#One of the family
#One of the family
SMB College Group takes the issue of online privacy very seriously.
We provide this Privacy Statement to inform you of our Privacy Policy and practices and to ensure that you're aware of the choices you can make about the way your information is collected online and how that information is used.
This website is governed in accordance with the laws of England. The English courts shall have exclusive jurisdiction over any dispute arising out of your use of this website. We comply with the Data Protection Act 2018 and the UK General Data Protection Regulation (UK-GDPR), including removing your personal information from our systems when it is no longer required and ensuring that all personal information supplied is held securely.
This website is owned by SMB Group. Registered in the UK. We are registered with the ICO under the Data Protection Register and our registration number is Z4931281.
From time to time you will be asked to tell us personal information about yourself (name, email address, etc.) in order to become a student, to use college systems and services and so on. At the point of collecting the information, we aim to clearly explain what it is going to be used for and who we may share it with. Unless required or permitted by law, we will always ask you before we use it for any other reason.
Any sensitive personal information will never be supplied to anyone outside the college without first obtaining your consent, unless required or permitted by law.
Whenever you provide such personal information, we will treat that information in accordance with this statement, current legislation and our Data Protection Registration. We also aim to meet current best practices.
Individuals whose personal information the college holds have certain rights under the law. More information can be found on the Information Commissioner’s website: https://ico.org.uk/
When you contact us through this site, we will request certain personal information. Your personal data will be processed to provide the information and services that you request in the form that you require. This is done in strict accordance with the 'applicable legislation' principles of data protection and data privacy.
The college collects and processes personal data relating to its students (also known as learners) to effectively manage your learning and to meet its statutory obligations as a College of Further education in line with the Further and Higher Education Act 1992.
The SMB Group is committed to being transparent about how it collects and uses that data and to meeting its data protection obligations.
We log website visitor domain and IP address automatically; this information does not identify you as an individual, but only the computer that is being used to view the site. This data is used to see where the site is being used worldwide and to help better understand site usage so that we can improve our service. We never link information automatically logged by such means with personal data about specific individuals.
2. We collect data about criminal convictions at application stage for FE (Further Education) and HE (Higher Education) students or enrolment stage for Full Cost students in order to protect vital interests of others (GDPR Article 6d (Vital Interest) and also in order to carry out our duty to support those with a conviction (GDPR Article 6e (Public Task).
3. We will take your photograph at enrolment for printing on your ID badge and your image may also be stored when it is captured as part of evidence gathering related to your course assignments or assessments. Your image is collected and stored electronically under GDPR Article 6e (Public Task). This is only used for college business; your explicit consent will be sought where the college seeks to use your image for marketing or publicity purposes.
4. We collect emergency contacts - GDPR Article 6d (Vital Interests). For those aged over 18 at the start of the academic year, this information is optional.
5. We collect parent/carer details for those under 18 at the start of the academic year under GDPR Article 6e (Public Task) as part of our duty to support education and learning as fully as possible.
6. In order to manage the financial affairs of the college, we will collect and store information about your funding and any payment information where you are required to pay fees. This is collected under GDPR Article 6e (Public Task).
7. As part of the delivery of courses to you, college staff will collect and process (eg. for marking and assessment purposes) any work or evidence you submit as part of this process through the college IT systems (where appropriate) under GDPR Article 6e (Public Task) in providing an education to you.
Most of the information above is collected directly from yourself via submission of an online form, an application or an enrolment form. However, some information such as previous qualifications, or special educational needs, may be collected from other organisations such as the DfE (Department for Education), the Local Education Authority, or your previous school or college.
Data will be stored in a range of different places, including our student information management systems, on paper in stored secure places, or as electronic documents within a secure network.
The SMB Group needs to process data so we can provide you with the highest standards of education and training we are able to give, and to meet our legal obligations from government organisations, including the DfE and OfS. Data regarding your residency, employment status and any benefits you receive is required to assess your eligibility for funding, fee remission or support.
