Big Life Project Privacy Notice – updated 19th November 2018
We have updated this Notice, to incorporate the changes brought about by the General Data Protection Regulation (GDPR) that comes into force on 25th May 2018. GDPR includes provisions on Privacy Notices in Articles 12, 13 and 14.
Big Life Project Company is a course provider responsible for the provision of online educational lessons. We are a small, recently constituted company, established in 2016. Big Life Project is a ground-breaking online platform that delivers ready-made practical life skill lessons and resources directly to teachers, allowing them to get on with what they do best - teach.
Our platform can be engaged within the classroom, at home and on the move by Educational Establishments, Teachers and Students. We are here to shake up the status quo and help teachers provide the lessons young people need to start living bolder, brighter, bigger lives.
What is a Privacy Notice?
A Privacy Notice is a statement by the company to its students, teachers, the public and staff that describes how we collect, use, retain and disclose personal information which we hold.
Why issue a Privacy Notice?
The Big Life Project University recognises the importance of protecting personal and confidential information in all that we do and takes care to meet its legal and regulatory duties. This notice is one of the ways we can demonstrate our commitment to our values and to being transparent and open. It also shows our commitment to respecting diversity, acting with integrity, demonstrating compassion, striving for excellence and listening and supporting others.
This notice explains what rights you have to control how we use your information.
Legal basis for processing your information
We only process your information if we have a lawful reason to do so. We make sure you know how we use your information, and tell you about your rights.
We rely on the following specific conditions in Articles 6 and 9 of the GDPR to process your information:
6(1) (f) Legitimate interests: the processing is necessary for your legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests.
6(1) (c) ‘…for compliance with a legal obligation to which the controller is subject’
What information do we collect from you, and why?
We may ask for or hold personal confidential information about you which will be used to help us deliver appropriate care and treatment. This supports us to collect the minimum that we require for the provision of our service.
These records may include:
• Basic details, such as name, date of birth, address, phone number, mobile number and email address (where you have provided it to us)
• Financial information where a transaction is required.
Most of your records are electronic and are held on a computer system and secure IT network.
How we use your information
• To enable us to provide our services
• To process financial transactions where required.
• To comply with any associated regulatory requirements
It helps you because:
• Accurate and up-to-date information helps us to provide you with the best possible service.
Where possible, when using information to inform future services and provision, non-identifiable information will be used.
How we keep your information safe and confidential
The Big Life Project is committed to keeping your information secure. Information is retained in secure electronic and paper records and access is restricted to those who need it. Security and access controls, operational policies and procedures are in place to protect your information.
The GDPR regulates the processing of personal information. Strict principles govern our use of information and our duty to ensure it is kept safe and secure.
The Big Life Project is registered with the Information Commissioners Office (ICO).
Everyone working for the company is subject to the Common Law Duty of Confidentiality, as well as the GDPR. Information provided in confidence will only be used for the purposes for which have consented, unless there are other circumstances covered by the law.
All of our staff are required to protect information, inform you of how your information will be used and to allow you to decide if and how your information can be shared. This will be noted in your records.
Who we share your information with
We do not share your information with any other Third Parties.
Contacting us about your information
We have a senior person responsible for protecting the confidentiality of your information. There is also a Data Protection Officer to meet our requirements under the GDPR.
If you have any questions or concerns about the information we hold on you, the use of your information or would like to discuss further, please contact as below
How can I access the information you hold about me, and what are my rights?
Under the GDPR a person may request access to information (with some exemptions) that is held about them by an organisation. This is called a Subject Access Request. There is no fee for this unless a request is unfounded or excessive, particularly if it is repetitive. In that case, a reasonable fee may be charged.
To submit a Subject Access Request, please email to firstname.lastname@example.org
Your Rights under the GDPR Subject are:
1. Right to be informed
2. Right to access
3. Right of rectification
4. Right to erasure
5. Right to restriction of processing
6. Right to data portability
7. Right to object
8. Automated individual decision-making, including profiling
We will comply with your rights and our responsibilities as stated above
Data breaches under GDPR
Under the GDPR we have a duty to report certain types of breach to the Information Commissioner’s Office (ICO). If the breach creates a risk to your rights and freedoms we will notify you without undue delay and the ICO within 72 hours of becoming aware of the breach, where possible.
If the breach is likely to bring a high risk of adversely affecting your rights and freedoms, we will also inform you without undue delay.
Contacting us if you have a complaint or concern
We try to meet the highest standards when collecting and using personal information. We encourage people to bring concerns to our attention and we take any complaints we receive very seriously. You can submit a complaint through to us at:
Following your complaint, If you are still dissatisfied with our decision you may wish to contact:
Information Commissioner’s Office
You can find more information on their website at www.ico.gov.uk The Information Commissioner will not normally consider an appeal until you have exhausted your rights of redress and complaint to the Trust.