Andrell Education and GDPR
The 25th May 2018 marks the start of enforcement of the European Union’s General Data Protection Regulation. We take your data privacy seriously so we have been working hard to ensure we are fully compliant with the new legislation.
This document sets out a summary of the key points in plain English. The comprehensive details regarding our compliance and practice can be found in the Privacy Notice and Legal Notice.
Your Data Rights
We will always ask for consent at the point we collect your data. You have the right to withdraw your consent at any time. You have the right to request the data we hold, ask how the data is used, request a digital copy, request amendments, and request removal. Where we hold data for legitimate purposes or to fulfil a contract, you may request that the data is no longer processed but we are not obliged to delete it.
How We Use Collected Information
We collect your information to provide and promote our services, to meet our legal obligations, to ensure the security of our services and to monitor and improve them.
Some services require your information. If you refuse to provide it, we will be unable to offer the service.
We will only retain information for as long as reasonably necessary. We will delete your data if a request for removal is received and accepted.
You may request further information on the categories of information that we collect, how it is processed, and the third party partners that we use.
Andrell as the Data Controller
We act as data controller for information that we collect from you. Our Privacy Notice and our Legal Notice sets out the terms of our actions as data controller.
We may also use third party suppliers where their services help us to provide services to you. In this case, they are data processors on our behalf. The third parties have their own contracts in place with us to ensure compliance.
Andrell as the Data Processor
We act as data processor for information added to our services. Users have agreed to the Privacy Notice and the Legal Notice before accessing the services and agree that we must hold and process the information in order to offer the agreed service.
We do not view this information without express permission from the user.
How We Protect Your Information
We adopt appropriate privacy by design practices around data collection, storage and processing and security measures to protect against unauthorised access, alteration, disclosure or destruction of your personal information.
Your personal information is stored within the EU. Data that we hold is stored in the UK and our third party service providers have relevant documentation and agreements stating that they will not move the data they store outside of the EU.
If you have any questions about GDPR, please contact us at: firstname.lastname@example.org.