Privacy Policy

BridgeU – Website Privacy Policy

Dated: 16 March 2018

PLEASE READ THIS POLICY CAREFULLY

Protecting your data, privacy and personal information is very important to BridgeU Limited (“BridgeU”, “our”, “us” or “we”).  This policy applies only to (i) activities on or in connection with our public website, https://bridge-u.com/ (“Website”), and (ii) our direct marketing activities.  It does not cover the processing of personal data in connection with our intelligent university and course matching software platform (“Platform”).  If you have been authorised by a school to use the Platform, please refer to our Platform Privacy Notice for details of how we process your personal data in this respect.  The most up-to-date version of our Platform Privacy Notice can be found at https://bridge-u.com/platform-privacy/.

Our Website may contain links to third party websites. If you follow a link to any of those third party websites, please note that they have their own privacy policies and that we do not accept any responsibility or liability for their policies or processing of your personal information. Please check these policies before you submit any personal information to such third party websites.

Personal information we may process about you

Our Website operates primarily to market the Platform to schools.  To the extent we collect personal data via our Website, our main purpose is to better serve schools and to improve the function of the Website.  We may also obtain personal information from our specialist research partner, ISC Research – we do so to send relevant information about our products and services.  A breakdown of the personal data we may process is set out in a table at the end of this policy, together with the other information we are required to provide.

Where we send electronic marketing communications, we will provide an option to unsubscribe or opt-out of further communication or you may opt out by contacting us at privacy@bridge-u.com.  

We will not sell your personal data (or any other data you provide us with) to third-parties for marketing purposes.

Where we store your personal information

The personal data that we collect from you may be transferred to and stored at a destination outside of the European Economic Area (“EEA”). This data may also be processed by staff operating outside of the EEA who work for us or for one of our business partners or service providers.  Further information is provided in the table at end of this policy. Please contact us at privacy@bridge-u.com if you would like further details on the specific safeguards applied to the export of your personal data outside the EEA.

Disclosure of your information

We may also disclose your personal information to third parties in the following circumstances:

Purpose of disclosure and third party(s) to which disclosure might be made

Use Justification

If you request we do so.

You have provided your consent.

If we sell or buy any business or assets, we may disclose your personal information to the prospective seller or buyer of such business or assets.

Legitimate interests (i.e. to buy or sell business assets).

If BridgeU or substantially all of its assets are acquired by a third party, personal information about our customers will be one of the transferred assets.

Legitimate interests (i.e. to dispose of our business).

If we are under a duty to disclose or share your personal data in order to comply with any legal obligation or to protect the rights, property, or safety of BridgeU, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection.

Processing is necessary for compliance with a legal obligation, or processing is necessary in order to protect the vital interests of a natural person

We may disclose your personal information to third parties, the court service and/or regulators or law enforcement agencies in connection with proceedings or investigations anywhere in the world where compelled to do so. Where permitted, we will direct any such request to you or notify you before responding unless to do so would prejudice the prevention or detection of a crime.

Legitimate interests (i.e. to cooperate with law enforcement and regulatory authorities)

 

Your rights

Under the General Data Protection Regulation (EU) 2017/676, you have various rights in relation to your personal data. All of these rights can be exercised by contacting us at privacy@bridge-u.com.  

You have the following rights in relation to your personal data:

Rights

Details

Right to Rectification

We will use reasonable endeavors to ensure that your personal information is accurate. In order to assist us with this, you should notify us of any changes to the personal information that you have provided to us by sending us a request to rectify your personal data where you believe the personal data we have is inaccurate or incomplete.

Right to erasure / ‘Right to be forgotten’

Asking us to delete all of your personal data will result in BridgeU deleting your personal data without undue delay (unless there is a legitimate and legal reason why BridgeU is unable to delete certain of your personal data, in which case we will inform you of this in writing).

Right to restriction of processing

You have the right to ask us to stop processing your personal data at any time.

Right to data portability

You have the right to request that BridgeU provides you with a copy of all of your personal data and to transmit your personal data to another data controller in a structured, commonly used and machine-readable format, where it is technically feasible for us to do so.

Right to complain

You have the right to lodge a complaint to a supervisory authority such as the Information Commissioner’s Office in the UK (see www.ico.org.uk). Although we encourage our customers to engage with us in the event they have any concerns or complaints.

 

BridgeU will not ordinarily charge you in respect of any requests we receive to exercise any of your rights detailed above; however, if you make excessive, repetitive or manifestly unfounded requests, we may charge you an administration fee in order to process such requests or refuse to act on such requests. Where we are required to provide a copy of the personal data undergoing processing this will be free of charge; however, any further copies requested may be subject to reasonable fees based on administrative costs.  

