The Academy of Enterprise Education (AEE) (established in Scotland and registered as a limited company with registration number SCO690807) G71 8PB, is a data controller in terms of the General Data Protection Regulation (GDPR). All of students, consultants, and visitor’s personal data will be treated strictly in accordance with the terms of the GDPR. This means that confidentiality will be respected and that appropriate security measures will be taken to prevent unauthorized disclosure.
This privacy notice together with our, and any additional documents referred to within, sets out how and the extent to which AEE shall process your personal data as student, consultant, or visitor. Please read these documents carefully to fully understand our views and practices regarding your personal data and how we will treat it.
This Privacy notice describes our policies and procedures on the collection, use and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You.
The use of the services provided by The Academy of Enterprise Education (AEE) is conditioned by the acceptance of the Terms and Conditions of Use and the reading of this Policy. If you do not agree to these conditions, please do not use our services.
- DATA COLLECTED AND PROCESSED
The collection and processing of data is fundamental to the operation of The Academy of Enterprise Education (AEE). Based on your data our project plan is enhanced and that informational core allows us to provide you the best service.
There are various sets of information and data we collect and process, such as:
2.1 Contact and personal information. We collect your name, age, email address, residential address, phone number.
2.2 Demographic information. We may collect your date of birth. We may also collect your age, gender, and zip code.
2.3 Payment data: the payment data is required from The Academy of Enterprise Education (AEE) in order to receive the payment for our products. The data required for this purpose is: a Bank account information, credit or debit card number and information, an expiration date and a security code.
2.4 Billing data: in order to comply with our tax obligations, we must ask you for some billing information such as: name, tax number, address, city, postal code and country.
all data entered when logging in into the platform is stored and processed. This data allows us to identify you as user, so we give you the access to your account. Example of such data includes login credentials.
2.6 Location data: with the use of the platform, we may access information contained in the GPS of your device. However, this operation is optional and must always be previously agreed by the user.
2.7 Pathway Applications: AEE collects Personal Data when you apply to our Pathways or make purchases from us (this could be a pathway, stand-alone course, planners, workbooks, client materials, or AEE merchandise etc.) we collect financial information including but not limited to credit card information that you provide to us.
2.8 AEE Community Forum: AEE collects Personal Data disclosed by you on our LMS community forum (including your username and password used to access the forum), blogs, chat and our other areas of the Site to which you can post information and materials. You should be aware that any information that you post in the AEE learning management system or other public area of the Site might be read, collected, and used by others who access it.
2.9 Automatic Information: AEE collects Personal Data about you: every time you use our Website, we collect certain information about you. For example, we may monitor the number of people that visit our Site or use the App, peak hours of visits, which page(s) are visited on our Site or the App, the domains our visitors come from (e.g., google.com, yahoo.com, etc.), and which browsers people use to access and visit our Site (e.g., Firefox, Microsoft Internet Explorer, etc.), broad geographical information, Site navigation pattern. In particular, the following information is created and automatically logged in our systems:
2.11 Digital Media: AEE collects Personal Data when you interact with our social media sites like LinkedIn, Instagram, Clubhouse, Facebook and Twitter (“Social Media Sites”). When you interact with AEE on our Social Media Sites, we will collect Personal Data that you elect to provide to us through your settings on the Social Media Site, such as your contact details. In addition, the Social Media Sites providers may give us aggregate information and analytics data about the use of our social media pages. We are not responsible for the privacy practices of these Social Media Sites and any information you share with them is subject to their privacy policies and terms of service.
2.12 Assessment Information: AEE collects personal data during the delivery of assessments. We do this in our capacity as a Data Controller and Data Processor. When we collect information on behalf of students, we then process that data for the third-party accreditation bodies for awards to be made.
2.13 Additional Information: AEE may receive your Personal Data from other sources. This for example maybe a webinar, or an online conference. In this case we will have informed you when we collected that data if we intend to share those data internally and combine it with data collected on the Website. We will also have told you for what purpose we will share and combine your data. We are working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies).
3. GDPR COMPLIANCE
The GDPR sets out six key principles. To ensure compliance the University must act in accordance with these principles. In brief, these are:
- Personal data shall be processed lawfully, fairly and in a transparent manner (‘lawfulness, fairness and transparency’).
- Personal data shall be collected for specified, explicit and legitimate purposes and not further processed in any manner incompatible with those purposes. Further processing for archiving, scientific or historical research or statistical purposes is permissible (‘purpose limitation’)
- Personal data shall be adequate, relevant and limited to what is necessary in relation to the purpose for which it is processed (‘data minimisation’).
