Course Basket
Your basket is empty.
If you have any concerns about your privacy at SGS, email us [email protected].
SGS collects and processes personal data about prospective, current and former learners and their parents; suppliers and contractors; and other individuals connected to or visiting the College.
The personal data we process takes different forms - it may be demographic information (such as names and addresses), factual information, expressions of interest and opinion, images or other recorded information which identifies or relates to a living individual. Examples include:
As a further education college, we also need to process special category personal data (including, for example, health, ethnicity, religion or biometric data) and criminal record information about some individuals (particularly learners on health and social care courses, or courses of study which come into contact with children or vulnerable adults). We always collect special category data in accordance with applicable law (including with respect to safeguarding, employment and the Public Sector Equality Duty) or by explicit consent.
We aim to collect most of the personal data we process directly from the individual concerned (or in the case of learners, from their parents or guardians). In some cases, we collect data from third parties (for example, previous schools, referees from the Disclosure and Barring Service, or professionals or authorities working with the individual) or from publicly available resources.
Personal data held by us is only processed by trained members of staff for the purposes for which the data was provided. We take appropriate technical and organisational steps to ensure the security of personal data about individuals, including policies around the use of technology and devices, and access to college systems.
We process personal data to support the College's operations and in particular for:
The processing set out above is carried out in order to fulfil our legal and contractual obligations (including those related to our staff employment contracts). These purposes also form part of our legitimate interests.
In the course of providing education, support or other services, we may need to share personal data (including special category personal data, where appropriate) with third parties such as awarding bodies, the Department for Education, the Education and Skills Funding Agency, local authorities (including the West of England Combined Authority, WECA) and other relevant authorities (such as the Local Children Safeguarding Board, the Disclosure and Barring Service, UK Visas and Immigration and HM Revenue and Customs). Some of our systems are provided by third parties or cloud storage providers. This is always subject to contractual assurances that personal data will be kept securely and only in accordance with our specific directions.
We may share your data with:
We do not transfer personal data outside of the European Economic Area unless we are satisfied that the personal data will be afforded an equivalent level of protection.
South Gloucestershire and Stroud College does not share or sell personal data to other organisations for its own purposes.
We will share ordinary personal data with the parents (or guardians) of learners under the age of 18 for the purposes of keeping parents (or guardians) informed about activities, progress and behaviour, and in the interests of a learner's welfare, unless, in our opinion, there is a good reason to do otherwise.
We use technology and third party service providers to monitor how you interact with our website. This may include which links you click on, or information that you type into our online forms. This may also include information about your device or browser or where you are geographically located.
We have a legitimate interest in understanding how you interact with our website to better improve it, and to understand your preferences and interests in order to select offerings that you might find interesting. As when using all websites, we recommend that to read the cookie notice carefully before consenting to the use of cookies.
Security of your data
We retain personal data only for a legitimate and lawful reason and only for as long as necessary or as required by law. The College has also adopted Data Retention Guidelines, which set out the time period for which different categories of data are kept.
We have physical, electronic and managerial procedures to safeguard and secure the information we collect.
But please remember
You have various rights under data protection law to know and understand what personal data we hold about you, and in some cases to ask for it to be erased or amended, or for us to stop processing it, subject to certain exemptions and limitations.
View our Data Privacy & Protection Policy
You always have the right to withdraw consent, where given, or to otherwise object to receiving marketing communications. Please be aware, however, that the school may have another lawful reason to process the personal data in question, even without your consent. That reason will usually have been asserted under this Privacy Notice, or may exist under some form of contract or agreement with you (e.g. an employment contract, or because you have purchased goods or services from the College).
If you would like to know what personal data we hold or request that the College amend it, or you would like it to be transferred to another person or organisation, or you have some other objection to how your personal data is used, please contact the College.
We will respond to any such written requests as soon as is reasonably practicable and in any event within statutory time limits, which is one month in the case of requests for access to information. The College will always be better able to respond more quickly to smaller, targeted requests for information. If we consider a request to be manifestly excessive or similar to previous requests, we may ask you to reconsider it.
You should be aware that the right of access provides a right to know what information we hold and for what purpose, but it does not provide an automatic right to assess the documents your personal data may be contained within, and certain data is exempt from the right of access. This may include information which identifies other individuals, is commercially sensitive or is subject to legal privilege. We are also not required to disclose examination scripts, or any confidential reference given by us for the purposes of the education, training or employment of any individual.
Your choices
View our Data Privacy & Protection Policy
The rights under data protection legislation belong to the individual to whom the data relates. However, we will often rely on parental consent to process personal data relating to learners (if consent is required) unless, given the nature of the processing in question and the learner's age and understanding, it is more appropriate to rely on the learner's consent.
Parents should be aware that in such situations they may not be consulted, depending on the interests of the child, the parents’ rights at law or under their contract, and all the circumstances.
However, where a learner seeks to raise concerns confidentially with a member of staff and expressly withholds their agreement for their personal data to be disclosed to their parents, we may be under an obligation to maintain confidentiality unless, in our opinion, there is a good reason to do otherwise for example, where we believe that disclosure is in the best interests of the learner, others or is required by law.
Access to and correction of your information
Learners, and other individuals, can make subject access requests for their own personal data. A person with parental responsibility is also entitled to make a subject access request on behalf of a learner, but the information in question is always considered to be the learner's. Where a parent or other representative seeks to make a subject access request on behalf of a learner, the College will act to obtain the consent of that learner before disclosing personal data.
You may request that we confirm whether or not we are processing your personal data. If we are, you may request a copy of your personal data, which we will provide free of charge, together with information about how we process it, such as the purposes of the processing and the categories of personal data concerned. However, this is not an absolute right and the interests of other individuals may restrict your right of access. For further copies, we may charge a reasonable fee based on administrative costs. We may decline requests that are excessive or repetitive.
