The GDPR requires companies to implement reasonable data protection measures to protect consumers’ personal data and privacy against data loss or exposure. Most important principles and requirements regarding the management of personal data:
- Lawfulness, fairness, and transparency: personal data should be processed in a lawful, fair and transparent manner
- Limited purpose: personal data should be collected for specified, explicit and legitimate purposes and not further processed in a way not compatible with those purposes
- Data minimization: the collection of personal data should be limited and data collected must be relevant to accomplish a specific purpose
- Accuracy: personal data stored and managed should be accurate and, where necessary, kept up to date
- Storage limitation: personal data shouldn’t be kept for longer than is necessary for the purposes for which such personal data is processed
- Confidentiality and integrity: personal data should be processed in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage, using appropriate technical or organizational measures
Since we have 2 types of courses (Evening and Summer Intensive Courses) we collect lots of personal data about our students. We will inform you in advance about which data we need and for what reason, how long we will keep them and how we will storage them. Students must agree to the procedure in advance.
You can read our full Data protection policy here.