Overview
Topuplearning takes the responsibility regarding the security of the personal information seriously. The Policy aims to safeguard the privacy and security of personal information. Topuplearning is committed to comply with the European Union General Data Protection Regulation (GDPR). This policy sets out the manner in which personal data of staff, Board members, students, parents/guardians, agents and other individuals who come into contact with Topuplearning. This information is gathered in order to enable us to provide education and other associate services or functions. In addition, there are legal requirements to collect and use information to ensure that we comply with the statutory obligations.
Aim
This Policy will ensure:
Topuplearning processes personal data fairly and lawfully and in compliance with the Data Protection Principles.
All staff involved with the collection, processing and disclosure of personal data will be aware of their duties and responsibilities under this policy.
That the data protection rights of those involved with the company are safeguarded.
Confidence in the company’s ability to process data fairly and securely.
Scope
This Policy applies to:
Personal data of all staff, Board members, students, parents/guardians, agents and any other person carrying out activities on behalf of Topuplearning.
The processing of person data, both in manual form and on computer; and
All staff and Board members.
The Data Protection Principles
Topuplearning will ensure that personal data will be:
Processed fairly, lawfully and in a transparent manner
Collected for specified, explicit and legitimate purposes and not further processed for other purposes incompatible with those purposes.
Adequate, relevant and limited to what is necessary in relation to the purposes for which data is processed.
Accurate and, where necessary, kept up to date.
Kept in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed.
Processed in a way that ensures appropriate security of the personal data including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
Kept securely and accessible only to authorised persons. The company will be able to demonstrate compliance with these principles. The company will have in place a process for dealing with the exercise of the following rights by Board members, staff, students, parents and members of the public in respect of their personal data -making including profiling.
Topuplearning will have in place a process for dealing with the exercise of the following rights by staff, Board members, students, parents/guardians, agents and members of the public in respective of their personal data:
To be informed about what data is held, why it is being processed and who it is shared with;
To access their data;
To rectify the record;
To erase;
To restrict processing;
To data portability;
To object to processing;
Not to be subject to automated decision-making including profiling.
Roles and Responsibilities
Topuplearning has appointed a Data Protection Officer (DPO) for the School to ensure that the School complies with the Data Protection Principles in the processing of personal data, including the way in which the data is obtained, stored, used, disclosed and destroyed.
The DPO has the responsibility for all issues relating to the processing of personal data and will report directly to the top management of the School or the Board.
The DPO will deal with subject access requests, requests for rectification and erasure and data security breaches.
Complaints about data processing will be dealt with in accordance with the School’s Feedback Management System.
The DPO is responsible for ensuring that all departments and their support services implement good data protection practices and procedures and for compliance with Data Protection Principles.
It is the responsibility of all staff to ensure that their working practices comply with the Data Protection Principles.
Disciplinary action may be taken against any employee who breaches any of the instructions or procedures forming part of this policy.
Types of Personal Data We Collect
Topuplearning will request information through several ways such as Topuplearning’s websites, application portals, forms, surveys and/or other channels that may be used to personally identify you, including but not limited to:
Your personal information such as your name, NRIC/FIN/Passport number, date of birth, marital status, gender, race/ethnic origin, physical/mental health, religion/belief, visual images
Your or your sponsor’s financial details
Your family/next of kin details such as the name, relationship, telephone number and addresses.
Your contact information such as postal addresses, email addresses, telephone and fax numbers;
Your past and present employment information such as company name, company type, sector, designation, business telephone and fax numbers
Your past and present academic qualifications such as school attended, course of study, period of study and academic results;
Your billing information, including name of the credit/debit cardholder, credit/debit card number and expiry data
Your attendance and disciplinary records, offences and alleged offences
Purpose for Which the Personal Data is Collected, Used and Disclosed
Topuplearning process personal information to enable the Schools to provide education, training and educational support services to our clients. It is also necessary for us to ensure the safeguarding of our students and maintain student welfare. In addition, this information is required for us to administer School’s property, maintain our own accounts and records, to support and manage our employees, and to fulfil the various statutory and accreditation requirements. Topuplearning may use the personal data you provided for one or more of the following purposes:
In relation to your registration for courses, student contracts, payments, course previews, open house, exhibitions, events, seminars, workshops, webinars;
For the supply of any goods and/or services which we may offer to you or may require from us;
For your use of the online services at any of our websites and/or through other digital or telecommunication channels;
For identification and verification purposes in connection with any goods and/or services that may be supplied to you;
To contact you regarding your enquiries and feedback;
For the conduct of statistical studies and analysis by us or on our behalf;
To administer contests and lucky draws conducted by us or on our behalf;
To send news and event updates, and/or marketing campaigns in relation to the goods and/or services that we and/or our business partners provide or on our behalf. You may unsubscribe from this service at any time;
To facilitate payment for goods and/or services provided by us or our subsidiaries, and/or a third party on our behalf including verification of credit card details with third parties and using the personal data you provide to conduct matching procedures against databases of known fraudulent transactions (maintained by us or third parties);
To disclose to a third party to comply with any law, legal requirements, orders, directions or requests from any court, authority or government body of any jurisdiction
To help us improve our services to you
To disclose to our partnering institutions/universities/associations for the purpose of sales consultation, enrolment, examination and academic related matters.