Rectification: You may edit some of the personal data we hold about you. You can also ask us to change, update or fix your personal data in certain cases for example, if it is inaccurate.
Erasure: You can request that we erase your personal data. However, this is not an absolute right and we may be unable to erase personal data that we are required to retain for statutory, contractual or other purposes.
Restrict processing: You can ask us to restrict our processing of your personal data, but only under certain circumstances, such as if your personal data is inaccurate or unlawfully held.
Data portability: You may ask for a copy of the personal data you provided to us in a structured, commonly used and machine-readable format, and you may have the right to transmit this data to another entity.
Objections: You may object to the processing of your personal data on grounds relating to your particular situation under certain circumstances for example, for direct marketing. If you have a right to object and you exercise this right, your personal data will no longer be processed for such purposes by us, unless there are over-riding compelling legitimate grounds for the processing, or as otherwise provided under applicable law.
Please note that we may need to retain certain information for record-keeping purposes, to complete any transactions that you began prior to your request, or for other purposes as required or permitted by applicable law.
Changes of details: The College takes all reasonable steps to ensure that personal data held in relation to an individual is as up-to-date and accurate as possible. However, the College expects that individuals will notify us of any significant changes to important information, such as contact details.
Our Data Privacy and Protection Policy
View our Data Privacy & Protection Policy
This privacy notice should be read in conjunction with our other policies, procedures and terms and conditions which make reference to personal data, including but not limited to our Data Privacy and Protection Policy and our IT Acceptable Use Policy. The College may update this privacy notice from time to time. Any substantial changes that affect how we process your personal data will be notified on our website and to you directly, as far as practicable.
If you believe that we have not complied with this policy or have acted otherwise than in accordance with data protection law, you should notify us at [email protected]. You can also make a referral to or lodge a complaint with the United Kingdom's Information Commissioner's Office (ICO), although the ICO recommends that you seek to resolve concerns with us directly before involving them.
The purposes for processing personal data
View our Data Privacy & Protection Policy
SGS Group and its subsidiaries will only process personal data where that processing is a necessary, targeted and proportionate way of achieving the Group or its subsidiaries' mission.
By way of general guidance
The SGS Group's lawful basis for processing personal data in respect of employee information is that the processing is necessary to fulfil contractual and HMRC obligations, and those within the 'keeping children safe in education' statutory guidance.
The lawful basis for processing personal data in respect of enrolment, funding, awarding body registration, teaching, student support, performance monitoring and research is that the processing is necessary for the organisation to perform a task in the public interest and for its official functions; these tasks and functions have a clear basis in law.
The lawful basis for processing personal data in respect of alumni relations, internal events, fundraising purposes, direct marketing and marketing research is the pursuit of the Group's legitimate interests. (This includes the intra-SGS Group transfer of data for administrative purposes, where those purposes are not detrimental to the rights of the data subject.) SGS Group and its subsidiaries have a lawful basis for further processing, where that processing assists the Trust in achieving its mission and is compatible with the purpose for which the data was initially collected.
SGS Group and its subsidiaries will further process personal data for archiving purposes in the public interest and for research and statistical purposes. The processing of personal data in respect of keeping children safe in education is a legal obligation under the Education Act 2002.
When undertaking any major project concerning the processing of personal data, or considering processing that is likely to result in a high risk to individuals interests, SGS Group will undertake a Data Protection Impact Assessment (DPIA).
SGS Group will share data with the Department for Education (DfE), the Education and Skills Funding Agency and the Office for Students on a statutory basis. This data sharing underpins educational funding and educational attainment policy and monitoring.
Where required, SGS Group will share information about students with our local authority (LA) and the Department for Education (DfE) under section 3 of the Education (Information about Individual Pupils) (England) Regulations 2013.
For academies and free schools, and where required, SGS Group will share information about pupils with the (DfE) under Regulation 5 of the Education (Information about Individual Pupils) (England) Regulations 2013.
SGS Group will share information about students, including special category data, with the Fisher Family Trust or Alps. This information is shared for the purpose of educational attainment monitoring. Information shared with the Fisher Family Trust is subject to a data-sharing agreement for schools using Aspire and is covered through the end user license agreement, which is aligned to GDPR.
For higher education learners, and where required, SGS Group will share information about students with the Office for Students (OfS), the Higher Education Funding Council for England (HEFCE), the Higher Education Statistics Agency (HESA), the Home Office (in connection with UK visas and immigration) and council tax and electoral registration officers at relevant local authorities (for the purpose of assessing liability for council tax and for electoral registration purposes).
Data Breach Notification Guidance
Read our Data Breach Notification Guidance Document.
If you're concerned about your privacy or worried that there may have been a data breach, please contact us.
Our Data Protection Officer can be contacted at:
Data Protection Office
South Gloucestershire and Stroud College
Filton Campus, Filton Avenue
Bristol, BS34 7AT
[email protected]
0800 0567 253 / 0117 931 2121 / 01453 763 424
We can be reached at any of our campuses (just ask at Reception).
Help us make this good statement great
We designed this privacy notice to be as transparent, useful and informative as possible and we would love to hear any feedback on how we can make it even better. Please contact us at [email protected], and one final plea: please don't let this be the last time you read this notice. We may make changes to it from time to time and in response to your feedback - remember, it's your data and your privacy that we're trying to protect!
We currently collect and process information about individuals registered on an SGS Sport Community or Junior Sport Club.
View our SGS Sport Community and Junior Clubs Privacy Statement
Last updated, 4th January 2021 @ 3:19pm.