Information about us
We are The Interactive Design Institute Limited, a company incorporated and registered in Scotland as a limited company. Company number SC 265879. VAT no. 847211435. Our registered office is at the address stated below. We are committed to protecting and respecting your privacy.
IDI was established in 2004 and has been delivering online undergraduate and postgraduate degree programmes since 2008 to students in more than 70 countries worldwide. It has an outstanding record in terms of student satisfaction and achievement and was the first online provider in the UK to be successfully reviewed by the QAA (Quality Assurance Agency).
The Interactive Design Institute Limited (IDI), part of the Online Education Services Limited (OES) group is a company registered in Scotland with company number 265879. VAT number 847211435. Company Address: Stuart House, Eskmills, Musselburgh, EH217PB.
Our full contact details
The Interactive Design Institute Limited
Tel: +44(0) 1224 515 270
It is important that you read this policy, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using such information.
Information on visitors
Visitors can access the home page and public areas of our website https://idesigni.co.uk/ without disclosing personal details. Our website https://idesigni.co.uk/ does not allow visitors to communicate with other visitors or to post information which can be accessed by others. Students who are enrolled on any of the courses we deliver online can communicate with other students within our study site, https://idi-study.com/ which is password protected.
The kind of information we hold about you
(a) The racial or ethnic origin of the data subject,
(b) An individual’s religious beliefs or other beliefs of a similar nature
(c) An individual’s physical or mental health or condition,
(d) An individual’s sexual orientation
We have put in place measures to protect the security of your information. Third parties will only process your personal information on our instructions and where they have agreed to treat the information confidentially and to keep it secure.
We will collect, store and use the following data about you:
- Information you give us. This is information about you that you give us by filling in forms on our website (our website) or by corresponding with us by phone, e-mail, live-chat or otherwise. It includes information you provide when you register to use our websites, subscribe to our services and during the provision of our services, search for a product or service, place an order on our website, participate in discussion boards or other social media functions on our website, enter a competition, promotion or survey and when you report a problem with our website. The information you give us may include: your name, address, e-mail address and phone number, date of birth, nationality, gender, sexual orientation, religious beliefs, next of kin details, proof of identity and any relevant UK residence permits, educational qualifications, employment history, financial and credit card information, personal description, photograph and details of any health or medical conditions.
- Information we collect about you. With regard to each of your visits to our website we will automatically collect the following information:– technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, demographic information including location, browser plug-in types and versions, operating system and platform;– information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our website (including date and time), products (including videos) you viewed or searched for, page response times, download errors, length of visits to our website including certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number.
- Information we receive from other sources. This is information we receive about you if you use the other services we provide. We are working closely with third parties (including, for example, business partners, affiliates and agents, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies). We will notify you when we receive information about you from them and the purposes for which we intend to use that information.
How we will use information about you
- Where we need to enter into a contract with you or perform the contract we have entered into with you.
- Where we need to comply with a legal obligation.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we have your consent to provide you with marketing information.
Situations in which we will use your personal information
We need all the categories of information in the list above (see The kind of information we hold about you) primarily to allow us to enter into or perform our contract with you or perform our contract with you (Condition 1) and to enable us to comply with legal obligations (Condition 2). In some cases, we may use your personal information to pursue legitimate interests of our own or those of third parties (Condition 3), provided your interests and fundamental rights do not override those interests. We may also use your personal information where you have consented (Condition 4). The situations in which we will process your personal information are listed below. We have indicated the purpose or purposes for which we are processing or will process your personal information, as well as indicating which categories of data are involved.
