This statement relates to our privacy practices in connection with this website. We are not responsible for the content or privacy practices of other websites. Any external links to other websites are clearly identifiable as such. We reserve the right to modify and update this Policy at any time without notice, any such updates to this Policy will be published on our website, www.uxdesigninstitute.com.
The UX Design Institute, company number: 505339 with an address of Digital Court, Rainsford Street, Dublin, D08 R2YP, Ireland, is a data controller which means we have a responsibility to decide how and when your data is used and to ensure it is used correctly in all situations. We respect the right to personal privacy and our obligations under the General Data Protection Regulation (GDPR) which came into force across the EU on 25 May 2018.
We collect your data at the following times: when you purchase one of our services, when you engage with our customer support team, when you fill out our contact or marketing forms on our website (for example our ‘Get in touch’ form), on social media platforms (for example when you fill out a form on Facebook, Twitter or LinkedIn).
We use your data for communication purposes and to provide our services to you. For the purposes of training events attended onsite or online, the data that is collected by the UX Design Institute is used to plan and manage the event for which you are registered, as well as email you relevant details about the event. We also use your data to provide services requested, process requests and orders (such as a booking via invoice), to conduct customer satisfaction surveys to help improve our products, or to provide you with information on products, services and promotions (which you can opt out of at any time.)
As a prospective, current, or past student of the UX Design Institute, we process the following type of data about you in order to communicate with you and to provide you with services such as training courses:
- personal identifiers such as name,
- contact information such as email address and telephone number,
- financial data such as purchase history (we do not store any credit card information),
- social media engagement such as if you tag us in a post sharing details of our products or events attended,
- online course information such as statistics about interactions with our services, course progression, exercises completed or exams taken,
- general location information, or
- employment related information where you may participate in one of our student hire programmes or drives.
Generally, our basis for processing the above information would be related to contract, after obtaining your consent where most appropriate, fulfilling a legal obligation, or for our legitimate interest in providing you with a business service. You are welcome to enquire as to specific activities and the basis for processing per activity. Your personal data may also be anonymised and used for statistical purposes. We may communicate with you for marketing purposes. Where we engage in electronic marketing activities such as sending you a newsletter, we will ask your consent to process your data.
We automatically collect information that is often not personally identifiable, such as the website from which visitors came to our Site, browser type, domain name, referring URL, page views and information relating to the device through which users access the Site. Where we have an identified purpose for doing so and have identified a lawful basis for processing, we may combine this information with the personal data we have collected about Customers.
Information on Consent
You may withdraw consent at any time by providing an unambiguous indication of your wishes by which you, by a statement or by a clear affirmative action, signify withdrawal of consent to the processing of personal data relating to you. If you have any queries relating to withdrawing your consent, please contact us using the contact details set out below.
Withdrawal of consent shall be without effect to the lawfulness of processing based on consent before its withdrawal.
We may use trusted service providers who could be considered data processors, sub-processors or third parties. We need to have written agreements in place with all of our service providers and, before we sign each agreement, we need to have vetted and be satisfied with the service provider’s data security. The agreements also need to contain specific clauses that deal with data protection. We require all third parties to have appropriate technical and operational security measures in place to protect your personal data, in line with Irish and EU laws on data protection. Any such organisation or individual, such as payment service providers, technical support providers, learning management system or exam platform, will have access to personal data needed to perform these functions but may not use it for any other purpose.
Student Loan providers
Prospective students may apply for funding for a course where the UX Design Institute acts as an introducer for the prospective student and loan provider. The prospective student approaches the loan provider themselves and there is no initial data transfer between the UX Design Institute and the loan provider. The UX Design Institute is given sight of loan application status through the loan provider’s portal. If the prospective student application is successful, the UX Design Institute is notified only of the successful status of the funded loan, together with prospective student name and email address. All other personal data provided by the prospective student to the loan provider remains under the separate controllership of the loan provider.
If we transfer your personal data out of the EEA, we ensure an adequate degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- We will primarily attempt to transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
- Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
Automated decision-making and profiling
Automated Decision Making refers to a decision which is taken solely on the basis of automated processing of your personal data. This means processing using, for example, software code or an algorithm, which does not require human intervention. As Profiling uses automated processing, it is sometimes connected with automated decision making. Not all profiling results in automated decision making, but it can do.
We do not use automatic decision-making or profiling.
We may use your personal data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you.
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. Where appropriate, you will be asked whether you wish to receive any marketing communications from us.
We will not share your personal data with any third party for marketing purposes. You may object to direct marketing by using the provided links or the contact details herein to opt-out or make use of the opt-out links on communications.
