Privacy Policy

THE INTERACTIVE DESIGN INSTITUTE LIMITED & THE UNIVERSITY OF ABERDEEN BUSINESS SCHOOL

Information about us

https://studyonline.abdn.ac.uk/ is a site operated by The Interactive Design Institute Limited (“We”). We are part of the Online Education Services Limited (OES) group and are a company registered in Scotland with company number 265879. VAT number 847211435. Company Address: Stuart House, Eskmills, Musselburgh, EH217PB.

We are on the UK Register of Learning Providers (UKRLP). Our UK Provider Reference Number is 10006389.

To contact us, please email marketing-onlineidi@abdn.ac.uk or telephone our customer service line on +44 (0)1224 515 270.

The University of Aberdeen and the Interactive Design Institute

The partnership between University of Aberdeen (“UoA”) and the Interactive Design Institute Ltd (IDI) was established in 2016. The University’s collaboration with IDI focuses on provision offered by the University’s Business School. Currently the Degree of Master of Business Administration (MBA (Global) and the MSc Finance are offered through the partnership. The partnership between UoA and IDI is focused on providing flexible, online provision to working professionals worldwide.

The Programmes offered by the IDI and UoA partnership are awards of the University of Aberdeen and all students are registered as UoA students. IDI maintains the online learning platform, markets the programmes and recruits students, as well as recruiting and developing the online tutors in line with UoA requirements. IDI uses remotely based tutors to support the delivery of the programmes through a wholly online platform to students who are recruited globally.

The UoA holds responsibility for the quality assurance of the online programmes and the partnership, and is also responsible for external examining, conferral of the award, and the approval of new programmes and courses.

The UoA delegates some areas of responsibility to IDI; these include administration of admissions, student registration and enrolment. Whilst the responsibility for these areas are delegated to IDI, the UoA maintains oversight of all associated processes and procedures, to ensure compliance with the UK Quality Code for Higher Education, the UoA Academic Quality Handbook and other relevant requirements.

The quality assurance and enhancement process as well as the delivery model are the same regardless of the programme of study or the country in which the student is resident whilst studying on the online programmes.

The Interactive Design Institute Limited, a company incorporated and registered in Scotland as a limited company. Company number SC 265879. VAT no. 847211435. Our registered office is at the address stated below.

We are committed to protecting and respecting your privacy.

Our full contact details

The Interactive Design Institute Limited
Stuart House
Eskmills
East Lothian
EH21 7PB
Scotland
United Kingdom
Tel: +44(0) 1224 515 270
E-mail: info@idesigni.co.uk

Our privacy policy

This policy (together with our terms of use and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting https://studyonline.abdn.ac.uk/ and https://business.abdn-online.ac.uk/login you are accepting and consenting to the practices described in this policy.

We are a data “controller”. This means that we are responsible for deciding how we hold and use personal information about you. We are required under data protection legislation to notify you of the information contained in this privacy policy.

It is important that you read this policy, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using such information.

Information on visitors

Visitors can access the home page and public areas of our website https://studyonline.abdn.ac.uk/ without disclosing personal details. Our website https://studyonline.abdn.ac.uk/ does not allow visitors to communicate with other visitors or to post information which can be accessed by others. Students who are enrolled on any of the courses we deliver online can communicate with other students within our study site, https://studyonline.abdn.ac.uk/login, which is password protected.

The kind of information we hold about you

 

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

Sensitive personal data means personal data consisting of information as to:
(a) The racial or ethnic origin of the data subject,
(b) An individual’s religious beliefs or other beliefs of a similar nature
(c) An individual’s physical or mental health or condition,
(d) An individual’s sexual orientation

We have put in place measures to protect the security of your information. Third parties will only process your personal information on our instructions and where they have agreed to treat the information confidentially and to keep it secure.

