Privacy Policy Ascentis

What is a privacy notice?

This privacy notice is a document that explains how Ascentis collects, uses, stores, and protects personal information. It informs individuals about the types of data collected, the purposes for collecting it, and how it is used.

This notice outlines data storage and security measures, individual rights, the use of cookies or tracking technologies, and the legal basis for processing data.

Why should you read this notice?

Reading this privacy notice is important because it allows individuals to understand how their personal information is collected, used, and protected by Ascentis.

It also helps individuals to make informed choices, ensure compliance with regulations, and stay aware of security measures implemented by Ascentis.

Our contact details:

Get in touch using our website, or alternatively, use the below information:

 

General Company Information:

Organisation Name:

Ascentis

Mailing Address:

Ascentis House, Lancaster Business Park, 3 Mannin Way, Lancaster, LA1 3SW

Data Email Address:

[email protected]

Legal Email Address:

[email protected]

Phone Number:

01524 845046

Website:

Cutting Edge Qualifications Agency | Awarding Organisation Body | Ascentis

ICO Registration Number:

Z1927556

 

Data Protection Officer Information:

Organisation Name:

The DPO Centre Ltd

Mailing Address:

50 Liverpool St, London EC2M 7PY

Contract Email Address:

[email protected]

Phone Number:

020 3797 1289

Website:

Data Protection Services - Speak to an Expert | DPO Centre


What types of personal information we collect and why do we collect it?

 

We collect, use, store and/or transfer various categories of personal data about you depending on our relationship with you:

We will collect and process personal information about you to enable us to administer products and services, provide you with other related services and manage our relationship with you. Under data protection law, we can only use your personal information if we have a proper reason for doing so and for the purposes for which we collect it.

The information we require/gather about you will differ depending on our relationship with you:

Learner information:

Types of Data:

Data collection point:

Category of data:

Purpose:

Lawful basis:

Ethnicity, gender

Learner registration and enrolment

Special category

Learner registration and performance of services to you

Explicit consent

Full name, contact number, DOB, personal email, postcode, learner

achievement, address, IP address

Learner registration, course certification

Personal data

Learner registration and performance of services

Contractual obligation

Disabilities and areas of disadvantage

Learner registration

Special category

Exam adjustments, special consideration, and qualification adaptability

Explicit consent

Market preferences, advertisement of suggested services, cookies

Use of Ascentis website (completing surveys etc)

Personal

Suggestion of relevant services we can offer to you

Legitimate interests

Captured facial photograph, recorded video stream

ProctorExam

(Outsourced remote invigilation service)

Personal

Provides remote invigilation services

Legitimate interests

Supplier information:

 

Types of data:

Data collection point:

Category of data:

Purpose:

Lawful basis:

Contact name, email

SAP Business One (Accountancy

software)

Personal

Execute contract/business needs

Contractual obligation

Centre/Centre Staff information:

 

Types of data:

Data collection point:

Category of data:

Purpose:

Lawful basis:

Coordinator; name, job title

Contact number, centre address, contact email

Completion of centre recognition form

Personal

Performance of services

Contractual obligation

Job applicants:

 

Types of data:

Data collection point:

Category of data:

Purpose:

Lawful basis:

Full name, DOB, various contents of your curriculum vitae (Contact number, address, contact email, work experience, qualifications)

Upon receival of CV/job application

Personal

Recruitment:

 

 

Information required for identification of applicant and accessed as to the suitability to the relevant job position.

Contractual obligation

Ascentis premises visitor information:

 

Types of data:

Data collection point:

Category of data:

Purpose:

Lawful basis:

CCTV recording

Arrival on Ascentis company premises

Personal

Security – Maintains log of entrances and exits of the Ascentis building

Legitimate interests

Full name, face photograph workplace, contact number

Upon registering arrival on tablet in reception

Personal

Security – Maintains log of entrances and exits of the Ascentis building – Logged on software ‘Inventory’

Legitimate interests

Customer Surveys 

We value your feedback and want to improve our products and services based on your opinions and preferences. To do this, we may send you a survey through Microsoft Dynamics 365 (Customer Voice) to optionally complete after any interaction with our customer service team. The survey will be sent directly to the email address that you provided to us when you contacted our customer service team. The email address will be stored in our customer relationship management software. 