We use information held about you in the following ways:
Information you give to us. We will use this information:
- to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us (Condition 1);
- to fulfil our obligations as a collaborative partner of the University of Hertfordshire; whereby the university is obliged to collect and release sensitive, personal student data for visa and immigration purposes, to the Office for Students, Student Loans Company, Office for Independent Adjudicator for Higher Education and statistical reporting to the Higher Education Statistics Agency (HESA) and other external parties (Condition 2);
- to provide you with information you have requested about a product or service we offer. We will contact you either by email or telephone, dependent on the information you have provided upon the point of contact (Condition 3);
- to provide you with information about goods or services we feel may interest you. If you are an existing customer, we will only contact you by electronic means (e-mail or SMS) and telephone with information about goods and services similar to those which were the subject of a previous sale or negotiations of a sale to you. If you are a new customer, we will contact you by electronic means and telephone only if you have consented to this (Condition 4);
- to notify you about changes to our service (this allows us to keep our service updated and relevant and to develop our business) (Condition 3);
- to ensure that content from our website is presented in the most effective manner for you and for your computer (this allows us to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy (Condition 3);
- to analyse the information so that we can administer, support, improve and develop our business and services we offer (Condition 3);
Information we collect about you. We will use this information:
- to administer our website and for internal operations, including troubleshooting, data analysis, testing, statistical and survey purposes (this allows us to run our business and provide administration and IT services) (Condition 3);
- to improve our website to ensure that content is presented in the most effective manner for you and for your computer (this allows us to define types of customers for our services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy) (Condition 3);
- to allow you to participate in interactive features of our service, when you choose to do so (this allows us to keep our website updated and relevant, to develop our business and to inform our marketing strategy) (Condition 3);
- as part of our efforts to keep our website safe and secure (this allows us to protect our customers, maintain network security and prevent fraud) (Condition 3);
- to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you (this allows us to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy) (Condition 3);
- to make suggestions and recommendations to you and other users of our website about goods or services that may interest you or them (this allows us to develop our products/services and grow our business) (Condition 3);
- to participate in Facebook’s ‘Custom Audience’ service from time to time. This service enables us to display to you personalised advertisements when you visit Facebook’s social media platforms. It works by converting your email address to a unique number that Facebook uses to match to unique numbers that Facebook generates from email addresses of its users. Where we use Facebook Custom Audiences, we will only include you if you have consented to receive marketing from us (Condition 4).
- Information we receive from other sources. We will combine this information with information you give to us and information we collect about you. We will use this information and the combined information for the purposes set out above (depending on the types of information we receive).
Some of the above grounds for processing will overlap and there may be several grounds which justify our use of your personal information.
We may monitor or record telephone calls for security purposes and to improve the quality of services that we provide to you.
We do not accept enrolments, or knowingly collect personal data, from those under 16 years of age.
If you fail to provide personal information
If you fail to provide certain information when requested, we may not be able to perform the contract we have entered into with you (such as providing our services), or we may be prevented from complying with our legal obligations.
Change of purpose
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
We require third parties to respect the security of your data and to treat it in accordance with the law.
We may transfer your personal information outside the EU.
If we do, you can expect a similar degree of protection in respect of your personal information.
Why might you share my personal information with third parties?
We will share your personal information with third parties where required by law, where it is necessary to administer the working relationship with you or where we have another legitimate interest in doing so.
Which third-party service providers process my personal information?
“Third parties” includes third-party service providers (including contractors and designated agents). The following third-party service providers process personal information about you for the following purposes:
- The educational institution with which you have enrolled to manage and administer your studies
- Course tutors to assist you with your studies;
- Amazon Web Services (AWS) for data storage, hosting and server maintenance
- Salesforce Inc., for data storage, data hosting and e-mail marketing
- The Rocket Science Group LLC. d/b/a Mailchimp for data storage and e-mail marketing
- DAC Group Ltd., to manage paid digital marketing
- Unbounce.com for data collation, data storage and hosting
- LogMeIn, Inc. (Go to Webinar) for data collation, data storage, hosting and delivery of webinars
- Tawk.to for live chat functionality, data collection and storage
- Brightridge Technology Ltd. to facilitate telephone services including the storage of call data
- Stripe Payments Europe Ltd., to facilitate credit card payments and direct debit payment plans
- Student Loans Company to facilitate student loan funding
- Future Finance Loan Corporation Ltd., to facilitate student loan funding
- Turnitin LLC., for the submission of student assignments to anti-plagiarism technology
- STA International Ltd., to manage student debt recovery
- SurveyMonkey Europe UC, to conduct online student surveys
- Course Directory Affiliates for student recruitment purposes
- Student Recruitment Agents for international student recruitment purposes
- Appointlet for call booking
- ACT Credit Management Ltd for debt recovery
How secure is my information with third-party service providers?
All our third-party service providers are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
What about other third parties?
We may share your personal information with other third parties. If you have come to us through an international representative, we will continue to share your personal information with that representative. We may also need to share your personal information with a law enforcement body, regulator or to otherwise comply with the law. Since IDI is part of the Online Education Services Limited (OES) group, and we will share your personal information with OES.
Transferring information outside the EU
We will transfer the personal information we collect about you to the following countries outside the EU in order to perform our contract with you. (United States of America, Mauritius and the United Arab Emirates). There is not an adequacy decision by the European Commission in respect of that country. This means that the country to which we transfer your data are not deemed to provide an adequate level of protection for your personal information.
