, personalising your experience, including remarketing activities
• Conduct market research, examining trends, or assisting us in the development of courses, events and experience
• For statistical analysis
• Ensure the safety of our students, staff and visitors, and the protection of our buildings and assets
• Process application forms you’ve submitted for a job vacancy.
We aim to be completely transparent about the data we collect, how we use your data and meeting our data protection obligations. NSCG has to collect and process data to provide you with high standards of service and to meet its legal obligations from government organisations such as the DfE and HEFCE. Data regarding employment status and benefits is required to assess your eligibility for fee discounts, support or access to student bursaries.
Where we processes other special categories of personal data, such as information about age, gender, ethnic origin, disability or health, this is done for the purposes of equal opportunities monitoring and to monitor our service provision to improve our services to specific groups. We also use the data to ensure that we provide each student with a tailored so we can personalise the provision to each student to provide them with the best possible opportunities to succeed.
We know that you’re trusting us with your information, so we will not sell, licence or trade or share your information for marketing purposes with companies outside NSCG.
3. How do we collect information from you?
Most of the information we collect is provided by you via online forms on our websites, application forms, enrolment forms, over the telephone or face-to-face. However some information such as previous qualifications, or special needs, may be collected from other organisations such as the DfE, the Local Education Authority, or your previous school.
4. What if I do not provide the personal information you require?
If you choose not provide the data required to meet legal obligations, we will not be able to enrol you as a student. If you do not provide the other information we request, for example whether you have a learning difficulty or disability, it may result in us being unable to provide tailored advice/support plan, and our usually high standards of service.
5. Where do we store your personal information?
Your personal information is stored securely in a range of different places, including student information and recruitment management systems, on electronic documents within a secure network and on paper, stored in secure places and with restricted access by only those authorised. Data files containing your personal information may be backed up onto tape, flash or hard disk media for archive and disaster recovery purposes. See section 9 for retention periods.
6. Who has access to your personal information?
Your information may be shared within NSCG, including with any NSCG staff who need the data to provide services to students. This will include special categories of data, where appropriate.
The College will only share your data with third parties where there is a legal obligation to do so, including ESFA, HEFCE, Learner Records Service (LRS), examination bodies, Student Loans Company (SLC) and local authorities.
6.1 ESFA Data Sharing Agreement
This privacy notice is issued by the Education and Skills Funding Agency (ESFA), on behalf of the Secretary of State for the Department of Education (DfE). It is to inform students how their personal information will be used by the DfE, the ESFA (an executive agency of the DfE) and any successor bodies to these organisations. For the purposes of relevant data protection legislation, the DfE is the data controller for personal data processed by the ESFA.
Your personal information is used by the DfE to exercise its functions and to meet its statutory responsibilities, including under the Apprenticeships, Skills, Children & Learning Act 2009 and to create and maintain a unique learner number (ULN) and a personal learning record (PLR). Your information will be securely destroyed after it is no longer required for these purposes.
Your information may be shared with third parties for education, training, employment and well-being related purposes, including for research. This will only take place where the law allows it and the sharing is in compliance with data protection legislation.
The English European Social Fund (ESF) Managing Authority (or agents acting on its behalf) may contact you in order for them to carry out research and evaluation to inform the effectiveness of training.
Further information about use of and access to your personal data, and details of organisations with whom we regularly share data, are available at: www.gov.uk/government/publications/esfa-privacy-notice
6.2 LRS Data Sharing Agreement
The information you supply will be used by the Skills Funding Agency, an executive agency of the Department for Education (DfE), to issue you with a Unique Learner Number (ULN), and to create your Personal Learning Record. For more information about how your information is processed and shared refer to the Extended Privacy Notice available on gov.uk
Where NSCG engages non-statutory third parties to process personal data on its behalf, we require them to do so on the basis of written instructions, are under a duty of confidentiality and they are obliged to implement appropriate technical and organisational measures to ensure the security of data.
7. International transfers of your personal data
From time to time we may transfer your personal information to our service providers based outside of the EEA for the purposes described in this Privacy Policy. If we do this your personal information will continue to be subject to one or more appropriate safeguards set out in the law. These might be the use of model contracts in a form approved by regulators, or having our suppliers sign up to an independent privacy scheme approved by regulators such as the USA Privacy Shield scheme.