The survey may ask you for any personal information, such as your name or address. The survey will ask you about your experience with our customer service team, your satisfaction with our products and services, and any suggestions or comments you may have. 

The responses you provide to the survey will be saved indefinitely in our database to aid with improving our customer journey. We will use the responses to analyse and improve our customer service quality, product development, and marketing strategies. We will not share your responses with any third parties. 

You can choose not to complete the survey or opt out of receiving future surveys at any time by clicking on the unsubscribe link in the email.

Information we collect about you from other sources

We collect information about you from other sources, and may include:

  • Information from the learning centre that you have enrolled with provide us with all the personal information we may require to process and complete your enrolment and/or certification.
  • Publicly available information, from sources such as Companies House, County Court Judgements, this may include details about your financial situation and debts; and
  • Information from third party databases or data suppliers, such as credit reference agencies, including details about your creditworthiness.

Information we receive about you from other sources

When you engage to enter into a course at a learning centre for which we are the relevant qualification awarding body they will share your personal data with us so that we can award your qualification and certify that you have met the relevant criteria. We may also process your data to assess the learning centre that you are enrolled in and benchmark them against other learning centres.

Sometimes you will have given your consent for other websites, services or third parties to provide information to us. This could include information we receive about you if you use any of the other websites we operate or the other services we provide, in which case we will have informed you when we collected that data if we intend to share those data internally and combine it with data collected on this site. We will also have told you for what purpose we will share and combine your data.

It could also include information from third parties that we work with to provide our products and services, such as payment processors, delivery companies, technical support companies and advertising companies. Whenever we receive information about you from these third parties, we will let you know what information we have received and how and why we intend to use it.

The Ascentis website uses "cookies" to help you personalise your online experience

A cookie is a piece of information that is held on the hard drive of your computer which records how you have used a website. Cookies allow website operators to accumulate useful information, such as whether the computer (and sometimes its user) has visited the site before. This is done on a repeat visit by checking to see, and finding, the cookie left there on the last visit. For more information, see our Cookies Policy here.

If you fail to provide personal data

Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to award your qualification or provide you with copies of any certificates you request). In this case, we may have to cancel a service you have with us, but we will notify you if this is the case at the time.

How do we store and protect your personal information?

Storing your information

All information you provide to us is stored on secure servers in the UK. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Protecting your information

Ascentis has a range of other technical and organisational measures in place to protect your personal data including being Cyber Essentials certified, two-factor authentication, access controls to restrict access on a need-to-know basis, uniquely identifying users to monitor and review access attempts, and physical security. Personal data is never disclosed or shared with unauthorised people. Ascentis has internal policies and controls in place to protect personal data against loss, accidental destruction, misuse, or disclosure, and to ensure that data is not accessed, except by employees in the proper performance of their duties.

We also have procedures in place to deal with any suspected data security breach. This applies to a security breach leading to the accidental loss, damage, destruction or unlawful access or disclosure to your personal data. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so and report any substantial risk to the rights and freedoms of individuals within any period applicable by law.

However, it would not be considered a breach if the personal data were received unknowingly or unintentionally and then erased in line with data minimisation policies. For example, if you sent us personal information that we did not require or request, we shall delete this as soon as possible and ask you to refrain from sending any unnecessary personal or special data again.

In certain circumstances, the GDPR allows personal data to be disclosed to law enforcement agencies without the consent of the data subject. Under these circumstances, Ascentis will disclose the requested data. However, we will ensure the request is legitimate, following any relevant policies and protocols.

How long do we keep your data for?