- Personal data shall be accurate and where necessary kept up to date (‘accuracy’).
- Personal data processed for any purpose shall not be kept for longer than is necessary for that purpose (‘storage limitation’).
- Personal data shall be processed in a manner that ensures appropriate security including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).
In addition, AEE must be able to demonstrate its compliance with the principles. This is referred to as the accountability principle. See the ICO website to read the principles in full.
4 . SOURCE OF DATA
Students: The personal data AEE holds about you is obtained from a number of sources, including the following:
- Information you have provided when making enquiries to AEE.
- Information you have provided on your application form as part of the admissions process.
- Information from referees
- Information you provide us with during the enrolment process.
- Information you provide us with during the course of your study.
- Information that AEE requires to record about you during your studies e.g. grades.
- Funding organisations such as Business Gateway, other sponsors
- Statutory organisation such as the Home Office
- Partner organisations such as professional accreditation bodies, employers, and other educational establishments for the purposes of external study or exchange.
Purposes of Processing: AEE requires to process the personal data it collects about you for the purposes delivering a relevant educational programme of study to you, any other service you receive from us and to allow us to execute all the administrative and ancillary tasks relevant to our service delivery. A full list of the purposes for which we process your personal data can be found in Record of Processing Activities – Student Data. Examples include:
- Delivering your programme of study.
- Administration of your academic attainment e.g. marks and grades.
- Administration of Fee’s, Grants and Loans (e.g. loans from the Student Loans Company and access loans).
- The provision of advice and support to students, including welfare, pastoral and academic services and careers services.
- Management of behavioural or disciplinary issues and complaints.
- Learning analytics which are used to monitor engagement and activity to enable appropriate support for students. This includes the automated processing of personal data (profiling).
Your Consent: There may be circumstances where we may not be able to legitimise the processing of your personal data unless we have your consent. Consent will be sought as and when required. You have the right to withdraw consent at any time without prejudice to your status within AEE. Please note that if you do withdraw consent, this will not affect the lawfulness of processing based on your consent before your withdrawal.
Retention of your personal data: Once you become an enrolled student, AEE will retain your personal data in line with our data retention schedules relating to student data. Where an item of your data no longer requires to be retained, we shall securely remove it from our systems. Please note that if you enrol as a student, some items of your personal data will be retained on a permanent basis. This is in order to ensure that the University can maintain an appropriate permanent archive of degrees and credit awarded and provide services to graduates/former students such as for replacement degree certificates.
Consultants: The personal data AEE holds about you is obtained from several sources including the following:
- Information you or a third party (e.g. a recruitment agency) have provided during your application process including references where applicable.
- Information you provide us with during your employment.
- Information built up about you during your employment, e.g. promotions, disciplinary, general correspondence.
- Partner organisations such as professional bodies, employers, and other educational establishments for the purposes of external research, exchange, or secondments.
- Publicly accessible sources such as social media.
Personal Data we process about you: Consultants Data includes name, gender, date of birth, contact details, education and training, qualifications, employment history, PAYE and NI code, bank details and salary information, pension information, criminal convictions, ethnicity and religious beliefs, trade union membership and health information.
Purposes of Processing: AEE requires to process the personal data it collects about you for the purposes of providing you with employment and to allow us to execute all the administrative and ancillary tasks related to that. A full list of the purposes for which we process your personal data can be found in Record of Processing Activities – Staff Data. Examples include:
- Managing and updating HR processes (e.g. salaries, promotion, absences, disciplinary cases, complaints, professional development reviews etc.)
- Including staff details on AEE’s website where this is required as part of the individual’s role.
- Promoting AEE’s work including research, researchers and their publications.
Your Consent: There may be circumstance where we may not be able to legitimise processing of your personal data unless we have your consent. Consent will be sought as and when required. You have the right to withdraw consent at any time without prejudice to your status within AEE. You can do this by contacting email@example.com. Please note that if you do withdraw consent, this will not affect the lawfulness of processing based on your consent before your withdrawal.
As part of the initial employment process AEE requests consent to use your personal data for providing contact details (name, job title and department) to those Trade Unions recognised by AEE.
Retention of your personal data: As a minimum, AEE will retain your personal data for as long as you are an employee of AEE provided it is necessary for its purposes as described. Following termination of your employment at AEE, we shall securely remove from our systems any personal data that we no longer require for the purposes set out above. Please note however that even after termination of your employment, AEE may still need to retain your personal data to satisfy its obligations to keep certain records for particular periods under applicable law as per AEE’s retention schedule.