8. How do we protect your personal information?
NSCG takes the security of your personal information very seriously. We have policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by its employees in the performance of their duties. Our Data Protection Policy is available to view here.
9. How long do we keep hold of your information?
We review our retention periods for personal information on a regular basis.
We are legally required to hold some types of information to fulfil our statutory obligations, for example all personal data collected and processed on behalf of the ESFA or HEFCE is held for as long as we are legally required to do so, currently until at least 2030.
Other data will be held as long as is necessary to fulfil our duty as a college and/or to undertake relevant activity. Our Data Retention Policy is available to view here.
10. Keeping you informed
From time to time, we would like to tell you about our products and services, events and College news we think you might be interested in. We will do this by post and, where you have consented to us doing so, we may also do this by email, text message or telephone. We will not send you marketing messages if you tell us not to.
As a student, and where you have consented to us doing so, we may also take photographs, audio and video of your time here to showcase the College to prospective students and the community.
You can unsubscribe from receiving marketing communications at any time by clicking unsubscribe or contacting the College Data Protection Officer.
11. Websites and social media
Our websites contain links to other websites. This Privacy Statement only applies to this website so when you link to other websites you should read their own privacy statements.
When using one of our websites, you may be able to share information through social networks like Facebook and Twitter. For example when you ‘like’ or ‘share’ a new story. When doing this your personal information may be visible to the providers of those social networks, their other users and/or NSCG. Please remember it is your responsibility to set appropriate privacy settings on your social network accounts so you are comfortable with how your information is used and shared on them.
You can engage with us on social media through one of our official social media pages. To participate in these you will need to like our page and can opt-out at any time.
12. Your rights
You have the right to:
• Access and obtain a copy of your data on request, sometimes referred to as a “subject access request”
• Require the organisation to change incorrect or incomplete data;
• Require the organisation to delete or stop processing your data, for example where the data is no longer necessary for the stated purposes of processing
• Object to the processing of your data where the organisation is relying on its legitimate interests as the legal ground for processing. The college will only use “legitimate interests” as grounds for processing in a very few situations.
If you would like to exercise any of these rights, please contact us as set out below.
13. Contact us
Any requests for access to, or queries or concerns about information held about you by NSCG should be made in writing to:
Data Protection Office & Clerk to the Corporation,
Newcastle & Stafford Colleges Group,
Knutton Lane, Newcastle-under-Lyme,
Staffordshire,
ST5 2GB
Email: dpo@nscg.ac.uk
Cookies are little files of data that are stored on your computer or handheld device, used by websites in order to improve your user experience by enabling that website to ‘remember’ you, either for the duration of your visit (using a ‘session cookie’) or for repeat visits (using a ‘persistent cookie’).
Each cookie is unique to your web browser. It will contain some anonymous information such as a unique identifier and the site name and some digits and numbers. It allows a website to remember things like your preferences or what’s in your shopping basket.
This website does not store any information that would, on its own, allow us to identify individual users of this service without their permission. Any cookies that may be used by this website are used either solely on a per session basis or to maintain user preferences.
These are the cookies this website uses, what information they store, and what they are used for. We endeavour to make this information as complete and accurate as possible:
Cookie Name | Duration | Type |
exp_last_activity | 1 year | site session tracking |
_gat | 1 day | Google Analytics |
_gid | 1 day | Google Analytics |
exp_csrf_token | end of session | site session tracking |
exp_tracker | end of session | site session tracking |
exp_last_visit | 1 year | site session tracking |
PHPSESSID | end of session | site session tracking |
_ga | 2 years | Google Analytics |
__atuvc | 6 months | AddThis social sharing widget |
Cookies are not shared with any third parties.
If you prefer, it is possible to block some or all cookies, or even to delete cookies that have already been set; but you need to be aware that you might lose some functions of the website. You can block cookies by going into your browsers control panel/preferences.
This site uses Google Analytics to monitor traffic levels, search queries and the number of visits. The Google Analytics JavaScript libraries use HTTP Cookies to track what a user has done on previous pages and any interactions with the website. These cookies enable Google to determine whether you are a return visitor to the site, and to track the pages that you visit during your session.
You can opt-out of sending information to Google Analytics by installing the Google Analytics opt-out browser add-on.