Where you request BridgeU to rectify or erase your personal data or restrict any processing of such personal data, BridgeU may notify third parties to whom such personal data has been disclosed of such request. However, such third party may have the right to retain and continue to process such personal data in its own right, for example to comply with its legal obligations.

Cookies

BridgeU uses cookies to distinguish you from other users. This helps us provide you with a good experience when you use our Website. Please note that it is possible to disable cookies being stored on your computer by changing your browser settings. However, our Website may not perform properly or some features may not be available to you if you disable cookies.

For detailed information on the cookies we use and the purposes for which we use them see our Cookie policy at https://bridge-u.com/cookies/.  

Changes to this policy

Any changes we make to our privacy policy in the future will be posted on this page, and where appropriate, notified to you by email. We therefore encourage you to review it from time to time to stay informed of how we are processing your information.

Contact

Questions, comments and requests regarding this privacy policy are welcome and should be addressed to privacy@bridge-u.com.  

For the purpose of the relevant data protection legislation, the data controller is BridgeU Limited (company no. 08989432), with registered address at 1st Floor, Buckhurst House, 42/44 Buckhurst Avenue, Sevenoaks, Kent, TN13 1LZ.

 

 

 

Personal data

Why personal data are processed?

Legal basis for processing

Period for which your data will be stored

Will your personal data will be shared with third parties?

Transfers outside the European Economic Area

1.

The IP address of the device you used to access our Website.

To improve the function of the Website.

Processing is necessary for our legitimate interests (i.e. to understand who is visiting the Website).

For up to 1 year

We may share this data with Google Analytics to help us improve our Website.

Yes, Google Analytics may store this data in the USA.  We rely on the fact that Google is certified as complying with Privacy Shield.

2. 

Your name, email address and phone number.

To enable us to contact you / send information that you have requested.

You have provided your consent.

For as long as we send you relevant information.

We may share this data with one of our group companies if it serves the territory in which you are based.

We may use third party CRM or analytics providers to manage our sales and marketing activities.

Yes, we may use hosted services which store your personal information in the USA.  We rely on the fact that our suppliers are certified as complying with Privacy Shield.

If your data is transferred to a group company outside the EEA, we will use the Model Clauses to ensure adequate safeguards are in place.

To enable us to engage in direct marketing (such as newsletters or marketing emails for products and services provided by us that we believe will be of interest to you).

Processing is necessary for our legitimate interests (i.e. direct marketing activities).

Until such time as you inform us you don’t want to continue receiving marketing communications – you have the right to unsubscribe at any time.

We may share this data with one of our group companies if it serves the territory in which you are based.

We may use third party CRM or analytics providers to manage our sales and marketing activities.

Yes, we may use hosted services which store your personal information in the USA.  We rely on the fact that our suppliers are certified as complying with Privacy Shield.

If your data is transferred to a group company outside the EEA, we will use the Model Clauses to ensure adequate safeguards are in place.

3.

A record of any communication / correspondence you have with us (e.g. when you contact us by email, telephone or post).

To enable us to maintain records with our potential and actual clients.  

Processing is necessary for our legitimate interests (i.e. to understand who is visiting the Website).

For up to 6 years

We may share this data with one of our group companies if it serves the territory in which you are based.

We may use third party CRM or analytics providers to manage our sales and marketing activities.

Yes, we may use hosted services which store your personal information in the USA.  We rely on the fact that our suppliers are certified as complying with Privacy Shield.

If your data is transferred to a group company outside the EEA, we will use the Model Clauses to ensure adequate safeguards are in place.

4.

Any personal data provided on a CV / resume provided to us (e.g. via email or through our “jobs” webpage).

To enable us to consider your application.

You have provided your consent.

We will keep your details on file for 24 months in case any other relevant positions become available.

We may share this data with one of our group companies if you apply for a job role outside the UK.

Yes, we may use hosted services which store your personal information in the USA. We rely on the fact that our suppliers are certified as complying with Privacy Shield.

If your data is transferred to a group company outside the EEA, we will use the Model Clauses to ensure adequate safeguards are in place.

5.

Any personal data that you provide to us as part of a survey.

To improve our Website or services.

Processing is necessary for our legitimate interests (i.e. to understand the requirements of our potential and actual clients).

For as long as we are using such data to improve our services and for a reasonable period afterwards.

We may use third parties to help us conduct surveys.

Yes, we may use hosted services which store your personal information in the USA. We rely on the fact that our suppliers are certified as complying with Privacy Shield.

If your data is transferred to a group company outside the EEA, we will use the Model Clauses to ensure adequate safeguards are in place.

[With Examples]
[With Examples]