We also use CCTV systems to monitor and collect visual images for security and the prevention of crime.
Who the Information is Processed About?
Topuplearning processes personal information about:
Our students
Agents or other professional services
School staff
Board members
Suppliers
Complainants and enquirers
Individuals captured by CCTV images
Who the Information may be Shared with?
Topuplearning sometimes need to share the personal information we process with the individual concerned and with other organisations. Where this is necessary, we are required to comply with the GPPR. The types of organisations we may need to share some of the personal information we process with for one or more reasons:
Education, training, career and examining bodies
Agents
School Staff and Board members
Family, associates and representatives of the person whose personal data we are processing
Local and Central government
Healthcare professionals
Social and welfare organisations
Police forces
Courts
Current, past or prospective employers
Business associates and other professional advisers
Suppliers and service providers
Financial organisations
Security organisations
Press and media
Rights to Access and Correct Personal Data
You have the right to access and correct your personal information held by us. Topuplearning will attempt to keep your records complete, accurate and up to date. If you have any reason to believe that your records with us are inaccurate, incomplete or not updated, please notify us in a timely manner. If you wish to request for access to, or to correct data held by us, please forward your request to the DPO@topuplearning.com. Topuplearning reserve the right, or may, charge a reasonable fee for the processing of any data access request. We will correct your personal data as soon as practicable.
Withdrawal of Consent
Topuplearning will only process your personal data for purposes as stated above, in the event that your personal data is being processed for other purposes (with your consent), you have the right to request us to stop such processing. If you no longer wish to receive marketing messages from us via voice call, text and/or fax messages or wish to withdraw your consent to the data processing/use of your personal data by us, you may request to withdraw your consent by requesting to the DPO@topuplearning.com.
Link to Other Websites
Topuplearning’s websites and other digital and telecommunication channels may contain links to other sites that are operated by third party companies with different privacy practices. You should remain alert and read the privacy statements of other sites. Topuplearning has no control over the personal data submitted or received from these third parties.
Storage and Protection of Personal Data
Topuplearning protects the personal data collected by maintaining reasonable security arrangements to prevent unauthorised access, collection, disclosure, copying, modification, disposal or other similar risks. Topuplearning will put in place measures such that your personal data in our possession is destroyed and/or anonymised as soon as it is reasonable to assume that:
The purpose for which that personal data was collected is no longer being serviced by the retention of such personal data; and
Retention is no longer necessary for any other legal or business purposes
Transfers
It may sometimes by necessary to transfer personal information overseas. When this is needed, information may be transferred to countries or territories around the world. Any transfers made will be in full compliance with all aspects of the GDPR.
Cookies
Cookies are used to gather information where appropriate about a visitor’s computer to assist us in improving our website. The cookies will be downloaded through the internet onto your computer and stored accordingly. The following information will not contain personal data and will be solely for statistical purposes. Visitors have the option of rejecting the following function by declining the cookies through their settings.
By leaving a comment on our site, you can choose to opt-in to save your name, email address and website in cookies. The cookies will last for 1 year at your convenience so that you need not fill in your details again.
A temporary cookie has been set to determine if your browser will accept cookies should you have login to this site. The cookie will not contain your personal data and will be discarded after closing your browser.
Upon login, there will be several cookies set up to save your login information and screen display choices. The login cookies will last for 2 days and the screen display choice cookies will last for 1 year. By selecting “Remember Me”, your login ID will be recorded for 2 weeks. Upon logging out, the login cookies will be removed. When you edit or publish an article, an additional cookie will be generated which will save the post ID of the article which was edited/published for 1 day.
Embedded content from other websites
The articles on this site may include embedded content such as images, videos, post, calendar, presentations, etc. which embeds content from other websites and will behave in same way. If you have an account and are logged into that website, they may collect data about you, generate cookies, monitor your interaction or insert tracking tools.
Amendments to This Policy
This Policy may be reviewed and amended from time to time in line with legal or practice development. Topuplearningwill communicate such changes along with the updated Policy on the school website and/or other appropriate communication means. You are advised to visit the school website on a regular basis to check for any updates and changes on the Policy.