Privacy Policy

Foley's School Privacy Policy

Introduction

FOLEY’S SCHOOL (hereafter referred to as the School”) commits to privacy and secure processing of the personal data it maintains for their clients, associates and collaborators, in an open and transparent manner. The School are also committed to the collection and processing of any personal data, in full compliance with the General Regulation on the Protection of Personal Data of the European Union (Regulation 2016/679, GDPR) (hereafter referred to as “the Regulation”) and the legislation in force in Cyprus that governs the collection and processing of Personal Data of Individuals (L. 125 (I)/2018). Personal Data involves any Data relating to an identified or identifiable natural person (‘data subject’).

The Foley’s School Privacy Policy governs the collection, use, disclosure, transfer, and storage of Personal Data. Going through the School’s privacy practices enables all data subjects in relation to the School to understand how Foley’s School deals and processes with their Personal Data. This document includes and explains the following fields regarding the processing of Personal Data:

 1       Relevant Definitions

       2       The purpose of the School processing your personal information

       3       The lawful basis for processing

       4       The type of personal information processed by the School

       5       The way the School processes your personal information

       6       The use of cookies by the School’s website

       7       The way the School protects your personal information

       8       Your subject rights under the Regulation

       9       Information retention period by the School

       10    Changes to the School Privacy Policy

       11    Contact details for any queries

1 RELEVANT DEFINITIONS
__________________________________________________________________________________________________________________________________________________________________

Under the General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR), the meaning of each of the following terms is given below: 

 a     Personal Data – includes any information relating to an identified or identifiable natural person (data subject), being one who can be identified directly or indirectly by           reference to an identifier such as a name, identification number, location data, an online identifier or to one or more factors specific to the physical, phycological, genetic,         mental, economic, cultural, or social identity of that natural person.

b     Special category Data – includes personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the  processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.

c   Data Processing – involves any operation or set of operations which is performed on personal data or on sets of personal data, whether by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

d     Data Controller – includes a natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

e     Data Processor – includes a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.

f   Third Party – involves a natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

g     Consent – involves the data subject and means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which they, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to them.

2 THE PURPOSE OF THE SCHOOL PROCESSING YOUR PERSONAL INFORMATION
__________________________________________________________________________________________________________________________________________________________________

If you are from the European Economic Area (EEA), the School’s legal basis for collecting and using the personal information described in this Privacy Policy depends on the Personal Data the School collects and the specific context in which this data is collected. The School may process your Personal Data:

i           to perform a contract with you

ii         due to your given consent to do so

iii        since processing is in the School’s legitimate interests, and it is not overridden by your subject rights

iv        for payment processing purposes

v          to comply with the law

The School uses the collected information for the following purposes:

Ø  To provide and maintain school services.

Ø  To notify you about changes to school services.

Ø  To allow you to participate in interactive features of school services when you choose to do so.

Ø  To provide client support.

Ø  To gather analysis or valuable information so that the School can improve their services.

Ø  To monitor the usage of the services provided.

Ø  To detect, prevent, and address technical issues.

Ø  To provide you with news, special offers and general information about other services and events the School offers.

© 2022 Foley's School, All Rights Reserved. Design & Development by HOB, proud member of House of Brands. Privacy Policy