Privacy Policy

1. Glossary

GUP (GlobalUnipath Ltd): We, GlobalUnipath Ltd (GUP), are responsible for providing educational services through our website and managing your personal data. GUP is the Data Controller for all matters related to data protection and privacy.
Personal Data: Any information that can identify an individual, directly or indirectly such as names, addresses, contact details, or financial information. This excludes information where your identity has been removed (anonymous data).
Processing: Any operation or activity performed on your personal data including its collection, use, storage, sharing, deletion, or retention.
Data Controller: The organisation responsible for deciding how personal data is processed (in this case, GUP).
Data Processor: An organisation that processes data on behalf of the Data Controller.
GDPR: General Data Protection Regulation, the EU law on data protection and privacy.

2. What is the Purpose of this Document?

GUP is committed to protecting the privacy and security of your personal information (‘personal data’). This privacy policy explains how we collect, use, and safeguard your personal data when you engage with us, from the point when you express interest in our programmes, during your studies, and after completing your courses, in accordance with the UK General Data Protection Regulation (UK GDPR) and other applicable data protection laws.

This policy applies to all individuals who have enrolled, are currently enrolled, or have completed studies with GUP, including prospective, current, and former students. We encourage you to read this policy carefully, alongside any specific privacy notices we provide when collecting or processing your personal information, to understand how and why we use your data.

We may update this policy from time to time, and any changes will be reflected on our website. By continuing to engage with our services, you agree to the terms of the updated privacy policy.

3. Who is Using Your Personal Data?

GUP is the "data controller" for the personal information we hold about you as a student or former student. This means that we determine how your data is used and are responsible for ensuring its protection in accordance with the UK GDPR and other applicable data protection laws.

Access to your student records and other personal data will be provided to and shared with relevant academic and administrative staff who need it to fulfil their duties, as outlined in Section [X]. Additionally, your data will be shared with third parties such as Ofqual-recognised awarding bodies, Universities for progression purposes, recruitment partners, and others, as described in Section [Y], for the purposes of providing educational services, accreditation, and support.

4. Data Sharing with Third Parties

In order to fulfil our contractual duties and adhere to legal obligations, we may occasionally be required to share your personal information with the following types of organisations:

Affiliated Awarding Bodies: Your personal and academic data may be shared with affiliated awarding bodies responsible for providing educational services, qualifications, and accreditation. This is necessary to ensure you are properly registered for the qualification and that your progress and achievements are formally recorded.
Partner Institutions and Universities under Collaborative Provision: If your course includes collaborative provision or progression to a partner university, we may share relevant data, such as academic performance and enrolment status, with the university to facilitate your progression and ensure the smooth transfer of credits or qualifications. Employers or prospective employers and other educational institutions.
Service Providers: We may share your data with trusted third-party service providers to help us deliver services such as payment processing, IT service providers, or communication platforms or cloud storage platforms that enables us to deliver services. All such providers are bound by strict confidentiality and data protection obligations.
Legal Authorities: We may share your personal data with law enforcement, regulatory bodies, other governmental bodies such as HESA or Office for the Independent Adjudicator (OIA) or other local authorities when required by law. The data might be used to protect the rights, property, or safety of the institution or its users.
Sponsors or Guardians: With your consent, we may share academic or financial information with your parents, guardians, sponsors, or other authorised parties responsible for your support.
Health and Safety Contractors:
-- External contractors hired to provide advice and implement measures for protecting your health, as well as the health of others, during pandemics, epidemics, or local health emergencies. This may include contractors involved in testing, contact tracing, or enforcing health and safety protocols.
-- All third parties are required to handle your personal data securely and in compliance with applicable data protection laws. When sharing information with third parties, we aim to provide only the minimum data necessary. For instance, in some cases, we may share your student ID instead of your full name or date of birth.
-- All third-party service providers processing data on our behalf are required to implement appropriate security measures in line with our data protection policies. They are not permitted to use your information for their own purposes, and may only process your data for the specific tasks we instruct them to, in accordance with our guidelines.

