Data protection and data processing
What you need to know
Here at Studee we take data protection very seriously so we can keep our students safe and their data secure. We expected our agents to comply with all the applicable requirements of the data protection legislation of their country, as well as our data protection policy hosted on our website.
- Within our agreement, you are the data processor and we are the data controller
- We will hold all information about you, your employees, sub agents, and students in accordance with the principles set out in GDPR (General Data Protection Regulation)
- We will only use any personal student information you provide to us to provide the service we offer and process your commission payment for the service
What we’d like you to do
You must ensure that you:.
Have the necessary, legal, technical and organizational processes in place to mitigate any privacy and data protection risks.
Have plans and processes in place to cope with a privacy or data protection incident and recover from it.
Have a business continuity / disaster recovery plan to maintain minimum service levels to Studee, should you suffer an incident (e.g. a ransomware attack).
Understand your legal and contractual obligations for managing and reporting privacy and data protection incidents, including reporting timescales, who to report to, and expected actions.
Declare any material security breaches or compromises without delay to Studee by email to [email protected] adhering to UK GDPR timescales.
You and your sub-agents must ensure all Students sign your student/parental consent form before sending the application to Studee.
You and your sub agents may not disclose information about the student to anyone other than us and, when requested, the partner universities, without the written consent of these parties, unless required to by a government agency in the operational territory.
Upon request, you must complete our annual data protection audit questionnaire.
€$£