We will collect, store and use the following data about you:

  • Information you give us This is information about you that you give us by filling in forms on our website (https://studyonline.abdn.ac.uk/) or by corresponding with us by phone, e-mail, live-chat or otherwise. It includes information you provide when you register to use our websites, subscribe to our services and during the provision of our services, search for a product or service, place an order on our website, participate in discussion boards or other social media functions on our website, enter a competition, promotion or survey and when you report a problem with our website. The information you give us may include: your name, address, e-mail address and phone number. If you become an enrolled student, the information you give us may include: date of birth, nationality, gender, sexual orientation, religious beliefs, next of kin details, proof of identity and any relevant UK residence permits, educational qualifications, employment history, financial and credit card information, personal description, photograph and details of any health or medical conditions.
  • Information we collect about you With regard to each of your visits to our website we will automatically collect the following information:
    – technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, demographic information including location, browser plug-in types and versions, operating system and platform;
    – information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our website (including date and time), products (including videos) you viewed or searched for, page response times, download errors, length of visits to our website including certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number.
  • Information we receive from other sources This is information we receive about you if you use the other services we provide. We are working closely with third parties (including, for example, business partners, affiliates and agents, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies). We will notify you when we receive information about you from them and the purposes for which we intend to use that information.

Cookies

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and allows us to improve our website. For detailed information on the cookies we use and the purposes for which we use them see our Cookie policy.

How we will use information about you

We will only use your personal information when the law allows us to. Most commonly, we will use your personal information in the following circumstances:

  1. Where we need to enter into a contract with you or perform the contract we have entered into with you.
  2. Where we need to comply with a legal obligation.
  3. Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.

Situations in which we will use your personal information

We need all the categories of information in the list above (see The kind of information we hold about you) primarily to allow us to enter into or perform our contract with you or perform our contract with you (Condition 1) and to enable us to comply with legal obligations (Condition 2). In some cases, we may use your personal information to pursue legitimate interests of our own or those of third parties (Condition 3), provided your interests and fundamental rights do not override those interests. The situations in which we will process your personal information are listed below. We have indicated the purpose or purposes for which we are processing or will process your personal information, as well as indicating which categories of data are involved.

We use information held about you in the following ways:

  • Information you give to us. We will use this information:
    – to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us (Condition 1);
    – to fulfil our obligations as a collaborative partner of the University of Aberdeen; whereby the university is obliged to collect and release sensitive, personal student data. Collection of these sensitive or special categories of data is necessary for statistical research purposes to help public authority data controllers to meet their public-sector equality duties under the Equality Act 2010. This processing is lawful under the Data Protection (Processing of Sensitive Personal Data) Order 2000 (Schedule (9)) and GDPR Article 9(2)(j).” (Condition 2);
    – to provide you with information you have requested about a product or service we offer. We will contact you either by email or telephone, dependent on the information you have provided upon the point of contact (Condition 3).
    – to provide you with information about goods or services we feel may interest you. If you are an existing customer, we will only contact you by electronic means (e-mail or SMS) and telephone with information about goods and services similar to those which were the subject of a previous sale or negotiations of a sale to you. (Condition 3);
    – to notify you about changes to our service (this allows us to keep our service updated and relevant and to develop our business) (Condition 3);
    – to analyse the information we collect so that we can administer, support, improve and develop our business and services we offer (Condition 3);
    – to ensure that content from our website is presented in the most effective manner for you and for your computer (this allows us to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy) (Condition 3).
  • Information we collect about you. We will use this information:
    – to administer our website and for internal operations, including troubleshooting, data analysis, testing, statistical and survey purposes (this allows us to run our business and provide administration and IT services) (Condition 3);
    – to improve our website to ensure that content is presented in the most effective manner for you and for your computer (this allows us to define types of customers for our services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy) (Condition 3);
    – to allow you to participate in interactive features of our service, when you choose to do so (this allows us to keep our website updated and relevant, to develop our business and to inform our marketing strategy) (Condition 3);
    – as part of our efforts to keep our website safe and secure (this allows us to protect our customers, maintain network security and prevent fraud) (Condition 3);
    – to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you (this allows us to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy) (Condition 3);
    – to make suggestions and recommendations to you and other users of our website about goods or services that may interest you or them (this allows us to develop our products/services and grow our business) (Condition 3);
    – to participate in Facebook’s ‘Custom Audience’ service from time to time. This service enables us to display to you personalised advertisements when you visit Facebook’s social media platforms. It works by converting your email address to a unique number that Facebook uses to match to unique numbers that Facebook generates from email addresses of its users. (Condition 3).
  • Information we receive from other sources. We will combine this information with information you give to us and information we collect about you. We will use this information and the combined information for the purposes set out above (depending on the types of information we receive)

Some of the above grounds for processing will overlap and there may be several grounds which justify our use of your personal information.