5. The Types of Data We Hold About You

We may collect, store, and use the following categories of personal data:

Personal Identification Information: Title, full name, date of birth, nationality, photograph and identification documents (passport, driving licence, national id card).
Contact Information: Email address, phone number, residential address.
Admission and Academic Data: School(s) qualification result, dates of study for all the qualifications, university degree transcript and certificate, English Language proficiency result, country where studied and admissions decisions. Assessment records, including records relating to assessments of your work, details of assessments taken, and assessment grades; Information captured in your student record including progression and progression reports Tutorials and online engagement, academic supervision, teaching tutorials on (mention LMS name)
Employment Information: As part for academic eligibility some times we might need students' to demonstrate professional experience. In such case we might need details of any employment you undertake, including your employer’s name, job title, job description.
Financial Information: Bank account details or financial records used to pay tuition fees.
Usage Data: Information about how you use our website or online services (IP address, browser type, activity logs).
Special Categories of Data: Information related to health, disabilities, or support needs where relevant for course accessibility or well-being. Your feedback on course delivery, college services, and the overall student experience, gathered through surveys, focus groups, and other feedback activities.
Details about your usage of our communication and IT systems, including your communication preferences, Wi-Fi access logs, and your interactions with our website and platforms (collected through cookies and similar tracking technologies).

6. How GUP Obtained Your Data

We collect your data through various sources, including:

Collecting information through direct interactions with you (e.g. via application forms, emails, or during enrolment).

Automatic collection through the use of cookies and similar technologies when you visit our website.

Additional information through third parties such as partner institutions, sponsors, employers, banks, other financial institutions or recruitment partners providing information on your behalf.

Throughout your time with us, we will obtain and generate further information about you, as explained in point 5.

7. How GUP Uses Your Data

We will only use your personal data for legitimate purposes, which include:

Processing your application, enrolment, and providing academic support.

Managing tuition fees and financial transactions.

Communicating with you about your course, progress, and important updates.

Ensuring compliance with legal obligations (e.g. regulatory requirements and student visa regulations).

Providing student support and accommodating any specific learning or health needs.

Monitoring your academic performance and attendance.

Overseeing GUP procedures, including handling disciplinary issues, grievances, appeals, academic misconduct and integrity, deadline extensions, or temporary suspensions.

Improving our services and maintaining the security of our systems.

8. Transfer of Your Data Overseas

If we need to transfer your personal data outside the UK or European Economic Area (EEA), we will ensure that appropriate safeguards are in place. This may include using contracts approved by the European Commission or transferring data to organisations with appropriate data protection standards. We will only transfer your data internationally under the following conditions:

The organisation receiving the data adheres to a framework for providing appropriate data protection.

The transfer is subject to legally approved contractual terms that ensure data protection.

You have explicitly agreed to the transfer.

The transfer is necessary to fulfil or initiate your enrolment.

The transfer is required to fulfil a contract with another party, and doing so benefits you.

The transfer is needed to safeguard your vital interests or those of others when consent cannot be obtained.

The transfer is required to support or defend legal claims.

The transfer is necessary for reasons of significant public interest.

9. Data Security

We have implemented appropriate technical and organisational measures to protect your personal data from being accidentally lost, used, or accessed in an unauthorised way. These measures include data encryption, secure servers, and regular security audits.

10. Retention Period

We will only retain your personal data for as long as necessary to fulfil the purposes for which we collected it, including satisfying any legal, accounting, or reporting requirements. After this period, your data will either be deleted or anonymised. For example:

Academic records will be retained for a period of [X years] after you leave the college.

Financial records will be retained in line with statutory tax and auditing regulations.

11. Your Rights

You have a number of rights in relation to your personal data, including:

Right to Access: Request a copy of the data we hold about you.
Right to Rectification: Request correction of any inaccuracies in your personal data.
Right to Erasure: Request the deletion of your personal data when there is no valid reason for us to keep it.
Right to Restriction: Request the limitation of processing under certain conditions or request to transfer or share data with third party.
Right to Data Portability: Receive a copy of your data in a structured, machine-readable format.
Right to Object: Object to the processing of your data in specific circumstances, such as direct marketing.

If you wish to exercise any of these rights, please contact us at: care@globalunipath.com

In certain situations, we may not be able to fulfil your request, especially when we are legally or contractually required to continue processing your personal information. For instance, halting data processing may prevent us from complying with regulatory obligations. However, if we are processing your data based on your consent, you have the right to withdraw that consent at any time. You can do so by emailing the relevant department. Once your consent is revoked, we will cease processing your data as soon as possible. Please note that withdrawing consent will not affect any processing that occurred prior to your request.

If you would like to exercise any of your data rights or have concerns regarding how we manage your personal data, please get in touch with us at: care@globalunipath.com. We will handle your request as efficiently as possible and additionally, we may retain a record of your communication to ensure that any concerns you raise are appropriately addressed.

12. Keeping Your Data Up to Date

It is important that the personal data we hold about you is accurate and up to date. Please inform us of any changes to your personal information (such as contact details) as soon as possible.

13. Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our data practices or relevant laws. Any updates will be posted on our website, and we encourage you to review this policy periodically.