GDPR Policy

1. Introduction

LLC Tuition needs to hold and process large amounts of personal data about its students, employees, applicants, contractors, and other individuals to carry out its business and administrative functions. This policy is intended to ensure that personal data is dealt with properly and securely in accordance with the General Data Protection Regulation (GDPR) and The Data Protection Act 2018 (DPA).

2. Definitions

Personal Data: Any information relating to an identified or identifiable natural person (data subject) who can be identified, directly or indirectly, by reference to an identifier such as a name, identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
Sensitive Personal Data: Special categories of personal data, such as racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data, or data concerning a person's sex life or sexual orientation.
Pseudonymized Personal Data: Personal data that has undergone a process to replace identifying information with a pseudonym, making it difficult to attribute the data to a specific individual without additional information.
Anonymous Data: Data that has had the identity of an individual permanently removed, making it impossible to identify the data subject.

3. Scope

This policy applies to all personal information, regardless of the way it is used, recorded, and stored, whether held in paper files or electronically. It applies to anyone who handles or has access to people's personal data within LLC Tuition.

4. Principles of Data Protection

LLC Tuition is committed to adhering to the following principles of data protection as stipulated in the GDPR:

  1. Lawfulness, Fairness, and Transparency: We will process personal data lawfully, fairly, and transparently, ensuring that data subjects are aware of the processing activities related to their data
  2. Purpose Limitation: Personal data will only be collected for specified, explicit, and legitimate purposes and will not be further processed in a manner incompatible with those purposes
  3. Data Minimization: We will collect only the data that is necessary for the purposes for which it is processed
  4. Accuracy: We will ensure that personal data is accurate and up-to-date, with mechanisms in place to rectify inaccurate data
  5. Storage Limitation: Personal data will be stored for no longer than necessary for the purposes for which it is processed
  6. Integrity and Confidentiality: We will process personal data in a manner that ensures its security, including protection against unauthorized or unlawful processing and accidental loss, destruction, or damage
  7. Accountability and Transparency: LLC Tuition will be accountable for complying with the GDPR, and we will be transparent about our data processing activities

5. Responsibilities

  1. Data Protection Officer (DPO): LLC Tuition will designate a Data Protection Officer responsible for overseeing compliance with GDPR and DPA
  2. Employees: All employees must be aware of and comply with this policy. They are responsible for protecting personal data and reporting any breaches or concerns to the DPO

6. Data Processing

  1. Lawful Basis: Personal data will be processed only when there is a lawful basis for doing so, such as the data subject's consent, the necessity of processing for contractual obligations, legal compliance, vital interests, the performance of a task carried out in the public interest or in the exercise of official authority, or legitimate interests pursued by LLC Tuition
  2. Consent: Where consent is required for processing personal data, LLC Tuition will obtain explicit and informed consent from data subjects
  3. Data Subject Rights: LLC Tuition will respect and facilitate the exercise of data subject rights, including the right to access, rectify, erase, restrict processing, data portability, and object to processing

7. Data Security

  1. Data Encryption: Personal data will be stored and transmitted securely through encryption methods
  2. Access Controls: Access to personal data will be restricted to authorized personnel on a need-to-know basis
  3. Data Retention: Personal data will be retained only for the duration necessary to fulfill the purposes for which it was collected, and a data retention policy will be established

8. Data Breach Response

  1. Reporting: Any suspected or confirmed data breaches will be reported to the DPO and, if required, to the relevant supervisory authority and affected data subjects
  2. Mitigation: LLC Tuition will take immediate steps to mitigate the impact of data breaches

9. Data Transfer

International Transfers: If personal data is transferred outside the European Economic Area (EEA), appropriate safeguards will be implemented to ensure data protection compliance.

10. Training and Awareness

Training: Employees will receive training on data protection and this policy.

11. Review and Update

This policy will be reviewed regularly and updated as necessary to ensure compliance with applicable data protection laws.

12. Conclusion

This GDPR policy demonstrates LLC Tuition's commitment to protecting personal data and complying with data protection laws. It is the responsibility of all employees to adhere to this policy and report any concerns or breaches promptly.



Last reviewed: Dec 2023


Follow us in Facebook


Our Offices

Working Hours

  • Monday - Sunday: - 9am to 7pm

Get in Touch

Send us a message online, one of our representative will get back to you as soon as possible.