Monitoring

We may monitor or record telephone calls for security purposes and to improve the quality of services that we provide to you.

Children’s privacy

We do not accept enrolments, or knowingly collect personal data, from those under 16 years of age.

If you fail to provide personal information

If you fail to provide certain information when requested, we may not be able to perform the contract we have entered into with you (such as providing our services), or we may be prevented from complying with our legal obligations.

Change of purpose

We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

Data sharing

We may have to share your data with third parties, including third-party service providers.

We require third parties to respect the security of your data and to treat it in accordance with the law.

We may transfer your personal information outside the EU.

If we do, you can expect a similar degree of protection in respect of your personal information.

Why might you share my personal information with third parties?

We will share your personal information with third parties where required by law, where it is necessary to administer the working relationship with you or where we have another legitimate interest in doing so.

Which third-party service providers process my personal information?

“Third parties” includes third-party service providers (including contractors and designated agents). The following third-party service providers process personal information about you for the following purposes:

  • Course tutors to assist you with your studies;
  • The educational institution with which you have enrolled to manage and administer your studies;
  • Amazon Web Services (AWS) for data storage, hosting and server maintenance
  • Salesforce Inc. and Pardot, for data storage, data hosting and e-mail marketing
  • The Rocket Science Group LLC. d/b/a Mailchimp for data storage and e-mail marketing
  • Natives Group Ltd., to manage paid digital marketing
  • LogMeIn, Inc. (Go to Webinar) for data collation, data storage, hosting and delivery of webinars
  • Stripe Payments Europe Ltd., to facilitate credit card payments and direct debit payment plans
  • Student Loans Company to facilitate student loan funding
  • Brightridge Technology Ltd. to facilitate telephone services including the storage of call data
  • Turnitin LLC., for the submission of student assignments to anti-plagiarism technology
  • Fitch 7city Learning Ltd; to provide access to Fitch learning materials
  • STA International Ltd., to manage student debt recovery
  • Survey Monkey Europe UC, to conduct online student surveys
  • Course Directory Affiliates for student recruitment purposes
  • Student Recruitment Agents for international student recruitment purposes
  • Appointlet for call booking
  • ACT Credit Management Ltd for debt recovery
  • Message Media for SMS functionality

How secure is my information with third-party service providers?

All our third-party service providers are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.

What about other third parties?

We may share your personal information with other third parties. If you have come to us through an international representative, we will continue to share your personal information with that representative. We may also need to share your personal information with a law enforcement body, regulator or to otherwise comply with the law. Since IDI is part of the Online Education Services Limited (OES) group, and we will share your personal information with OES.

Transferring information outside the EU

We will transfer the personal information we collect about you to the following countries outside the EU (United States of America, Mauritius and the United Arab Emirates) in order to perform our contract with you. There is not an adequacy decision by the European Commission in respect of that country. This means that the country to which we transfer your data are not deemed to provide an adequate level of protection for your personal information.

However, to ensure that your personal information does receive an adequate level of protection we have put in place the following appropriate measures to ensure that your personal information is treated by those third parties in a way that is consistent with and which respects the EU and UK laws on data protection:

