Making Digital Millionaire | ESkillVisor

  • Contact Us
Facebook Instagram Linkedin tiktok Youtube

GDPR

GDPR Compliance Policy

Introduction

Eskillvisor Limited is committed to full compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy outlines our responsibilities and the rights of data subjects (students, staff, parents/guardians, and other stakeholders).

Scope

This policy applies to all staff, contractors, students, and third parties handling personal data on behalf of Eskillvisor Limited.

Data Protection Principles

We adhere to the following principles:

1 Lawfulness, Fairness & Transparency

Data is processed lawfully, fairly, and transparently.

2 Purpose Limitation

Data is collected for specified, explicit, and legitimate purposes.

3 Data Minimisation

Only necessary data is collected and processed.

4 Accuracy

Data is kept accurate and up-to-date.

5 Storage Limitation

Data is kept only as long as necessary.

6 Integrity & Confidentiality

Data is kept secure.

7 Accountability

We take responsibility for compliance with UK GDPR.

Lawful Basis for Processing

We process personal data under one or more of the following lawful bases:

  • Contract (student enrollment, employment contracts).
  • Legal obligation (safeguarding, tax, employment law).
  • Vital interests (protecting the safety of students/staff).
  • Public task (education delivery).
  • Consent (e.g., marketing communications, use of student photos).

Data Subject Rights

All individuals have the following rights:

Right of Access

Right to access their data.

Right to Rectification

Right to rectification of inaccurate data.

Right to Erasure

Right to erasure (where applicable).

Right to Restrict Processing

Right to restrict processing.

Right to Data Portability

Right to data portability.

Right to Object

Right to object.

Automated Decision-Making Rights

Rights related to automated decision-making/profiling.

Making Requests

Requests can be made by contacting the Data Protection Officer (DPO) at Contact

Data Security

  • Secure IT systems with encryption and access controls.
  • Staff training on data protection.
  • Regular audits and monitoring.

Data Breach Procedure

In case of a personal data breach:

  • The DPO will assess risk.
  • The Information Commissioner's Office (ICO) will be notified within 72 hours if required.
  • Affected individuals will be informed if risks to rights and freedoms exist.
×

Join the Priority List