Kaplan Financial Privacy Notice
Kaplan Financial is committed to maintaining the privacy and security of your personal data.
This Privacy Notice explains how we collect, use, share and protect your personal data. It is important that you read this Privacy Notice so that you are aware of how and why we are using your personal data.
This Privacy Notice is provided in a layered format so you can click through to the specific areas set out below:
- Who we are
- Data Protection Officer
- What is personal data?
- Data protection principles
- How we use your personal data
- The personal data we collect from you
- When and how we share your personal data with others
- Transfer of your personal data to other countries
- The security of your personal data
- Our storage and retention of your personal data
- Your rights as a data subject
- Changes to this privacy notice
Who we are
Kaplan Financial is a "data controller". This means that we are responsible for deciding how we hold and use personal information about you. Where we act as a data controller, we are required under data protection legislation to notify anyone who provides personal data to us, either directly or through a third party, of the information contained in this Privacy Notice.
Kaplan Financial is the trading name for Kaplan Financial Limited (company number 01028790 and registered address at 179 – 191 Borough High Street, London SE1 1HR) so when we mention "Kaplan", "we", "us" or "our" in this Privacy Notice, we are referring to this company which is responsible for processing your data.
Data Protection Officer
We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this Privacy Notice, including any requests to exercise your legal rights, please contact the DPO using the details set out below:
Name of DPO: Rachael Convery
Email address: email@example.com
Postal address: 2nd Floor, Warwick Building, Kensington Village, Avonmore Road, London W14 8HQ.
You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
What is personal data?
Personal data is any information about an individual from which that individual can be identified. Your name, address, phone number and bank account number are examples of personal data. It does not include data where the identity has been removed (anonymous data).
Data protection principles
We will comply with data protection law. This says that the personal information we hold about you must be:
- Used lawfully, fairly and in a transparent way.
- Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
- Relevant to the purposes we have told you about and limited only to those purposes.
- Accurate and kept up to date.
- Kept only as long as necessary for the purposes we have told you about.
- Kept securely.
How we use your personal data
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- Where we need to perform a contract we have entered into with you.
- Where we need to comply with a legal obligation.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
We may also use your personal data in the following situations, which are likely to be less common:
- Where we need to protect your vital interests (or someone else's interests).
- Where it is needed in the public interest (for example, equal opportunities monitoring) or for official purposes.
Generally we do not rely on consent as a legal basis for processing your personal data other than in relation to sending direct marketing communications to you via email. You have the right to withdraw consent to marketing at any time by contacting us.
The personal data we collect from you
When you request information or make enquiries about any of our services or programmes, we may use the personal data you provide in order to fulfil your request or respond to your enquiry. It is in our legitimate interests to use your personal data in this way so that you receive the information you have requested.
Enrolments and orders
If you submit a booking request, enrol onto one of our programmes or purchase any of our other products or services, we may collect the following categories of personal data about you:
- Personal contact details such as name, title, addresses, telephone numbers, and personal email addresses.
- Date of birth.
- Nationality and country of residence.
- Education history.
- Employment history.
- Funding information.
- Bank account details.
- Billing address.
- Credit card or other payment information in order to process your payments.
This information will be used by us to perform the contract we have entered into with you.
We may also ask you to disclose information regarding any criminal convictions you may have. We need to use this information in order to comply with our legal obligations.
During your programme we may collect information about your academic experience and progression. This is in order to fulfil our contract with you but it is also in our legitimate interests to use this personal data in order to monitor the provision of our service to you.
We may also collect personal data about your health in order to make appropriate arrangements and reasonable adjustments for you regarding your welfare or attendance. We use this information in order to perform our contract with you and in order to comply with our legal obligations.
Where you have explicitly consented to do so, we may use your personal data to inform you of special offers and new or existing services that we believe may be of interest to you.
If you would prefer that we do not send such communications to you, please follow the opt-out links on any marketing message or contact us using the contact details in this Privacy Notice.
Internal business purposes
We also may use your personal data for our internal business purposes. This is in our legitimate interests in order to operate as a business and monitor and improve the services we provide. Where possible we will anonymise this information. Please contact us using the contact details in this Privacy Notice if you would like more information.
Automated technologies or interactions
If you fail to provide personal data
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
When and how we share your personal data with others
We may share your personal data with third parties where required by law, where it is necessary to perform a contract or where we have a legitimate interest in doing so. Such third parties may include the following:
- Our service providers: We may share your personal data with other companies that perform certain services on our behalf. These services may include processing payments, providing customer service and marketing assistance, performing business and sales analysis and supporting our website and IT functionality. These service providers may be supplied with or have access to your personal data solely for the purpose of providing these services to us or on our behalf. Kaplan is the data controller and will remain accountable for your personal data.
- Your employer or sponsor: We may share your personal data with your employer or sponsor with whom we have a contract relating to your programme of study.
- Parents and guardians: If you are under 18, we may share your personal data with your parents or guardians in order to perform our contract, comply with our legal obligations and if it is in your vital interests.
- Other entities in the Kaplan group: We may share your personal data with other entities in our group as part of our regular reporting activities on company performance, in the context of a business reorganisation or group restructuring exercise or for system maintenance support and hosting of data.
- Professional bodies and regulators: We may need to share your personal data if required by a professional body or institute related to your programme or if required by a regulatory body or to otherwise comply with law.
- Others: We may share your personal information with other third parties such as in the context of the possible sale of our business. We may also need to share your personal data in order to permit us to pursue available remedies or limit damages we may sustain.
Transfer of your personal data to other countries
As we are an international business with employees, entities and service providers all over the world, we may need to transfer the personal data you provide to us to other countries which may be outside the European Economic Area (EEA).