Where we are relying on your consent or our legitimate interests to process your data then we will keep your personal data until you withdraw your consent for us to use it, or object to the processing in our legitimate interests and we agree with your objection.

A school can request that we delete the personal data of school users at any time, and in the absence of any specific request from the school we will retain user’s personal data for as long as is reasonably needed to perform our contractual obligations to you.

We will also retain your personal data according to other applicable UK laws and regulations, depending upon the nature of the services we have provided to you.

How we adopt Data Protection by Design

Ascentis have adopted the principle of Data Protection by Design and Default.

This means that at the beginning and continuing through any new project or system, we keep the safety and security of everyone’s personal data at the forefront and implement whatever measures are necessary to comply with data protection laws.

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this notice. We try to ensure that all information you provide to us is transferred securely via the website. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

What data protection rights do you have?

What are your rights?

The GDPR grants individuals several data protection rights, including the right to access their personal data, request its correction or deletion, restrict its processing, and obtain a copy of it in a portable format.

Individuals also have the right to object to the processing of their data, withdraw consent, and lodge complaints with data protection authorities.

These rights promote transparency, control, and privacy in the handling of personal data, giving individuals the ability to manage their information and ensuring organisations adhere to responsible data practices.

More information can be found on the ICO website:

Data Subject Right:

Explanation:

The right to be informed

This right ensures that individuals have access to clear and transparent information about the processing of their personal data.

 

It requires organisations to provide concise and easily accessible details about the purposes of processing, the data recipients, the retention period, and other relevant information.

 

This right empowers individuals to make informed decisions, exercise their data subject rights, and fosters trust and transparency in data processing practices.

The right of access

This right grants individuals the right to request and obtain confirmation of whether their personal data is being processed by an organisation.

 

If the data is being processed, individuals have the right to access and obtain a copy of their personal data. Organisations are required to provide relevant information, respond to requests in a timely manner, and generally do so free of charge.

 

This right empowers individuals to be aware of and verify the processing of their data, ensuring transparency, accuracy, and the ability to exercise other data subject rights.

The right to rectification

This right gives individuals the right to request the correction or updating of their inaccurate or incomplete personal data held by organisations.

 

Individuals can submit requests to organisations, which are then responsible for verifying the accuracy of the data and making necessary corrections promptly. If the incorrect data has been shared with third parties, the organisation must inform them about the rectification.

 

This right allows individuals to ensure the accuracy and completeness of their personal data, promoting transparency and control over their information.

The right to

erasure/be forgotten

This right grants individuals the right to request the deletion or removal of their personal data held by organisations.

 

This right can be exercised when the data is no longer necessary, consent is withdrawn, processing is unlawful, or there is a legal obligation to erase the data.

 

Organisations must comply with erasure requests and inform third parties about the request, if applicable.

 

However, certain exceptions may apply, such as when the right to freedom of expression or legal obligations are involved. The right to erasure empowers individuals to have control over their

personal data and promotes privacy and data autonomy.

The right to restrict processing

This right allows individuals to request limitations on the processing of their personal data by organisations.

 

This right can be exercised in situations where the accuracy of the data is disputed, processing is unlawful, data is no longer needed but required for legal claims, or an objection to processing is pending verification.

 

When processing is restricted, organisations can only store the data and must refrain from further processing unless with the individual's consent or for specific legal purposes.

The right to restrict processing gives individuals control over their data and promotes privacy, accuracy, and individual autonomy in data processing.

The right to data portability

This right gives individuals the ability to request and receive their personal data from an organisation in a machine-readable format.

 

This data can then be transferred to another organisation of the individual's choice. The right applies to personal data provided by the individual and processed based on consent or contract. Organisations must facilitate the direct transfer of the data or transmit it to the requested organisation.

 

While technical feasibility and data security are considerations, the right to data portability aims to empower individuals by promoting data control, facilitating data transfers, and encouraging competition and interoperability among service providers.