5. WHOM WE MAY SHARE YOUR INFORMATION WITH
For the above purposes, we may share your information with the following third parties. Please note that any third parties’ use of your personal data will be governed by their own privacy policies and give rise to separate obligations under applicable data protection laws. We suggest that you carefully review any third-party privacy policies that may apply to you.
Third parties that may receive your information include:
- Our payment services providers Stripe Inc.
- Our LMS platform Provider, TalentLMS.
- Providers of assessments and marking services when you register for an assessment or submit a piece of work for marking in connection with an Online Course.
- Analysis of the use of Platform: we resort to applications in order to analyze the use of our platform, such as Google Analytics.
- Advertising: we use analysis tools for marketing and advertising purposes; as well as we use Social Media marketing such as Facebook,
- LinkedIn, Instagram, Twitter and YouTube.
- Audits and maintenance: your data might be accessed within the scope of independent quality control and security audits of our services. All audits are subject to confidentiality and are closely monitored by us.
- Security: AEE has security measures in place to protect customer information. AEE takes reasonable precautions to protect against the loss, misuse, and unauthorized access of your personal information under our control. Because the security of your personal information is a high priority, we have taken numerous steps to ensure that it is processed confidentially, accurately, and securely. The Site uses encryption technology, such as Secure Socket Layer (SSL) technology, which is supported by most modern Internet browsers. Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure. As a result, while we employ commercially reasonable security measures to protect data and seek to partner with service providers which do the same, we cannot guarantee the security of any information transmitted to the Site and are not responsible for the actions of any third parties that may receive any such information. Account Information and other password-protected areas of the Site can be accessed only with a valid username and password. Each password owner is responsible for keeping the password confidential and safe, as we have no control or responsibility for this type of user information. If the password may have been stolen or might otherwise be misused, it is the responsibility of the subject user to notify us immediately for further action.
- Payment: All transactions are handled securely. Areas of the Website that process online payments make use of – and transfer data to – third party software and service providers. All third-party software and service providers that we use are compliant with the relevant Payment Card Industry standards.
- Customer relationship management service providers (which allows us, for example, to send personalised email communications to you);
- Our file storage and management service providers.
- Our third-party review and ratings partner, who assists us with collecting and moderating any review and rating you may elect to provide of our Online Content and Courses.
- Any entity to which we are under a duty to disclose or share your information in order to comply with any legal obligation, or in order to enforce or apply our Terms and other legal requirements; or to protect our rights, property, or safety, our users, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
6. HOW LONG WE KEEP YOUR DATA FOR?
As a minimum, AEE will retain your personal data for as long as is necessary to process and handle your enquiry, your request to purchase goods, services or book an event or pay outstanding invoices. If you consent to us using your personal data for marketing purposes, we shall retain the minimum amount of information as is necessary to market to you until you withdraw your consent. If our processing relates to student recruitment, we shall retain the information collected for as long as is necessary to fulfil that purpose. Once personal data is no longer necessary, we shall securely remove it from our systems.
Storage of your information.
Transmission of information via the internet is not completely secure. AEE will do our best to protect your personal data, although we cannot guarantee the security of data transmitted to the Website.
Any transmission is at your own risk. Once we have received your information, we will use appropriate organisational and security measures to prevent unauthorised access to your personal data.
If you need to change or correct your Personal Data, or wish to have it deleted from our systems, you may contact us at firstname.lastname@example.org. We will address your request as required by applicable law.
- INTERNATIONAL TRANSFERS
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff or by partners operating outside the EEA who work for us or for one of our suppliers, agents, or partners. By submitting your personal data, you agree to this transfer, storing or processing.
8. YOUR RIGHTS
You have the following data protection rights:
- You can edit your personal details via your profile page whenever you wish. We maintain a procedure in order to help you confirm that your personal information remains correct and up-to-date or choose whether or not you wish to receive material from us or some of our partners.
- In addition, you can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information. Again, you can exercise these rights by contacting us using the contact details provided under the “Contacting section”.
- You may unsubscribe from certain email communications by following the Unsubscribe link in the email communication itself. You may also update your personal information by logging into the Website and visiting your Learner account page. You may also email us at email@example.com in order to access, correct, or update your personal information on our systems. We will answer every email as promptly as possible.
- Similarly, if we have collected and process your personal information on the basis of your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
- If you have any privacy-related questions or unresolved problems, you may contact us using the information provided below.
