Our Commitment to GDPR and the Protection of Learners’ Data
The correct management of personal data is as important to us as it is to you. In most typical arrangements with Surpass, we will act as the data processor and you will be the data controller. You are in full control of the data you wish to be stored in Surpass. Typically, this might involve: first name, middle name, last name, gender, candidate reference, date of birth, email, telephone number, reasonable adjustments, ethnicity and location.
Some of this data is considered to be sensitive, therefore, it’s important that you have control over what data is stored. Of course, part of the process of storing this data involves the ability to delete or anonymize the data on request. Our team understand that it may not be as simple as removing records of a certain date or certain data fields. Therefore, we are ready to help you manage your data within Surpass and to help you meet the often complex requirements of data protection regulations like GDPR.
Our internal legal advisors have significant experience of data protection law and data protection issues, and oversee record keeping, privacy impact assessments, product security and improvements, staff training, customer contract preparation, security, and data protection due diligence. ‘Privacy by design’ is at the heart of everything we do.