Ravenscroft College — London, United Kingdom
Privacy Policy
Last Reviewed: March 2026 · Next Review: March 2027
Introduction
Ravenscroft College ("the College", "we", "our", "us") is committed to protecting the privacy and personal data of all individuals who interact with us, including prospective and enrolled learners, staff, visitors, and third-party contacts. This Privacy Policy explains how we collect, use, store, and protect your personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR).
Ravenscroft College is the data controller for the purposes of applicable data protection legislation.
What Personal Data We Collect
We may collect and process the following categories of personal data:
- Identity data: full name, date of birth, gender, nationality, passport or ID details.
- Contact data: email address, postal address, telephone number.
- Education data: prior qualifications, academic transcripts, references, English language proficiency evidence.
- Enrolment data: programme of study, student ID, enrolment status, fee payment records.
- Technical data: IP address, browser type and version, device information, cookies, and usage data when accessing our website or virtual learning environment.
- Communication data: records of correspondence with the College including emails, enquiry forms, and support tickets.
- Special category data: where necessary and with explicit consent, data relating to health conditions, disabilities, ethnicity, or religious beliefs for the purposes of safeguarding, equality monitoring, and reasonable adjustments.
How We Collect Your Data
We collect personal data through the following means:
- Directly from you when you complete an application, enquiry form, or enrolment process.
- Through your use of our website, virtual learning environment (VLE), and digital platforms.
- From third parties such as education agents, referees, awarding bodies, and previous education providers, with your knowledge and consent.
- Through cookies and similar tracking technologies (see our Cookie Policy for details).
Legal Basis for Processing
We process personal data under one or more of the following lawful bases:
- Contract: where processing is necessary for the performance of a contract with you (e.g., your enrolment agreement).
- Legal obligation: where we are required to process data to comply with UK law, regulatory requirements, or awarding body obligations.
- Legitimate interests: where processing is necessary for our legitimate interests (e.g., improving our services, communications, and institutional performance), provided these do not override your rights and freedoms.
- Consent: where you have provided explicit consent for specific processing activities, such as receiving marketing communications or processing special category data.
How We Use Your Data
We use your personal data for the following purposes:
- Processing and managing your application and enrolment.
- Delivering educational programmes, assessments, and learner support.
- Communicating with you about your studies, assessments, and College matters.
- Administering fees, payments, and financial records.
- Reporting data to awarding bodies (including OTHM Qualifications, Pearson, and other partners) as required for qualification registration, certification, and quality assurance.
- Meeting regulatory and legal obligations, including reporting to the Office for Students (OfS), Ofqual, UKVI, and other relevant bodies.
- Safeguarding and promoting the welfare of learners.
- Equality monitoring and institutional improvement.
- Marketing and recruitment communications (with your consent).
- Website analytics and improving our digital platforms.
Data Sharing
We may share your personal data with the following categories of recipients, only where necessary and lawful:
- Awarding bodies (e.g., OTHM Qualifications, Pearson) for qualification registration and certification.
- Regulatory bodies such as the Office for Students, Ofqual, and UKVI where legally required.
- University partners for the purpose of progression applications and top-up programme admissions.
- Third-party service providers who assist with IT infrastructure, payment processing, or communications (under appropriate data processing agreements).
- Professional advisors, legal representatives, or law enforcement where required by law.
We do not sell your personal data to any third party.
International Transfers
Where we transfer personal data outside the United Kingdom, we will ensure that appropriate safeguards are in place in accordance with UK GDPR, including Standard Contractual Clauses, adequacy decisions, or other approved mechanisms.
Data Retention
We retain personal data only for as long as is necessary for the purposes for which it was collected, or as required by law. Specific retention periods include:
- Enrolled learner records: retained for six years after the end of the programme of study.
- Application records (unsuccessful): retained for one year after the application cycle.
- Financial records: retained for six years in accordance with HMRC requirements.
- Website analytics data: retained for up to 26 months.
After the applicable retention period, personal data will be securely deleted or anonymised.
Your Rights
Under UK GDPR, you have the following rights in relation to your personal data:
- Right of access: to request a copy of the personal data we hold about you.
- Right to rectification: to request correction of inaccurate or incomplete data.
- Right to erasure: to request deletion of your data where there is no compelling reason for continued processing.
- Right to restrict processing: to request that we limit how we use your data.
- Right to data portability: to request transfer of your data in a structured, commonly used format.
- Right to object: to object to processing based on legitimate interests or for direct marketing purposes.
- Right to withdraw consent: where processing is based on your consent, you may withdraw it at any time.
To exercise any of these rights, please contact us at info@ravenscroftcollege.co.uk. We will respond to your request within one month.
Data Security
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. This includes encryption, access controls, staff training, and regular security reviews.
Complaints
If you are dissatisfied with how we have handled your personal data, you may raise a complaint with us in the first instance. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Information Commissioner's Office
Website: ico.org.uk
Telephone: 0303 123 1113
Changes to This Policy
This policy will be reviewed annually or more frequently where required by changes in legislation or operational practice. The most current version will be published on our website.
Contact
For any enquiries relating to this Privacy Policy or your personal data, please contact: