Privacy Notice

This statement is provided with the intention to comply with your right to be informed under the General Data Protection Regulation. We have also considered your rights under the Privacy and Electronic Communications Regulations.

Who is Gallery Teachers?

Gallery Teachers is a provider of education services.Our head office is at 103 -105 Greenford Road, London, HA1 3QF, United Kingdoms. You can email our Data Protection Officer at [email protected].

How we have collected data about you?

We may collect personal data from you when you:

• use our products or services (i.e. booking a course);
• use our website;
• use of our e-Learning platform;
• interact with us through social media, email, post, text or phone, or use one of our cookies.

In addition, we will also collect personal data from job applicants, employees, ex-employees, associates, members, contractors and temporary employees during their recruitment screening and throughout the tenure of their employment with us.

What data we may hold about you?

We will only collect data from you when if it is necessary for us to do so and we will only collect data that is relevent for the date processing activity. Below is a list of data which we may collect from you:

• Identity Data such as your first name, last name, title, date of birth, gender, nationality, passport or ID number;
• Contact Data such as your e-mail address, address, and telephone number; we may also keep the name, relationship and phone number for your next of kin for emergency contact;
• Academic Data such as your academic qualifications and English language qualifications;
• Visa Data such as passport expire date, visa expiry date, country of birth, place of birth;
• Health Data such as your dietary and medical requirements
• Financial Data such as your bank account details;
• Transaction Data such as details of products and services you have obtained from us and payments made to/from us;
• Technical Data such as your internet protocol (IP) address, login data, operating system and platform;
• Marketing Data such as your marketing and communication preferences in receiving communications from us and our third parties, the technologies used, and any related correspondence;
• Usage Data such as your use of our website, performance and other communication data;
• Survey Data such as your comments and opinions provided in response to a survey.

In addition, we may collect the following additional groups of data with respect to job applicants, employees or ex-employees, contractors, and temporary employees:

• Identity Data such as proof of your identity (e.g. passport, valid driving licence or birth certificate);
• Contact Data such as information about your marital status, next of kin, dependants, personal and emergency contacts details to be used in the event of an emergency;
• Recruitment Data such as details of your education, qualifications, occupation, work history, experience, referees, training and skills development; nationality, entitlement to work in the UK, criminal record (if your role requires this) and equal opportunities monitoring information;
• Employment Data such as the terms and conditions of your employment, salary or fee payments, benefits, work patterns, NI number, attendance, holidays, sickness, disciplinary or grievance issues, medical or health conditions, disabilities (for which Gallery Teachers needs to make reasonable adjustments); and information about your vehicle, driving licence, MOT and insurance documents if you drive on company business;
• Performance Data such as performance reviews and ratings, performance development plans and related correspondence; and timesheet information;
• Activity Data such as the websites our employees visit while using an company computer or company network, and the activity logs held within company systems and databases;
• Communications Data such as the emails you send or receive via the company email system

Why are we able to process your data (lawful basis)?

• Consent – you have given consent to us for the processing of your personal data for one or more specific purposes.
• Contract – processing is necessary for the performance of a contract which you have entered with Gallery Teachers. This could either be that we are provide a product or service to you, or to receive something from you. Examples include: employment contracts; and agreements for the provision of our products or services. We are also acting under the performance of contract if we collect or process your data for the purposes of entering into a contract, if you have expressed an interest in working with us.
• Legal obligation – we may be legally obliged to process certain data about you, for example to maintain student data for immigration compliance. In some cases, we are obliged to share personal data with third parties, such as UKVI and HMRC.
• Vital interests – processing is necessary to protect your vital interests. For example medical and dietary details.
• Public task – processing is necessary to perform a task in the public interest with clear basis in law.
• Legitimate interest – processing is necessary for our legitimate interests, or the legitimate interests of a third party, as long as it does not conflict with your interests or fundamental rights and freedoms. We will always balance our legitimate interest with yours before using legitimate interest as lawful basis of processing your data.

Why are we processing your data?

Your personal data is used by us to support a range of different purposes and activities. These are listed in the table below together with the types of data used and the lawful base(s) we rely on when processing them, including where appropriate, our legitimate interests. Please be aware that we may process your personal data using more than one lawful basis, depending on the specific activity involved. Please contact us if you need details about the specific lawful basis we are relying on to process your personal data where more than one basis is set out below.

For job applicants, employees, ex-employees, contractors and temporary employees only:

How are we keeping your data safe?

Gallery Teachers takes security measures in line with data protection regulations. We have security measures in place designed to prevent data loss, to preserve data integrity, and to regulate access to the data. Most data are stored with reputable specialized cloud-based third-party database and data storage providers, with state of the art security and reliable and multiple secure backups. Only authorised Gallery Teachers employees and contractors have access to your personal data. In addition, contracts are in place with such third-party service providers acting as data processors for Gallery Teachers that have access to your personal data, to ensure that the level of security required in your jurisdiction is in place, and that your personal data is processed only as instructed by Gallery Teachers.

How long do we keep your personal data?

Gallery Teachers will keep your personal data for only as long as we need to or as required by law. The exact time period for which we retain your personal data will depend on the purpose of which the data was collected. If you have an account with us, then we will hold your data until you wish to cancel your account.

Who else may we share your personal data with?

We may disclose and share your personal data with the parties set out below:

• The companies and divisions of Gallery Teachers
• Government agencies, their partners and other third parties to comply with our legal obligation or public interest responsibilities (such as UKVI, Ofqual, DfE, HMRC, Magistrates Courts, Employment Tribunals and Local Authorities)
• Third-party vendors, business partners or other third parties that we use to support the operation of our business. For example, to: carry out criminal or credit checks; provide IT systems and software, internet access, website or hosting solutions; organise events or provide marketing and advertising services; provide training and development services; deliver employee benefits, run our payroll, and provide employee assistance;
• Suppliers such as hotel, airline, academic and activity providers. Please note that these suppliers are independent data controllers and we encourage you to review the privacy notice of any third-party supplier whose products you purchase or booked through Gallery Teachers. Suppliers may also contact you as necessary to obtain additional information about you in order to provide the required services.
• Our professional advisers including auditors, lawyers, bankers and insurers who provide professional advice, accounting, banking, legal, insurance, and pension services, or to meet our audit responsibilities;
• Where you have consented for us to do so.

We require all third parties who are processing data on our behalf to respect the security of your personal data and to treat it in accordance with the law. We do not allow our data processors to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

International Transfers

Where data is transferred outside of the EEA, we will take steps to ensure that appropriate measures and controls are in place to protect that data in accordance with relevant data protection laws and regulations. In each case, such transfers are made in accordance with the requirements of the General Data Protection Regulations or “GDPR”.

What are your rights?

You have the right to be informed of fair processing information with a view to transparency of data. This policy notice is intended to fulfil that right.

You have the right to access the information we hold. You should make such a request in writing to our Data Protection Officer using the above contact information. We shall provide the data within 1 month. In exceptional cases we may extend this to 3 months. You will be notified within 1 month when we believe this to be an exceptional case requiring a longer period of compliance. Where a request is manifestly unfounded or excessive we may charge a reasonable fee or refuse the request. In the event of a fee or refusal, you will be advised of this and your further rights relating to the fee or refusal.

You have the right to request the information we hold is rectified if it is inaccurate or incomplete. You should contact our Data Protection Officer using the above contact information and provide him with the details of any inaccurate or incomplete data. We will then ensure that this is amended within one month. We may, in complex cases, extend this period to two months.

You have the right to erasure in the form of deletion or removal of personal data where there is no compelling reason for its continued processing. We have the right to refuse to erase data where this is necessary in the right of freedom of expression and information, to comply with a legal obligation for the performance of a public interest task, exercise of an official authority, for public health purposes in the public interest, for archiving purposes in the public interest, scientific research, historical research, statistical purposes or the exercise or defence of legal claims. You will be advised of the grounds of our refusal should any such request be refused.

You have the right to restrict our processing of your data where you contest the accuracy of the data until the accuracy is verified. You have the right to restrict our processing of your data where you object to the processing (where it was necessary for the performance of a public interest task or purpose of legitimate interests), and we are considering whether our organisation’s legitimate grounds override your interests. You have the right to restrict our processing of your data when processing is unlawful and you oppose erasure and request restriction instead. You have the right to restrict our processing of your data where we no longer need the data and you require the data to establish, exercise or defend a legal claim. You will be advised when we lift a restriction on processing.

You have the right to data portability in that you may obtain and reuse your data for your own purposes across different services, from one IT environment to another in a safe and secure way, without hindrance to usability. The exact method will change from time to time. You will be informed of the mechanism that may be in place should you choose to exercise this right.

You have the right to object to the following:

• processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);
• direct marketing (including profiling); and
• processing for purposes of scientific/historical research and statistics

You have the right to withdraw your consent at any time.

You have the right to lodge a complaint with a supervisory authority such as the Information Commissioner’s Office or any other of our regulators or accreditors that may regulate or provide accreditations to us from time to time. We advise that you exhaust our internal complaints procedure prior to referring the matter to any supervisory, regulatory or accrediting body. A copy of our complaints process is available from our Data Protection Officer at the contact information above.

How do we use your data on the website?

When you register for the site, you may be asked to provide certain personal data for display on your profile. The “Name” field is required as well as public, and user profiles are visible to any site visitor. Other profile information may be required or optional, as configured by the site administrator.

User information provided during account registration can be modified or removed on the Profile > Edit panel. In most cases, users also have control over who is able to view a particular piece of profile content, limiting visibility on a field-by-field basis to friends, logged-in users, or administrators only. Site administrators can read and edit all profile data for all users.

We collect information about you during the checkout process on our store.

While you visit our site, we’ll track:

• Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
• Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
• Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!

We’ll also use cookies to keep track of basket contents while you’re browsing our site.

Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:

• Order information like what was purchased, when it was purchased and where it should be sent, and
• Customer information like your name, email address, and billing and shipping information.

Our team members have access to this information to help fulfil orders, process refunds and support you.

When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:

• Send you information about your account and order
• Respond to your requests, including refunds and complaints
• Process payments and prevent fraud
• Set up your account for our store
• Comply with any legal obligations we have, such as calculating taxes
• Improve our store offerings
• Send you marketing messages, if you choose to receive them

If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.

We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for XXX years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.

We accept payments through Stripe, PayPal and Alipay. When processing payments, some of your data will be passed to Stripe, PayPal and Alipay, including information required to process or support the payment, such as the purchase total and billing information.

For Job and Resume

This site adds the following cookies to help users resume job submissions that they have started but have not completed: wp-job-manager-submitting-job-id and wp-job-manager-submitting-job-key

For Affiliate

What and where we store:

• If you are an affiliate, we store a cookie with your affiliate ID and map it to the user accessing our site with your link.
• If you are a visitor accessing our site with the affiliate link, we store your IP address. And if you place an order, then your order details are stored along with your IP address.

Export/Delete personal data

Exporting personal data is available for both – affiliate and visitor.

Export/delete of personal data will be processed only after receiving confirmation about it.

For deleting cookie data, a visitor can simply delete cookies from their browser.

For Site Review

We will also store comments or reviews, if you choose to leave them.

When visitors leave reviews on the site, we collect the data shown in the review form and also the visitor’s IP address to help spam detection. The review may be checked through Akismet, an automated spam detection service. The Akismet service privacy policy is available here: https://akismet.com/privacy/.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your review, your profile picture is visible to the public in the context of your review.