Data Protection Policy
Fountain College is committed to preserving the privacy of its learners and employees and to complying with the Data Protection Act 1998. To achieve this commitment information about our learners, employees and other clients and contacts must be collected and used fairly, stored safely and not unlawfully disclosed to any other person.
Information that is already in the public domain is exempt from the Data Protection Act 1998 and 2000. It is College policy to make as much information public as possible and in particular the following information will be available to the public:
- Names of our Senior Management
- Photographs of key staff ie members of the Executive and other managers.
- List of staff
- Learner performance data
The College, its staff and others who process or use any personal information must ensure that they follow the data protection principles set out in the Data Protection Act 1998. These are that personal data shall:
- Be obtained and processed fairly and lawfully.
- Be obtained for a specified and lawful purpose and shall not be processed in any manner incompatible with that purpose.
- Be adequate, relevant and not excessive for those purposes.
- Be accurate and kept up to date.
- Not be kept longer than is necessary for that purpose.
- Be processed in accordance with the data subject rights.
- Be kept safe from unauthorised access, accidental loss or destruction.
- Not be transferred to a country outside the European Economic area, unless that country has equivalent levels of protection for personal data.
The College will not release staff or learner data to third parties except to relevant statutory bodies. In all other circumstances the College will obtain the consent of the individuals concerned before releasing personal data.
- Corporation Board
The Corporation Board are responsible for the oversight and implementation of this policy.
- The Principal and Senior Managers
It will be the responsibility of the Principal and senior managers to ensure compliance with the policy and for communicating the policy to all staff.
They have operational responsibility for the implementation of this policy.
All managers are responsible for ensuring that staff are aware of and abide by this policy.
All staff are responsible for ensuring that any personal data which they hold is kept securely and personal information is not disclosed in any way and to any unauthorised third party.
Learners and staff are responsible for ensuring that all personal data provided to the College is accurate and up to date.