As a List Owner, The Education Company is aware of and committed to all relevant laws and regulations relating to the collection, storage and use of it data. This includes, but is not limited to, the Data Protection Act 2018, the 2016 EU General Data Protection Regulations (GDPR) and guidance from the Information Commissioner’s Office. We are also members of the Direct Marketing Association (DMA). We understand that all data subject preferences and rights must be accommodated and adhered to.
Our Data Protection Officer is Andrew Adkins.
Data Protection Act Reg No. Z4930758
The Education Company maintain a database of education establishments, people at those establishments, and additional profile information relating to the establishment, its address and/or the people who work there. Typically, this will be schools with their associated leadership team and teachers, plus anonymised related data about the school (performance, funding, attainment, spending, pupil makeup and distribution, etc).
Use and users of our data
Our data is predominately used by organisations who want to interact in some way with the education sector. This may be commercial operations, school competitions and events, charities and organisations supporting the education sector under their Corporate Social Responsibility. Click here to view a list of organisations which use The Education Company data.
Methods of Research
The Education Company employ a dedicated team to research, validate and enhance our data. We aim to verify our data at least once every six months, with key data elements being validated more frequently.
Education Company data is collected either direct from the schools themselves, or from information that has been placed in the public domain. This can include school websites, Local Authority listings and data released by the various Departments for Education. Data is validated and its source and the date of collection/confirmation are recorded within our database. We are always clear as to the reasons for collection and use of the data. Our information and data collection policies are also available on our website for data subjects to review.
Data related to post holders at the schools (and other educational establishments) included in our database is defined as “personal data”. Typically, this will include the individuals name, job title, work responsibilities, direct telephone number and their official email address for that organisation. This data is held by the Education Company if it has been provided by the post holder themselves, or from any other employee within their organisation. This can be by email, telephone, post or direct contact. We will also hold information relating to the individual where this has been published in the public domain either by the employing organisation, the Government department or group organisation. We do not store sensitive personal data in our database.
Data relating to an individual’s job function is used by the Education Company as part of the selection process that defines if a communication is relevant to that individual.
Data Security and Retention
Data is held securely in the cloud (within Europe) and access to all data held by the Education Company is restricted by user account, permissions and password internally. The data itself is stored on dedicated servers which have restricted access both physically (housed in a security controlled server room) and limited network access based on role and permission groups.
The company adheres to a Data Protection Policy which forms part of all employees’ contracts of employment. This policy includes rules relating to the collection, storage and use of personal data held by the company.
All data held is subject to the companies research and validation procedures. We aim to validate our data at least once every 12 months.
Data Licence and Use
Data provided by the Education Company is shared in compliance with all applicable legislation and our Standard Terms and Conditions. The rights of the individual data subjects is key and use of the data must be in accordance with legislation and permitted use:
- The content must be relevant to the recipient.
- It must not be excessive or inappropriate to the role of the data subject
- There must be a clear opt-out on all communications – and a defined process to action and adhere to such requests
- Data bought or extracted from EdCo systems must be used within one month to ensure that it is as accurate as possible and all recent opt-out requests are included
- Data must be held securely and not passed to third parties without explicit consent
Data Subject Enquiries
We only work with responsible organisations who will only contact individuals if the product, service or opportunity they are promoting is suitable for the individual and their school. However, we recognise that the data subjects held by us have the right to have their personal data removed from our database. They may also enquire about how their data was sourced.
If a data subject wishes to have their details removed from our database, or enquire as to the source of their data, they should contact us at:
The Education Company Limited
Kent ME9 8LT
If a data subject is still unhappy after contacting us direct, they may contact the Information Commissioners Office on 0303 123 1113 or via their website https://ico.org.uk