IDP Connect Privacy Notice (UK)
Last update January 2019
This privacy notice has been compiled to help you understand why we ask you for your personal information when you engage with the IDP Connect and how we will store and use this information.
Hotcourses Limited, an IDP Education owned company, is the principle company and the Data Controller in the IDP Connect group of companies (Hotcourses India PVT, Hotcourses Pty Ltd (Australia), Hotcourses Inc (North America) and The Complete University Guide).
Keeping your information safe and private is very important to us, and all our services are designed with privacy and security in mind.
Who does this Privacy Notice apply to
This Privacy Notice applies to the both individuals and companies who are partners, suppliers, clients, stakeholders, customers, and potential customers of the IDP Connect. This includes:
- Visitors to the www.idp-connect.com website
- Marketing and content partners
- Advertiser and potential advertisers
- Attendees at our events and seminars
Why we collect and process your data
We collect and process your personal data in order to provide high quality and effective services for our clients (educational institutions) and our end-users (potential students). We value the input of all our stakeholders and use our networks and connections within the education sector to maximise the benefit to students and institutions.
Examples of ways in which we process your data include:
- Contacting advertisers by telephone to review the effectiveness of campaigns
- Promoting new products and services launched by the IDP Connect
- Informing stakeholders of upcoming events by email
- Inviting feedback on our products and services
Our lawful basis for processing your data
It’s in IDP Connect’s legitimate business interest to keep its stakeholders informed of our latest content, products and services in order help both education institutions and students. We process your data and use direct marketing as part of this legitimate interest. It’s necessary for us to use a variety of direct marketing channels and messages to ensure our stakeholders are kept informed, and wherever possible we make sure the messages we send are targeted and relevant. Any direct marketing we undertake complies with e-privacy rules on consent.
What type of data do we collect
We collect the following types of data from our stakeholders:
- Your name
- Your company, organisation, or affiliation
- Your job title
- Your email
- Your telephone number
- Your address
Throughout your engagement with the IDP Connect, we will collect additional information, including:
- A history of marketing activities and communications we have exchanged with you. For example, details of emails sent and telephone calls.
- Details of any of our products or services you have engaged with. For example, details of advertising campaigns purchased, or attendance at one of our events.
Through the IDP Connect website, www.idp-connect.com, we collect data in a number of specific ways.
If you use the contact form on the website to contact IDP Connect, then we will ask you to provide your contact details and information about your enquiry. The data you submit via one of our contact forms is sent to IDP Connect through a secure method and stored on our secure Customer Relationship Management System, HubSpot.
You can choose to have your computer block some or all cookies for you through your browser settings. Each browser is a little different, so look at your browser’s Help menu to learn the correct way to modify your cookies.
If you disable cookies, some advanced features will be disabled and some of our services may not function as intended.
IDP Connect uses re-marketing tools to gain insights into our online audiences. We use this information to promote targeted products and services to our users. This technology includes a small piece of code on our websites which allow us to utilise cookies to record user behaviour and log this information with our advertising partners. This information is then used to display targeted advertising from IDP Connect to users across the internet. These cookies do not contain or store any personal identifiable data.
Geographical data and geotargeting
As with all websites, your IP address is sent to us each time a webpage is viewed. For some functionality we use this, along with geo-location information provided by your browser to provide location-specific content within our website. You can stop sharing this location information by changing your browser settings.
Anonymised analytics and insights
Occasionally, we will ask for additional information to help us monitor the reach and effectiveness of our services. For example, when creating an account, we may ask for your country of residence or postcode.
We use Google Analytics to log aggregated user data across all of our websites. No personal data is shared with Google Analytics.
We also collect some technical information while you use our websites, such as information on the type of browser you use and your IP address. This information is used to maintain and monitor the performance of our website.
Storing your data
IDP Connect uses third-party software and services to store and manage any personal information submitted through the IDP Connect website. We have data sharing agreements in place with the companies who run these services and have carried out assessments to ensure that they are storing and processing data to the high standards we expect.
Specifically, we use the HubSpot Customer Relationship Management tool to manage the contact details and contact history of our engagement with stakeholders.
Your data is not stored outside the EU, however it may be accessed by one of our principal companies based in the USA, India or Australia in case they need to provide you with a service on our behalf. To ensure your data is secure and we comply with our privacy obligation, we have data sharing agreements and security operational and technical measures in place with these companies.
How long will you keep my information for?
We will keep your data for as long as we are required to, either:
- By law, for example to meet financial regulations relating to payments
- For as long as we require the data to provide a service to you.
Personal data is deleted in accordance with our internal retention policy.
Reviewing and updating your data
You can update the information we store on your behalf by making a request to the IDP Connect Privacy Manager.
You have the following rights in relation to the data we hold
The right to be informed
You have the right to be informed why and how we collect your personal data, how we will use this information, who we share it with, what are the security measures we take to protect this information and what are your individual rights. We will publish this information in this Privacy Notice
The right of access
You have the right to access the information we hold for you. You can request access to this data via a Subject Access Request, which you can do by contacting your IDP Connect contact or the Privacy and Information Security Manager.
The right to rectification
You have the right for inaccurate or incomplete data we hold to be updated. You can make a request to have your data updated either through your IDP Connect contact or the Privacy and Information Security Manager.
The right to erasure
You have the right to be forgotten at any point by contacting the Privacy and Information Security Manager or emailing firstname.lastname@example.org. At your request, we will remove all the data we have for you which we are not required legally to retain.
The right to restrict processing
You have the right to restrict processing when you have exercised one of the above rights and it may take some time to process that request. For example: when you contact us to update your details you have the right to request restriction until your details are updated.
Right to withdraw consent
For the processing activities where we have asked you for consent, you have the right to withdraw this consent at any point by clicking on the unsubscribe link in any email we send you, or contacting the Privacy and Information Security Manager.
The right to object
You can object to the processing of your personal data at any point by contacting the Privacy and Information Security Manager. There may be instances where we may not be able to fulfil those requests, but we will provide you with an explanation when replying back to you.
Right to not be subject to automated decisions and profiling
None of our processing activities are purely automated. There are instances where we process data to analyse or predict behaviour but we will ask you for explicit consent when this processing will involve your personal data.
Right to data portability
If you have provided us with your personal data with consent or under the contact obligations, you have the right to request the data you have provided to us in a machine-readable format should you decide to move to another data controller.
Sharing your data with partners
We work with range of suppliers and have agreements and procedures in place to ensure your personal data is protected through the service you receive from us.
Your personal data will only be shared with a supplier if you have explicitly given your consent.
In the future, all or part of the IDP Connect business may be sold, acquired, or merged with another business. Under these circumstances, we may share the personal data we hold with the parties involved.
Links to other websites
On our website there are lots of links to course provider websites. This privacy notice does not cover these links. We encourage you to read the privacy statements on the other websites you visit.
Changes to IDP Connect Privacy Notice details
The date of the most recent version will appear on the top of the page. From time to time we may be updating this Privacy Notice, please review it each time you are to submit personal information. If we make any significant changes to this notice we will send you an email informing you of these amendments. If you do not agree with these changes please do not use our websites to provide personal information. You can also delete your account at any time – please see your rights section
If you have any question regarding your personal data, please contact the Privacy Manager at the address below:
Privacy and Information Security Manager
First Floor, Bedford House, Fulham Green
69-79 Fulham High Street
If you feel we have been intrusive to your privacy or misused your data you have the right to complain to the ICO https://ico.org.uk/make-a-complaint/