The right to object

This right gives individuals the power to object to the processing of their personal data by organisations. This right applies to processing based on legitimate interests or for direct marketing purposes.

 

Individuals must be provided with clear notice of this right and have the ability to object before or at the time of processing.

 

Organisations must respect the objection unless they can demonstrate compelling legitimate grounds for continued processing that outweigh the individual's interests.

 

The right to object empowers individuals to have control over their personal data, protect their privacy, and influence how their data is used.

Rights relating to automated decision making and profiling

This right provides individuals with safeguards against potentially negative effects of automated decisions and profiling processes.

 

Individuals have the right to receive an explanation when automated decisions significantly affect them. They also have the right not to be subject to solely automated decisions with legal or similarly significant consequences unless there is human intervention or explicit consent.

 

Profiling, which involves automated processing to evaluate aspects of individuals, is subject to transparency, fairness, and the individual's explicit consent

How do I utilise my data protection rights?

If you wish to utilise any of the above rights, please contact our Legal, Risk, and Data Protection Department using the below email:

 

Company:

Data Email:

Ascentis

[email protected]

Do we share your Personal Data?

Sharing your information within our company and group

We share the information that you provide to us with our staff so that we can provide our products and services to you. We sometimes share your personal information with other specified organisations, including those who provide us with assistance in delivering our products or services or, where applicable, regulate our provision of such products or services.

We share the information that you provide to us with International Dyslexia Learning Solutions Limited (IDLS) or any other companies within the Ascentis group and other websites that we operate.

Personal Learner data will be shared between the recognised exam centre that registers the learner(s) onto any qualification(s) and Ascentis, according to the Centre Agreement. Centres are required under this agreement to keep all Learner Records and details of achievement in an accurate, timely, confidential, and secure manner, and keep full and accurate records of their performance in the event of an audit from Ascentis. This is to maintain that your personal data is kept secure, and we remain compliant. 

Sharing your information with third parties

We will not sell or rent your data to third parties.

We will not share your data with third parties for marketing purposes.

From time to time, we may need to share your information with selected third-party business partners, suppliers, and sub-contractors for the performance of a contract we have with them. In such circumstances, we only share the data necessary for them to deliver the service and have in place a contract or data sharing and usage agreement that requires them to keep your data secure and not to use it for their own marketing purposes.

Third-party organisations that provide services to us (including providing IT services and assisting us with carrying out marketing activities):

Third Party

Description:

Privacy Policy:

Parnassus

Parnassus supports the core business functions of an awarding organisation: qualification management, approved centres, learner registration, entry of achievement through to certification. A portal-style solution which can be used by internal staff, and, with our sophisticated security structure, any function can be made available to centres, EQA's, assessors and other external users. Parnassus is the only fully web-based awarding organisation management system with such an extensive range of functions.

Privacy Policy – Parnassus Online

QuartzWeb

A system designed to support managing learner registrations and awards

Privacy - EUSR

Hilton Baird

A financial services firm offering a range of services including commercial finance, invoice finance, and credit management solutions.

Privacy Policy and Cookies | Hilton-Baird Collection Services. (hiltonbairdcollections.co.uk)

Royal Bank of Scotland (RBS)

A major retail and commercial bank offering a wide range of financial services including banking, loans, mortgages, and investment banking

Privacy & Cookies | Royal Bank of Scotland (rbs.co.uk)

Microsoft

A multinational technology company renowned for its software products including the Windows operating system, Office suite, and cloud services such as Azure

Microsoft Privacy Statement – Microsoft privacy

Inventry

 

InVentry | Data Protection Policy

QuestionMark

Provider of assessment and testing software solutions for educational institutions

Privacy - Questionmark Online Assessment Platform

Surpass/BTL

A company specialising in assessment technology, likely offering software solutions for secure exam delivery and assessment management.

Website Policies - Surpass Assessment

ProctorExam

A company providing remote proctoring solutions for online exams, ensuring the integrity and security of the examination process.