However, to ensure that your personal information does receive an adequate level of protection we have put in place the following appropriate measures to ensure that your personal information is treated by those third parties in a way that is consistent with and which respects the EU and UK laws on data protection:
- Amazon Web Services: Our agreement with Amazon Web Services (AWS) incorporates an EU-approved Data Processing Addendum and Model Clauses and has certified compliance with the EU-US and Swiss-US Privacy Shield Frameworks. https://aws.amazon.com/privacy/
- Salesforce Inc: Our agreement with Salesforce Inc. incorporates an EU-approved Data Processing Addendum and Model Clauses and has certified compliance with the EU-US and Swiss-US Privacy Shield Frameworks. https://www.salesforce.com/uk/company/privacy/full_privacy/
- DAC Group Ltd., Our contract with DAC Group Ltd. incorporates a data compliance agreement https://www.dacgroup.com/en-gb/privacy-policy/
- Turnitin LLC, has certified compliance with the EU-US and Swiss -US Privacy Shield Frameworks. https://help.turnitin.com/Privacy_Pledge
- LogMeIn, Inc: Our agreement with LogMeIn Inc, incorporates an EU-approved Data Processing Addendum and Model Clauses and has certified compliance with the EU-US and Swiss Privacy Shield Frameworks. https://www.tawk.to/legal/
- Tawk.to: Our agreement with Tawk.to incorporates an EU-approved Data Processing Addendum and Model Clauses and has certified compliance with the EU-US and Swiss Privacy Shield Frameworks. https://www.logmeininc.com/legal/privacy
- Stripe Payments Europe, Ltd: Our agreement with Stripe Payments Europe incorporates a Data Processing Addendum and theyhave certified compliance with the EU-US and Swiss Privacy Shield Frameworks. https://stripe.com/gb/privacy
- The Rocket Science Group LLC d/b/a Mailchimp: Our agreement with Mailchimp incorporates an EU- approved Data Processing Addendum and Model Clauses and has certified compliance with the EU-US and Swiss-EU Privacy Shield Frameworks. https://mailchimp.com/legal/privacy/
- Future Finance Loan Corporation Ltd: Our agreement with Future Finance Loan Corporation Ltd incorporates an EU-approved Data Processing Addendum and they have entered into the European Commission’s model clauses. https://www.futurefinance.com/privacy-cookie-policy/
- SurveyMonkey Europe UC. Our agreement with SurveyMonkey Europe UC incorporates an EU-approved Data Processing Addendum and Model Clauses and has certified compliance with the EU-US and Swiss-US Privacy Shield Frameworks https://www.surveymonkey.com/mp/legal/privacy-policy/
- Unbounce.com: Our agreement with Unbounce.com incorporates a Data Processing Agreement. https://unbounce.com/privacy/
- Appointlet: Our agreement with Appointlet incorporates a Data Processing Agreement. http://www.appointlet.help/en/articles/63297-privacy-policy
- Brightridge Technology: Our agreement with Brightridge Technology incorporates a Data Processing Agreement. https://www.brightridge.com/privacy-policy
- ACT Credit Management Ltd: Our agreement with ACT Credit Management Ltd. Incorporates a Data Processing Agreement. https://www.actcredit.com/privacy-policy/
- Course Directory Affiliates and Student Recruitment Agents:
- Stafford Global, United Arab Emirates: https://www.staffordglobal.org/other-links/privacy-policy
- PTC Education, Mauritius: http://www.ptceducation.com
For further details, see the European Commission’s Model contracts for the transfer of personal data to third countries.
These agreements enable us to transfer your information outside the European Economic Area in accordance with the EU and UK laws on data protection.
If you require further information about these protective measures, you can request it from our Data Privacy Manager.
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
How long will you use my information for?
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Where we hold your personal information for marketing purposes, we will retain that information for a period of three years (or longer if you agree) after which we will securely destroy the information in accordance with applicable laws and regulations.
Where you have undertaken a course of study, we will retain your personal information for twelve years after conclusion of your studies after which we will securely destroy your personal information in accordance with applicable laws and regulations.
In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.
Rights of access, correction, erasure, and restriction
Your duty to inform us of changes
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your working relationship with us.
Your rights in connection with personal information
Under certain circumstances, by law you have the right to:
- Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
- Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal information to another party.
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact our Data Privacy Manager in writing.
No fee usually required
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
Time limit to respond
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Right to withdraw consent
In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. You can withdraw your consent or update your communication preferences at any time by visiting our preference centre here. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
Third party websites
Our website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Data privacy manager
We have appointed a data privacy manager to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal information, please contact the data privacy manager by emailing firstname.lastname@example.org.
The Information Commissioner’s Office
You also have the right to lodge a complaint about how we handle your personal information with the Information Commissioner’s Office (the ICO), the UK supervisory authority for data protection issues. You can call the ICO’s helpline on 0303 123 1113. See also https://ico.org.uk/global/contact-us/. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
Changes to this privacy notice
We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.