Data Protection Law controls what the Trafford College Group does with the personal information provided by individuals who work for us, study with us or access our services.
Our Privacy Statements describe what we do with the personal information we are provided with by members of the public. You may be asked to give us personal information to answer an enquiry you have. You may also be asked to provide personal information when you become an applicant or student, are a client or wish to use the services we offer across our Colleges and Campuses.
If you provide us with information, it will only be used in the ways described in our Privacy Statements. Our statements will be updated from time to time and the latest version will always be published here on our website.
The Trafford College Group is a Data Controller registered with the Information Commissioner’s Office (ICO) (Registration number ZA394464). All members of the Trafford College Group operate within the Data Protection arrangements agreed by the Corporation Board.
All written correspondence in relation to Data Protection should be addressed to:
The Data Protection Officer, Trafford College Group, Manchester Rd, Timperley, Altrincham, WA14 5PQ
The Data Protection Officer, appointed by the Corporation Board to provide independent assurance over the governance and management of data protection is Anthony Gribben-Lisle.
Please send any communication for the attention of the Data Protection Officer to firstname.lastname@example.org
Opt-out of Marketing Communications
The Trafford College group collects marketing information on individuals collected from forms across our website. When providing this information you also consent to receiving marketing communications regarding Open Events, News, College Alerts and other forms of communications related to the college and wider-community. To opt-out of these emails please use the simple form below. You will then be sent an email which serves as an acknowledgment that we have received and processed your request.
Subject Access Requests
The Data Protection Act (2018), General Data Protection Regulations (GDPR) and our Data Protection Policy give any individual the right to obtain confirmation if their data is being processed by us and to have access to the personal data we hold. The right of access to this information is referred to as Subject Access Request (SAR).
We aim to provide access to personal data within one month of receipt of a subject access request. If a request is complex, an extension of up to a further two months may be requested from the individual making the request. The Data Protection Officer, or a member of our team, will communicate regularly with individuals where this is the case.
A copy of the information will be provided free of charge. However, a reasonable fee may be charged if a request is found to be excessive, or where information is requested repeatedly. We will always notify the individual making a request if we intend to make a charge, and the reason for making a charge.
Who can make a Subject Access Request?
Subject Access Requests will be accepted from:
- The individual whose data is being requested (also known as the Data Subject).
- B. A representative of the Data Subject who has written consent (e.g. a parent or carer; a solicitor; a court appointed representative if the Data Subject could no longer manage his or her own affairs; a person with enduring Power of Attorney).
- C. The parent or carer of a child under 16 years of age: In cases where the child agrees, or it is in the child’s best interest for access to the data to be given.
How can I make a Subject Access Request?
Please complete a copy of our Subject Access Request Form and send it to email@example.com.
Please note that we will use reasonable means to verify the identity of the individual making the request, but may require individuals to visit one of our campuses with proof of their identity in order to receive copies of access request responses.
Requests to delete personal data
One of the key principles which underpins UK Data Protection Law is the right of an individual to request the deletion or removal of personal data where there is no compelling reason for its continued processing. This is also known as the ‘right to be forgotten’.
Individuals may have a right to have personal data erased and to prevent processing in specific circumstances such as:
- Where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed.
- When the individual withdraws consent.
- When the individual objects to the processing and there is no overriding legitimate interest for continuing the processing.
- Where the personal data was unlawfully processed (i.e. otherwise in breach of the Data Protection Act).
- The personal data must be erased to comply with a legal obligation.
Please note that the right to erasure does not provide an absolute ‘right to be forgotten’. Under Data Protection Law the Trafford College Group can refuse to comply with a request for erasure where the personal data is processed for particular reasons. This will always be explained to you by our Data Protection Officer if your request cannot be carried out.
How can I make a request to have my personal data deleted?
Please complete a copy of our Data Erasure Request Form and send it to firstname.lastname@example.org. Each request will be handled on a case by case basis.
Can I speak to the Data Protection Officer before I make a Subject Access Request or Request for Erasure?
Yes. We take all concerns and questions relating to data protection, use of personal information and the experience of our students and apprentices with the utmost importance. If you would like to speak to the Data Protection Officer with a question or concern before making a formal request, please do not hesitate to contact them by e-mail at email@example.com