Privacy and data security - ProctorExam

Amazon Web Servies (AWS)

A subsidiary of Amazon offering a comprehensive suite of cloud computing services including storage, computing power, and database solutions.

AWS Privacy (amazon.com)

FCS Protect

Cybersecurity solutions or data protection services to businesses, focusing on safeguarding against cyber threats and ensuring compliance with data protection regulations.

Privacy Policy | FCS Protect (fcs-protect.co.uk)

Eventbrite

An online platform that enables users to create, promote, and sell tickets for events, ranging from small local gatherings to large-scale conferences and festivals.

Eventbrite Privacy Policy | Eventbrite Help Centre

SurveyMonkey

An online survey platform that allows users to create and distribute surveys for market research, customer feedback, and other data collection purposes.

Privacy Notice | SurveyMonkey

PayPal

A digital payments platform allowing individuals and businesses to send and receive money online securely, as well as process online payments.

PayPal Privacy Statement

Stripe

A technology company providing online payment processing for internet businesses, offering APIs and other tools to accept payments, manage subscriptions, and handle other financial transactions.

Privacy Policy (stripe.com)

TNT

A global courier and logistics company providing express delivery services for parcels, documents, and freight shipments.

Privacy Policy | TNT United Kingdom

Click Dimensions

A marketing automation platform integrated with Microsoft Dynamics

Privacy Policy | ClickDimensions

Veremark

A provider of employment verification solutions, offering services to verify and authenticate employment histories and credentials of job applicants.

Privacy policy - Veremark

TeamTailor

An applicant tracking system and recruitment software designed to streamline the hiring process for businesses, from sourcing candidates to managing job applications.

Privacy Policy - Teamtailor

Third-party organisations that collect data relating to examination results:

  • Quality Assurance Agency for Higher Education (QAA),
  • Ofqual,
  • UCAS,
  • Bath Data (SERAP),
  • Learning Records Service (LRS)
  • Third-party organisations that collect data relating to training and CPD
  • We provide personal data to the CPD Certification Service for attendees to gain recognised CPD certificates for many of our training events. 

For you to attend some of our events, we may use Eventbrite for customers to gain admission. You will be asked for your full name and email address when signing up to these events using Eventbrite in order to attend the Ascentis event.

We may also share your name, email address, unique identifier (such as a username), captured facial photograph, captured identification, recorded video stream and other technical details such as IP address and location when your learners are using the proctored exam service with ProctorExam for the purposes of remote invigilation to satisfy our regulatory obligations.  This data is forwarded onto our quality assurance department for them to assess the examination and its candidates for cases of malpractice. Information gathered will be processed in the Frankfurt region of Germany and therefore will NOT be processed by ProctorExam outside of the EEA as per clause 16.5 of our contract for supply of assessment software and services.

Ascentis and ProctorExam have entered into a contract to provide adequate protection of your data such that it will be handled with the same degree of protection as that offered under the GDPR. This agreement is necessary to allow Ascentis to ensure the validity of examination results and the processing of personal data, as described above, is therefore necessary for the performance of our contractual obligations. 

There may be certain exceptional circumstances in which we may disclose your information to third parties

This would be where we believe that the disclosure is:

  • Required by police, law enforcement agencies and regulatory bodies for the purpose of preventing and detecting fraud, crime, and criminal activity.
  • Required by the law, or in order to comply with judicial proceedings, court orders or legal or regulatory proceedings
  • Necessary to protect the safety of our employees, our property, or the public
  • Necessary for the prevention or detection of crime, including exchanging information with other companies or organisations for the purposes of fraud protection and credit risk reduction.
  • Proportionate as part of a merger, business or asset purchase or sale, in the event that this happens we will share your information with the prospective seller or buyer involved

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions and lawful bases.

Ascentis will not sell, rent, or lease your personal data to any third party. 

International Transfers

On the 28 June 2021, the UK was granted ‘adequacy’ by the European Commission in General Data Protection Regulations (GDPR) terms.

