This Privacy Notice is dated 2nd October 2020.
The QA group of companies (“QA”, “we”, “our” or “us”) are committed to ensuring that your privacy is protected. This Privacy Notice describes how we use the personal information that we collect from you, or that you provide, when you:
QA may act as a Data Controller or a Data Processor within our relationship depending on the nature of services that we are providing to you.
We collect personal information from you:
Some of the personal information that you provide may include sensitive personal information, such as health-related information to ensure that we can provide the necessary duty of care or information about your race or ethnicity, which we need for statutory registration/reporting purposes. Health information may also be required to process reasonable adjustments within examinations.
When you visit our Websites, we may collect certain information automatically from your device. The information we collect automatically may include information like your IP address, device type, unique device identification numbers, browser-type, broad geographic location (e.g. country or city-level location) and other technical information. We may also collect information about how your device has interacted with our Website, including the pages accessed and links clicked.
Collecting this information enables us to better understand the visitors who come to our Website, where they come from, and what content on our Website is of interest to them. We use this information for our internal analytics purposes and to improve the quality and relevance of our Website to our visitors.
Some of this information may be collected using cookies and similar tracking technology, as explained further under the heading ‘Cookies’, below.
We may receive personal information about you from third party sources (such as your employer if they enrol you on a course), or agencies if you apply for study or employment, but only where we believe that these third parties either have your consent or are otherwise legally permitted or required to disclose your personal information to us. We collect only the minimum amount of information required from these third parties to enable us to provide the requested service or process any application you send to us (for example, your educational or employment history). We only use the information we receive from these third parties as set out in this Privacy Notice.
The information that we collect and store relating to you is primarily used to enable us to provide our Services to you. In addition, we may use the information for the following purposes:
We may also monitor or record telephone calls for training, customer service and quality assurance purposes, and to detect or prevent crime. These recordings will be retained for a maximum of 30 days.
In general, we will use any of the information we collect from you only for the purposes described in this Privacy Notice or for purposes that we explain to you at the time we collect such information. However, we may also use your personal information for other purposes that are not incompatible with the purposes we have disclosed to you (such as statistical purposes) if and where this is permitted by applicable data protection laws.
If you do not want us to use your data for any marketing purposes, you will have the opportunity to withhold your consent to this when you provide your details to us.
Consent can be varied online via our consent portal at cp.qa.com.
The personal information you provided to us is stored within secure servers. We use appropriate technical and organisational measures to protect the personal information that we collect and process about you. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal information.
All QA email addresses support TLS email encryption, so it is advised that if you are concerned about the contents of any email to use this encryption.
Where we have given you (or where you have chosen) a password so that you can access certain parts of our sites and portals, you are responsible for keeping these passwords confidential.
Please note that the transmission of information via the internet (including email) is not completely secure and therefore, although we endeavour to protect the personal information you provide to us, we cannot guarantee the security of data sent to us electronically and the transmission of such data is therefore entirely at your own risk. We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements).
When we have no ongoing legitimate business or statutory need to process your personal information, we will either delete or anonymise it.
We will store your data for a period of 24 months, at which point it will be deleted from our enquiry system. If your record is updated by our team, we class this as your enquiry still being active and we will then restart the 24-month countdown until deletion.
If however, you would like your record deleted before this allotted time please send an email to firstname.lastname@example.org and we will be more than happy to remove your data.
We may disclose your personal information to any company within our corporate group. This includes, where applicable, our subsidiaries, our holding company and its subsidiaries. This will only be done where lawful bases exists.
We will also disclose, where required, your personal information with:
Where you are a customer or prospective customer, we may disclose your data to third parties for our marketing purposes so that we can identify products and services we think you will be interested in. Personal data used in this way may include contact details such as name, address, phone number, and email address. When sharing with third party marketing organisations, your data may be processed in countries inside or outside of the European Economic Area (EEA).
You might find links to third party websites on our Websites or within documentation we provide.
If you access other websites using the links provided, the operators of these sites may collect information from you which will be used by them in accordance with their own Privacy Notices which you should review.
We do not accept any responsibility or liability for their policies whatsoever as we have no control over them.
The Website may offer you the opportunity to share or follow information about us (or the Website or our Services) using third party social networking functionality (such as through “share this”, “like” or “follow” buttons).
We offer this functionality in order to generate interest in us, the Website and our Services among the members of your social networks, and to permit you to share and follow opinions, news and recommendations about us with your friends. However, you should be aware that sharing personal or non-personal information with a social network may result in that information being collected by the social network provider or result in that information being made publicly-available, including through Internet search engines.
Please note that we do not exercise, endorse, secure or control the policies or practices of any third party social network whose functionality you may access through the Website.
You should always carefully read the Privacy Notice of any social network through which you share information in order to understand their specific privacy and information usage practices.
For some of our Services, your personal information may be transferred to, and processed in, countries outside of the EEA. However, we have taken appropriate safeguards to require that your personal information will remain protected in accordance with this Privacy Notice. These measures include transferring your personal data to third parties who are located in a country which the European Commission has determined has data protection laws that are at least as protective as those in Europe, and transferring your personal data to third parties who have entered into standard contractual clauses with us. For more information about these safeguards please contact us using the contact details provided below.
Our lawful bases for collecting and using personal information will depend on the personal information being collected and the specific context in which we collect it.
However, we will normally collect personal information from you only:
In respect of data processed within COVID-19 frameworks;
In some cases, we may also have a legal obligation to collect personal information from you.
If we ask you to provide personal information to comply with a legal requirement or to perform a contact with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information).
If we collect and use your personal information in reliance on our legitimate interests (or those of any third party), this interest will normally be to operate our platform and communicating with you as necessary to provide our services to you and for our legitimate commercial interest, for instance, when responding to your queries, improving our platform, undertaking marketing, or for the purposes of detecting or preventing illegal activities. We may have other legitimate interests and if appropriate we will make clear to you at the relevant time what those legitimate interests are.
If you have questions about or need further information concerning the lawful bases on which we collect and use your personal information, please contact us using the contact details provided below.
You have the following data protection rights:
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
The data controller of your personal information will be the QA group entity that you are dealing with, and as such will be one of the following:
We welcome any queries, comments or requests you may have regarding this Privacy Notice. Please do not hesitate to contact us, or our DPO, via email at: email@example.com
We may change this Privacy Notice from time to time by updating this document. The online version is available here.
You should check this page from time to time to ensure that you are happy with any changes.