Where the college processes other special categories of personal data, such as information about ethnic origin, disability or health, this is done for the purposes of equal opportunities monitoring, and tomonitor our service provision to improve our services to specific groups. We also use the data so we can personalise the provision to each student to provide them with the best possible opportunities to succeed. If any information has been supplied under the lawful basis of consent, rather than any legal basis, this consent can be withdrawn at any time by contacting our Data Protection Officer.
Contact details will not be used for marketing purposes without your consent, which can be withdrawn at any time. However, the college will use the contact information to contact you in order to carry out our duties to you or to obtain data where legally required.
Your information may be shared internally, including with any college staff who need the data to provide services to the student. This will include special categories of data where appropriate.
Where The SMB Group engages non-statutory third parties to process personal data on its behalf, we require them to do so on the basis of written instructions, under a duty of confidentiality, and they are obliged to implement appropriate technical and organisational measures to ensure the security of data.
The college shares your data with third parties where there is a legal obligation, including the Education and Skills Funding Agency (ESFA), English European Social Fund (ESF), Department for Work and Pensions (DWP), Learner Records Service (LRS), Leicestershire County Council (LCC) for students aged 16-18, and survey organisations working on our behalf.
Where a student receives high level of support (HNS – High Needs Student), or is in receipt of an EHCP (Education Health Care Plan), information will be shared with the relevant commissioning/managing local authority.
Where the college has validating agreements with Higher Education institutions, information is shared in order for appropriate progress monitoring and for any awards to be made under GDPR Article 6e (Public Task) in providing an education to you; the same applies to any Awarding Organisations (Examining Bodies) that the college works with on an annual basis based on a student’s enrolment.
Data Sharing agreements and privacy notices of third parties:
Our student data is not transferred out of the EU. Where you have agreed to receive marketing communications from us, your email address and name will be stored in our marketing platforms, Mailchimp (part of Intuit) & Sharpspring. These are both US-based companies and therefore their servers are in the US. They are both certified under the USA's Privacy Shield Scheme. You can read more about Mailchimp's privacy policy here and more about Sharpring's privacy policy here.
The SMB Group takes the security of your data seriously. The organisation has internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by its employees in the performance of their duties. The Data Protection policy is available to view on our website, or can be obtained in a paper version by contacting student services.
All data collected and processed on behalf of the ESFA or OfS will be held for as long as we are legally required to do so, currently until at least 2030 for some data, but in most instances, it will be 7 years. Other data will be held as long as is necessary to fulfil our duty as a college. Any data provided by consent may be deleted upon request. Further information is available in ‘Appendix 3 - Retention of College Records’ as part of the College’s ‘ pdf Data Protection Policy Statement and Procedure (317 KB) ’.
Our website provides some external links for your convenience and information. If you access those links, you will leave our website. We do not control those sites or their privacy practices, which may differ from our own. We do not endorse or make any representations about third-party websites. Our Privacy Statement does not cover the personal data you choose to give to unrelated third parties. We encourage you to review the privacy policy of any company before submitting your personal information.
As a data subject, you have a number of rights. You can:
If you would like to exercise any of these rights, please contact the data protection officer at This email address is being protected from spambots. You need JavaScript enabled to view it. .
If you believe that SMB College Group has not complied with your data protection rights, you can complain to the Information Commissioner.
Failure to provide data required to meet legal obligations will result in us not being able to enrol you as a student. Failure to provide other information (except such informatin that requires consent), for example learning difficulty information, may result in the college being unable to provide the standard of service we would wish to provide.
No decisions are based solely on automated decision-making.
This privacy notice is regularly reviewed. This is to make sure that we continue to meet the highest standards and to protect your privacy. We reserve the right, at all times, to update, modify or amend this notice. We suggest that you review this privacy notice from time to time to ensure that you are aware of any changes we may have made, however we will not significantly change how we use information that you have already given to us without your prior agreement.
The SMB Group
Brooksby Campus
Brooksby
Leicestershire
LE14 2LJ
Website Address: www.smbcollegegroup.ac.uk
Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