We make use of Google Ads from time to time. We do base our ads on keywords and do not use remarketing techniques, unless your consent has been obtained for such activities. You can opt-out of Google Analytics for Display Advertising and customise the Google Display Network ads by visiting the Google Ads Settings page: http://www.google.com/settings/ads. Google also recommends installing the Google Analytics Opt-out Browser Add-on – https://tools.google.com/dlpage/gaoptout – for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page:
We utilise Google Analytics cookies to provide us with information about how our visitors use the website. This assists us in ensuring our website is tailored to the needs of our customers, to provide the best experience possible. Google Analytics cookies do not record specific data about the visitor, such as name, email address, and so on, but rather in an anonymous format - including, but not limited to the number of visitors, and specific pages visited in any session. If you’d like to opt out of being tracked by Google Analytics in this manner, for any website you may visit in the future, please visit http://tools.google.com/dlpage/gaoptout
Technical personal data
Like most websites, we gather statistical and other analytical information collected on an aggregate basis of all visitors to our website. We may gather technical information for security reasons. We use the technical information for statistical and other administrative purposes.
We may collect this technical information from you when you visit our website and accept cookies. This information may include standard information from you (such as browser type and browser language), your Internet Protocol (“IP”) address, and the actions you take on our website (such as the web pages viewed and links clicked). We note that your IP address is considered personal data under the GDPR.
Certain information in relation to web usage is revealed via our internet service provider or hosting provider who records some of the following data. Whilst we do not access this information regularly, the technical information may be used to inform our security measures, to allow us improve the information we are supplying to our users, to find out how many people are visiting our sites and for statistical purposes. The information we receive depends upon what you do when visiting our site:
- The IP address you are using.
- The date and time you access our site.
- The pages you have accessed and the documents downloaded.
- The previous Internet address from which you linked directly to our site.
- The user agent used to access our site.
We and our service providers follow strict security procedures in the storage and disclosure of your personal data, and to protect it against accidental loss, destruction or damage. We take appropriate security measures to prevent unlawful or unauthorised processing of personal data, and to prevent the accidental loss of, or damage to, personal data. The data you provide to us is protected using modern encryption, intrusion prevention, and account access techniques as appropriate and required. We have put in place procedures and technologies to maintain the security of all personal data from the point of collection to the point of destruction. We maintain data security by protecting the confidentiality, integrity and availability of the personal data, defined as follows:
- Confidentiality means that only people who are authorised to use the Personal Data can access it.
- Integrity means that Personal Data should be accurate and suitable for the purpose for which it is processed.
- Availability means that authorised users should be able to access the Personal Data if they need it for authorised purposes.
Generally, we will only retain your personal data for as long as necessary to fulfil the purposes we collected it for and for up to seven (7) years afterwards (for purposes related to regulatory and reporting requirements) or otherwise permitted by applicable laws. We may also retain your information during the period of time needed to complete our legitimate business operations, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
You have a number of rights available to you regarding your personal data and what happens with it. Under certain circumstances, and dependent on legal basis under which your personal data is processed, by law you have the right to:
- request information about whether we hold personal data about you, and, if so, what that personal data is and why we are holding/using it;
- request access to your personal data (a “subject access request”);
- correct any mistakes on our records;
- erase or restrict your personal data where they are no longer needed for the purpose for which they were obtained or used;
- object to our use of personal data based on legitimate business interests, including for profiling and marketing;
- object to automated decision-making including profiling, that is not to be subject of any automated decision-making by us using your personal data or profiling of you;
- request transfer of your personal data in an electronic and structured form to you or to another party;
- withdraw consent to the processing of your personal data.
You may inform us of any changes in your personal data, and in accordance with our obligations under the General Data Protection Regulation (GDPR) we will update or delete your personal data accordingly. We will handle any request to exercise your rights in accordance with the relevant data protection laws. To exercise any of these rights please email us at firstname.lastname@example.org
Your right to lodge a complaint
You have the right to complain at any time to a supervisory authority in relation to any issues related to our processing of your personal data. As our organisation is located in Ireland and we conduct our data processing here, we are regulated for data protection purposes by the Irish Data Protection Commission.
You can contact the Data Protection Commission as follows:
Phone: +353 57 8684800 or +353 (0)761 104 800
Address: Data Protection Office – Canal House, Station Road, Portarlington, Co. Laois, R32 AP23. Or 21 Fitzwilliam Square Dublin 2. D02 RD28 Ireland
Third party sites
Our website may contain links to third-party websites. Please note that if you follow a link to any such website, we do not accept any liability or responsibility, because these websites have their own Terms & Conditions and Privacy Policies.