  1. Amazon Web Services: Our agreement with Amazon Web Services (AWS) incorporates an EU-approved Data Processing Addendum and Model Clauses and has certified compliance with the EU-US and Swiss-US Privacy Shield Frameworks. https://aws.amazon.com/privacy/
  2. Salesforce Inc and Pardot: Our agreement with Salesforce Inc. incorporates an EU-approved Data Processing Addendum and Model Clauses and has certified compliance with the EU-US and Swiss-US Privacy Shield Frameworks. https://www.salesforce.com/uk/company/privacy/full_privacy/
  3. Natives Group: Our contract with the Natives Group incorporates a data compliance agreement https://natives.group/en_gb/terms-and-conditions
  4. Turnitin LLC, has certified compliance with the EU-US and Swiss -US Privacy Shield Frameworks. https://guides.turnitin.com/Privacy_and_Security#Privacy_Pledge
  5. LogMeIn, Inc: Our agreement with LogMeIn Inc, incorporates an EU-approved Data Processing Addendum and Model Clauses and has certified compliance with the EU-US and Swiss Privacy Shield Frameworks. https://www.logmeininc.com/legal/privacy
  6. Stripe Payments Europe, Ltd: Our agreement with Stripe Payments Europe incorporates a Data Processing Addendum and they have certified compliance with the EU-US and Swiss Privacy Shield Frameworks. https://stripe.com/gb/privacy
  7. The Rocket Science Group LLC d/b/a Mailchimp: Our agreement with Mailchimp incorporates an EU- approved Data Processing Addendum and Model Clauses and has certified compliance with the EU-US and Swiss-EU Privacy Shield Frameworks. https://mailchimp.com/legal/privacy/
  8. SurveyMonkey Europe UC: Our agreement with SurveyMonkey Europe UC incorporates an EU-approved Data Processing Addendum and Model Clauses and has certified compliance with the EU-US and Swiss-US Privacy Shield Frameworks. https://www.surveymonkey.com/mp/legal/privacy-policy/
  9. Course Directory Affiliates and Student Recruitment Agents, our contacts include data compliance agreements: StudyPortals: https://www.studyportals.com/about-us/privacy-2/
  10. Appointlet: Our agreement with Appointlet incorporates a Data Processing Agreement. http://www.appointlet.help/en/articles/63297-privacy-policy
  11. Brightridge Technology: Our agreement with Brightridge Technology incorporates a Data Processing Agreement. https://www.brightridge.com/privacy-policy
  12. ACT Credit Management Ltd.: Our agreement with ACT Credit Management Ltd. Incorporates a Data Processing Agreement. https://www.actcredit.com/privacy-policy/
  13. STA International Ltd.: Our agreement with STA International Ltd. Incorporates a Data Processing Agreement. https://www.stainternational.com/privacy-notice/
  14. Message Media: Our agreement with Message Media incorporates a Data Processing Agreement. https://messagemedia.com/uk/legal/privacy-policy/
  15. Fitch Learning: Our agreement with Fitch Learning incorporates a Data Processing Agreement. https://www.fitch.group/privacy-policy#English

For further details, see the European Commission’s Model contracts for the transfer of personal data to third countries.

These agreements enable us to transfer your information outside the European Economic Area in accordance with the EU and UK laws on data protection.

If you require further information about these protective measures, you can request it from our Data Privacy Manager.

Data security

We have put in place measures to protect the security of your information. Third parties will only process your personal information on our instructions and where they have agreed to treat the information confidentially and to keep it secure.

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

Data retention

How long will you use my information for?

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Where we hold your personal information for marketing purposes, we will retain that information for a period of three years (or longer if you agree) after which we will securely destroy the information in accordance with applicable laws and regulations.

Where you have undertaken a course of study, we will retain your personal information for a maximum of ten years after conclusion of your studies after which we will securely destroy your personal information in accordance with applicable laws and regulations.

In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.

Rights of access, correction, erasure, and restriction

Your duty to inform us of changes

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your working relationship with us.

Your rights in connection with personal information

Under certain circumstances, by law you have the right to:

  • Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
  • Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal information to another party.

If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact our Data Privacy Manager in writing.

No fee usually required

You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances

What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

Time limit to respond

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Right to withdraw consent

In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. You can withdraw your consent or update your communication preferences at any time by visiting our preference centre here.

Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.

Third part emails

Our website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies.

Please check these policies before you submit any personal data to these websites.

Data privacy manager

We have appointed a data privacy manager to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal information, please contact the data privacy manager by emailing dataprivacy@idesigni.co.uk.

The Information Commissioner’s Office

You also have the right to lodge a complaint about how we handle your personal information with the Information Commissioner’s Office (the ICO), the UK supervisory authority for data protection issues. You can call the ICO’s helpline on 0303 123 1113. See also https://ico.org.uk/global/contact-us. However, we would appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

Changes to this privacy notice

We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.