- You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority.
8.1 Request for information relating to yourself.
Under the terms of the General Data Protection Regulation, you have the right to ask AEE for any information held about you as an individual. If you wish to make an enquiry about data that relates to yourself, then please email firstname.lastname@example.org. Please include the following information in your request:
- Full name and date of birth
- Your contact details.
- If you are a student or member of staff, your student registration number or employee number.
- If you are a previous student or member of staff details of when you were at AEE and what you studied/which department you were in
- A full description of the information you are requesting. Please provide as much information as possible to help AEE locate the information such as the time periods concerned, names of members of staff who you may have dealt with or who may be able to locate the information, the department, or areas of AEE that are most likely to hold the relevant information. Please note we may have to get back to you to seek further clarification if we do not have enough detail to enable us to find the information you are seeking.
AEE may ask for evidence of your identity: In most cases we will respond to your request within one month. If your request is particularly complex, we may have to extend this time by a maximum of a further two months but in this case, we will inform you and explain the reasons for the delay. Note: AEE will not respond to any requests from third party SAR platforms.
Request for other information held by AEE: Under the terms of the Freedom of Information (Scotland) Act 2002 you also have the right to ask AEE to provide you with any information held by AEE. For example, you may wish to see the minutes of a particular meeting or obtain standard information about student numbers. The Environmental Information (Scotland) Regulations 2004 also entitle you to have access to certain environmental information. If you wish to make an enquiry about information held by AEE which does not seem to be already available, then write or email to:
The FOI Unit. Academy of Enterprise Education
Level 3, The Fairways, Glasgow G718PB or email@example.com.
When we receive your request, we shall instigate a search for the information you need. If we cannot determine exactly what information you require, we shall contact you as soon as possible to clarify your request. If we already publish the information you require, we shall send you details of how to find the information.
In all other cases, the information you need will be located and provided to you. Please note, however, that some information may be exempt from your access. Should that be the case, we will provide what information we can and provide reasons why other information has not been released to you. Please also note that we may need to charge a fee to cover the costs of our search and any copying. Until a fee is received, the information you require will not be released to you. In such cases where we do not provide all the information you seek or require payment of a fee; we will inform you of your rights of review and appeal.
We take seriously our legal obligation to protect the privacy of children. Accordingly, we do not knowingly collect or maintain personal information from persons under 13 years of age, and no part of the Website is directed to persons under 13 years of age. If you are under 13 years of age, then please do not use or access the Website at any time or in any manner. We will take appropriate If you become aware a minor has shared his data with us, we will make the steps to delete any personal information of persons less than 13 years of age, please, contact us at IThelpdesk@aoee.co.uk.
Tracking Technologies and Cookies
You can instruct Your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if You do not accept Cookies, you may not be able to use some parts of our Service.
Cookies can be “Persistent” or “Session” Cookies. Persistent Cookies remain on your personal computer or mobile device when You go offline, while Session Cookies are deleted as soon as You close your web browser.
We use both session and persistent Cookies for the purposes set out below:
Type: Session Cookies
Purpose: These Cookies are essential to provide You with services available through the Website and to enable You to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these Cookies, the services that You have asked for cannot be provided, and We only use these Cookies to provide You with those services.
Cookies Policy / Notice Acceptance Cookies
Type: Persistent Cookies
Administered by: Us
Type: Persistent Cookies
Administered by: Us
Purpose: These Cookies allow us to remember choices You make when You use the Website, such as remembering your login details or language preference. The purpose of these Cookies is to provide You with more personal experience and to avoid You having to re-enter your preferences every time You use the Website.
Tracking, Advertising and Performance Cookies
Type: Persistent Cookies
- Administered by: Third Parties Google Analytics, Facebook, LinkedIn, Instagram, Twitter and YouTube.
Purpose: These Cookies are used to track information about traffic to the Website and how users use the Website. The information gathered via these Cookies may directly or indirectly identify you as an individual visitor. This is because the information collected is typically linked to a pseudonymous identifier associated with the device you use to access the Website. We may also use these Cookies to test new advertisements, pages, features, or new functionality of the Website to see how our users react to them.
Analytics cookies: These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from, and the pages they visited.
- Administered by: Google Analytics.
13.1 Changing your cookie settings
We use several types of cookies for a range of reasons across the Website. Some are essential, while others you can opt out of or block. Opting out or blocking some cookies may affect the functionality of the Website.
14. CONTACT US