The data protection laws in such countries may not be as comprehensive and provide the same level of protection for your personal data as those within the EEA. In these circumstances, we will take appropriate steps to ensure that your personal data is handled as described in this Privacy Notice. These steps will include appropriate contractual mechanisms. Please contact us using the contact details in this Privacy Notice if you would like more information.
The security of your personal data
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, service providers, business partners, agents and other third parties who have a legitimate need to know. They will only process your personal information on our instructions or as otherwise agreed and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
Our storage and retention of your personal data
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. Please contact us using the contact details in this Privacy Notice if you would like more information.
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your working relationship with us.
In some circumstances we may anonymise your personal data so that it can no longer be associated with you, in which case we may use such information without further notice to you.
Your rights as a data subject
Under certain circumstances, by law you have the right to:
- Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- Request correction of the personal that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
- Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
- Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal data to another party.
If you want to review, verify, correct or request erasure of your personal data, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact us using the contact details in this Privacy Notice.
No fee usually required
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
Your right to withdraw consent
In circumstances where you may have provided your consent to the collection, processing and transfer of your personal data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact us using the contact details in this Privacy Notice. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
Changes to this Privacy Notice
We reserve the right to update this Privacy Notice at any time, and we will provide you with a new Privacy Notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.
Kaplan Cookies Policy
What is a cookie?
A cookie is a simple text file that is stored on your computer or mobile device by a website's server. Only that server will be able to retrieve or read the contents of that cookie. Each cookie is unique to your web browser. It will contain some anonymous information such as a unique identifier as well as the site name. Cookies may be set by the website you are visiting ("first party cookies") or they may be set by other websites who run content on the page you are viewing ("third party cookies").
How are cookies used?
Categories of cookies?
The cookies used by our website, or that will be used in the future, are classified as follows:
- Strictly necessary
Explanations of each category and the cookies that Kaplan Financial Limited uses in each category are detailed next.
Some cookies are strictly necessary in order to enable you to move around the website and fully use its features. Without these cookies, we will not be able to provide certain features, such as automatically signing in to protected areas.
|Name of Cookie
||The Kaplan website uses EcommerceSSO, EcommerceSSO1, FedAuth and FedAuth1 to maintain your user session whilst you are completing a purchase.
||The Kaplan website uses StsSiteCookie, which is an authentication cookie stored on the users machine to determine if they are already logged in and sends user back to the SharePoint site.
||The Kaplan website uses ASP.NET to allow web servers to respond to your actions on the website. The website wouldn't work for you without it.
Performance cookies can be used to help us provide you with a better user experience. Information supplied by these cookies helps us to understand how our visitors use the Kaplan website so that we can improve how we present our content to you. They also allow us to test different design ideas for particular pages, such as the Kaplan homepage. We generally contract with independent measurement and research companies to perform these services for us and when this is the case, these cookies may be set by a third party company (third party cookies).
|Name of Cookie
||The Kaplan website uses Google Analytics. This is a web analytics service provided by Google, Inc. Google Analytics sets a cookie in order to evaluate use of those services and compile a report for us. User data is anonymous.
Opt-out of Google Analytics cookies.
|Name of Cookie
||The Kaplan website uses Medallia to collect feedback on product pages, helping us to excel in online lead generation, optimise our landing pages and overcome form abandonment.
Opt-out of Medallia cookies.
|Name of Cookie
||The Kaplan website uses Doubleclick cookies. These are used to help us and our advertisers see which advertisements you click on and interact with. Each individual advertiser uses its own tracking cookies and the data taken is not confidential or interchangeable.
Opt-out of Google Analytics cookies.
||The Kaplan website uses Remarketing cookies. Google Remarketing allows us and our advertisers to advertise relevant information to users. Remarketing cookie lists are stored in a database on Google's servers, which store all the cookie IDs associated with each list.
Opt-out of Google Analytics cookies.
Cookies enable us to learn about what ads you see, what ads you click, and other actions you take on our site. This allows us to provide you with more useful and relevant ads. They also limit the number of times that you see an ad and help us measure the effectiveness of our marketing campaigns. The advertising cookies are in accordance with each provider’s policies:
Facebook and Instagram: https://www.facebook.com/about/privacyshield
To support our content, we sometimes embed photos and video content from websites such as YouTube, Twitter, Facebook and Wufoo. As a result, when you visit a page containing such content, you may be presented with cookies from these websites. Kaplan does not control the dissemination of these cookies and you should check the relevant third party's website for more information
You will also see embedded "share" buttons on the Kaplan web pages; these enable users to easily share content with their friends through a number of popular social networks. When you click on one of these buttons, a cookie may be set by the service you have chosen to share content through. Kaplan does not control the dissemination of these cookies. Examples currently on our website include:
What to do if you don't want cookies to be set?
If you prefer, it is possible to block some or all cookies or even to delete cookies that have already been set; but you need to be aware that you might lose some functions of that website. To do this, please follow the instructions below which outline "how to turn off cookies on your browser". There are also instructions in each category of cookies above which give information on how to opt out of some individually, for example Google Analytics.
How to turn off cookies on your web browser for all websites?
All recent versions of popular browsers give users a level of control over cookies.
Users can set their browsers to accept or reject all, or certain, cookies. Users can also set their browser to prompt them each time a cookie is offered. The main browser types and instructions on how to turn off cookies for ALL sites, not just Kaplan are available on the aboutcookies.org website.
If you would like to find out more information about cookies:
Information Commissioner's Office
The Information Commissioner's Office is the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.
Information about cookies
Useful information about cookies can be found at aboutcookies.org.
Internet Advertising Bureau
A guide to behavioural advertising and online privacy has been produced by the Internet Advertising Industry.
International Chamber of Commerce United Kingdom
Information on the ICC (UK) UK cookie guide can be found on the ICC website section.