International transfers to the UK and Ascentis from the European Economic Area (EEA) and other adequate countries can continue to take place with no additional safeguards.

We do not currently transfer any of your data outside the EEA unless that is where you are located.

How do I complain?

You have the right to make a complaint at any time to us using the email, website, or address above if you have any concerns about our use of your personal information.

You can also complain to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues if you are unhappy with how we have used your data or how we have handled your complaint.

The ICO’s complaints page is as follows: https://ico.org.uk/make-a-complaint/. We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

Changes to this Privacy Notice

We reserve the right to make changes to this Privacy Notice from time to time. If you have any questions or queries about the changes that we make from time to time, please tell us via the contact details provided below in this Privacy Notice.

Ascentis will review and update this Privacy Notice to reflect company and customer feedback and changes to laws and regulations. Ascentis encourages you to periodically review this notice to be informed of how Ascentis is protecting your information.

Cookies

We use a variety cookies to provide data about how our website is being used and to improve the advertising.

If you want to disable cookies, you need to change your website browser settings to reject cookies. How you can do this will depend on the browser you use.

You can find more information about our cookie usage within our Cookie Policy.

Watch Our Client Videos

Ascentis helps change the lives of over 170,000 learners each year. Hear about why our staff love working for us, and why our customers love working with us.

See all

Leicester Adult Skills and Learning Service Speaking about Ascentis English & Maths Stepping Stones

Ascentis has a fantastic suite of English and Maths Stepping Stones qualifications which enable learners to focus on specific skills, build their confidence and progress onto further learning. This testimonial video features Leicester Adult Skills and Learning Service who outline the benefits to them and their learners of using these qualifications.

Watch Video

The City of Liverpool College Speaking about Ascentis Access to Higher Education

Access to HE with Ascentis - We Make a Difference. Watch our Testimonial and hear how it makes a difference to learners and the opportunities it brings.

Watch Video

Best Practice People Speaking about Ascentis Short Online Qualifications

The Ascentis Short Online Qualifications are delivered in many centres across the UK and help to support learners’ Personal Development, Behaviour and Welfare. Listen to Ascentis Customer, Best Practice People talk about how effective the Ascentis Short Online Qualifications are and how they successfully aid their NEET learners, improving skills and confidence in turn helping them secure employment.

Watch Video

Join hundreds of happy centres nationwide

Arrange a meeting

What our happy customers say

“We are very pleased that we made the move to Ascentis for all our ESOL exams. The exams are appropriate for our learners, and lecturers find the marking manageable. As an organisation, Ascentis is a pleasure to work with. Our queries are always dealt with quickly and we are extremely well supported by our verifier.”

Waltham Forest

“We have thoroughly enjoyed our first year with Ascentis. There has been support of a high quality throughout the academic year. Support has been provided through a variety of roles including the quality managers, lead EQA’s and subject moderators.”

Bradford College

“We have been delighted with the impact Ascentis Extended Awards in Mathematical Skills (Stepping Stones) have had on our student’s progression towards their functional skills mathematics as well as preparing them for the completion of their GCSE. It has taught them the essential skills in mathematics which enabled them to deal with the practical problems and challenges of life – at home, in education and at work. These skills are valued by employers and further education, and are a platform on which to build other employability skills. We are also very impressed with the level of service and commitment shown by the staff of Ascentis, they are always available to help whenever help is needed.”

Brent Start

“The transparency and support of Ascentis has been refreshing. Our moderation process has been a pleasure and developmental feedback has always been welcomed.”

Kensington & Chelsea College
  • AELP
  • CPD Certified
  • FAB
  • Cyber Essentials
  • Natecla
  • Access to Higher Education
  • The Parliamentary Review
  • West Yorkshire Learning Providers
Close
Ascentis customers please login to view full specifications, tracking sheets, sample papers, customer policies and key documents.

Qualifications

Specification Overviews

Key Documents