Brighton College is committed to protecting and respecting your privacy.

This privacy statement is to help you understand how and why we collect your personal information when you visit our website and what we do with that information. It also explains the decisions that you can make about your own information.

We are a "data controller".  This means that we are responsible for deciding how we hold and use personal information about you, and for explaining this clearly to you.

This statement only relates to how we use information which is collected when you visit our website.  For information about how the College uses personal information in other contexts please see our privacy notices which can be found here.

What do we mean by "personal information"?

Personal information is information about you and/or your child from which you/your child can be identified. For example, your name, contact details and payment details.

If information has been anonymised, it is not personal information.

What personal information is collected by us through the website and why?

We collect and process the following personal information about you in connection with your use of our website:

  • Information you give us: this is information about you that you give us by filling in forms on our website. 
  • Information we collect about you: with regard to each of your visits to our website we may automatically collect the following information:
    • Technical information, including the Internet Protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions and operating system and platform.
    • Information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time), services you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page and any phone number used to call us.
  • Cookies: our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our website.
  • Required information: we indicate on our website forms what information is mandatory. If you do not provide this mandatory information, then we may not be able to provide the services you have requested.

We use information held about you in the following ways:

  • Information you give to us: we will use this information to:
    • contact you regarding your enquiry with relevant information and / or events. 
    • carry out our obligations arising from any contracts entered into between you and us.
    • provide you with the information and services that you request from us.
    • notify you about changes to our service.
  • Information we collect about you: we will use this information:
    • to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
    • to improve our site to ensure that content is presented in the most effective manner for you and for your computer.
    • as part of our efforts to keep our website safe and secure.

Use of cookies

We may gather information about your general internet use by using cookies. Where used, these cookies are downloaded to your computer and stored on the computer's hard drive. Such information will not identify you personally. This statistical data does not identify any personal details whatsoever.

Accepting our cookie policy will install the following cookies:

  • Our own cookie which keeps track of your session.
  • Our own cookie which prevents cross-site request forgery.
  • Our own cookie which keeps track of your cookie preferences and recognises when you have granted permission to activate the following other cookies:
    • Google Analytics: registers a unique ID that is used to generate general statistical information. We are not able to identify you in any way with this cookie. Statistical information is shared internally only, within the Brighton College Group.
    • Facebook: this only functions if you have visited our website from one of our Facebook advert campaigns – it lets us know that you visited from Facebook.

Declining our cookie policy installs a non-identifying, non-tracking cookie which blocks these tracking cookies from being activated.

Where we store your personal data

All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share this password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Sharing personal data with third parties

We may occasionally share your personal information:

  • With local authorities, the Independent Schools Inspectorate, the Department for Education, the Police or our legal advisers where, for example, we have any safeguarding concerns
  • With our professional advisers and insurance company, for example, where there is a serious incident at the College or in connection with actual or contemplated litigation
  • With other companies and organisations for the purposes of fraud protection and credit risk reduction
  • With third parties where required by law, where it is necessary to administer the working relationship with you or where we have another legitimate interest in doing so
  • We sometimes use contractors to handle personal information on our behalf. The following are examples:
    • if we use a contractor in connection with the provision of our services, we may share information with them as appropriate.
    • IT consultants who might access information about you when checking the security of our IT network
      Please note that we may process your personal information without your knowledge or consent where this is required or permitted by law.

For how long do we keep your information?

We keep your information for as long as we need to in order to provide services to you and educate and look after your child. We will keep some information after your child has left the College, for example, so that we can find out what happened if you make a complaint.

In exceptional circumstances we may keep your information for a longer time than usual, but we would only do so if we had a good reason and only if we are allowed to do so under data protection law.

The College has a Retention and Deletion Schedule that sets out how long we keep your personal information.

Our legal grounds for using your information

Where we have a contract with you, we are allowed to use information about you where this is necessary so that we can carry out our obligations under that contract. We are also entitled to use your information in order to take steps you have requested prior to entering into the contract.

Unless this would be unfair to you, we have a legitimate interest in using your information in order to improve and maintain our website and make it available to you.

Occasionally, we may need to use your information in connection with legal disputes or where we have a legal obligation to share your information.

We may use your information to perform tasks in the public interest, such as facilitating the efficient operation of the College and ensuring that we comply with all of our legal obligations.

Keeping you updated

We may contact you with marketing material by email, telephone, post or by text message but we will only do this where we are allowed to do so under data protection law.  Sometimes we will need your consent first.

If you tell us that you do not want to be contacted for any of these purposes, then we will of course respect that. Any use of your information before you withdraw your consent remains valid.

What decisions can you make about your information?

Data protection legislation gives you a number of rights regarding your information. Some of these are new rights whilst others build on your existing rights. Your rights are as follows:

  • Rectification: if information is incorrect, you can ask us to correct it. 
  • Access: you can also ask what information we hold about you and be provided with a copy. This is commonly known as making a subject access request. We will also give you extra information, such as why we use this information about you, where it came from and what types of people we have sent it to.
  • Deletion: you can ask us to delete the information that we hold about you in certain circumstances. For example, where we no longer need the information.
  • Portability: you can request the transfer of your information to you or to a third party in a format that can be read by computer. This applies where (a) the information has been provided by you; (b) the basis that we are relying on to process your information is consent or contract; and (c) the information is being processed by us on computer.
  • Restriction: our use of information about you may be restricted in some cases. For example, if you tell us that the information is inaccurate, we can only use it for limited purposes while we check its accuracy.
  • Object: you may object to us using your information where:
    • we are using it for direct marketing purposes;
    • the legal basis on which we are relying is either legitimate interests or performance of a task carried out in the public interest; or
    • we are using it for historical or scientific research purposes or archiving purposes, unless the processing is necessary for the performance of a task carried out for reasons of public interest.

Further information and guidance

This privacy statement is to explain how we use your personal information collected when you visit our website. The Bursar is the person responsible at the College for managing how we look after personal information and deciding how it is shared.  Please get in touch if you would like us to update the information we hold about you.

If you consider that we have not acted properly when using your personal information you can contact the Information Commissioner's Office: www.ico.org.uk If you do have concerns about how we have handled your personal information we would kindly ask that you contact us in the first instance before you speak to the ICO so that we have an opportunity to put things right. 

How to get in touch

Email: GDPR@brightoncollege.net

Write to: The Bursar, Brighton College, Eastern Road, Brighton, East Sussex, BN2 0AL.

Third party links

On occasion, we include links to third parties on this website. Where we provide a link, it does not mean that we endorse or approve that site's policy towards visitor privacy. You should review their privacy policy before sending them any personal data.