Westminster Theological Centre needs to gather and use certain information about individuals. These can include students, alumni, business contacts, employees and other people the organisation has a relationship with or may need to contact.
This policy describes how this personal data will be protected in order to meet the organisation’s data protection standards, and to comply with the law.
What is data protection?
Simply put, data protection is about protecting people from the misuse of their personal information. Data protection legislation aims to prevent harm to those individuals whose data we process by creating legal responsibility for keeping the information we hold as safe as possible.
What does the Data Protection Act say?
The DPA places obligations on organisations that process personal information and gives individuals certain rights. The DPA states that those who record and process personal information must be transparent about how the information is used and must follow the eight principles of “good information handling” which are contained in schedule 1 of the DPA. The eight principles can be summarised as follows:
- Personal data shall be processed fairly and lawfully.
- Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes.
- Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.
- Personal data shall be accurate and, where necessary, kept up to date.
- Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
- Personal data shall be processed in accordance with the rights of data subjects under this Act.
- Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
- Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.
This policy applies to all data that the organisation holds relating to identifiable individuals, even if that information technically falls outside of the Data Protection Act 1998. This can include:
- Names of individuals
- Postal addresses
- Email addresses
- Telephone numbers
- Plus any other information relating to individuals that has been disclosed during a student application, for example.
Data Protection Risks
This policy helps guide the processes which protect Westminster Theological Centre, and the individuals whose date we hold, from some very real data security risks, including:
- Breaches of confidentiality. For instance, information being given out inappropriately.
- Failing to offer choice. For instance, all individuals should be free to choose how the organisation uses data relating to them.
- Reputational damage. For instance, the organisation could suffer if hackers successfully gained access to sensitive data.
Information Use, Sharing and Disclosure
Westminster Theological Centre (WTC) does not share personal information we learn about you with others except as described in this policy. We never share your information with unrelated third parties for their direct marketing purposes.
When you provide personal information through your interaction with us, whether as a student or partner or customer, you are however sharing your personal information with WTC, organizations that may hold a majority interest in WTC and any of its divisions or subsidiaries or Hub partners. The use of your personal information by these organizations is subject to this policy.
WTC may use or share your personal information where it is necessary for us to complete a transaction, to operate or improve WTC and related products and services, to do something that you have asked us to do, or tell you of products and services that we think may be of interest.
Where you are contacted with an offer or service based on information you have shared with WTC , we will do our best to provide you with an opportunity to opt-out of receiving such further communications at the time you are contacted.
When you post a message on any of our sites, you have the ability to post a message which may include personally identifiable information about yourself.
If you post personal information online that is accessible to the public, you may receive unsolicited messages from other parties in return.
Westminster Theological Centre does or may share personally identifiable information about you under the following circumstances:
- In the course of operating it may be necessary or appropriate for us to provide access to your personal information to others such as our service providers, contractors and select vendors so that we can deliver our services. Where practical, we seek to obtain confidentiality agreements that are consistent with this policy and that limit others’ use or disclosure of the information you have shared.
- We may share your personal information to respond to subpoenas, court orders, or legal process, to establish or exercise our legal rights or, defend against legal claims and if in our judgment in such circumstances disclosure is required or appropriate.
- We are required to share your personal information with the University of Chester for the purposes of enrolment, change of course etc.
If there is ever a change to how WTC uses or intends to use personal information, we will post that change to this policy and, if the new policy is materially less restrictive than this policy, we will seek your consent.
Sensitive Personal Data
Sensitive student data, such as information relating to disabilities or past convictions, will be destroyed once the student has finished their studies with WTC.
We encourage you to ensure that your Personal Data is accurate and kept up to date so please regularly update any information you have given to us by sending an email to , or by writing to us. We will correct, amend or delete any Personal Data that you notify us is inaccurate and notify any third party recipients of necessary changes.
WTC may occasionally obtain IP addresses from users depending upon how you access our website. IP addresses, browser and session information may be used for various purposes, including to:
- Diagnose and prevent service or technology problems reported by our users or engineers that are associated with the IP addresses controlled by a specific web company or ISP.
- Estimate the total number of users visiting WTC web pages from specific geographical regions.
- Help determine which users have access privileges to certain content, services or resources that we offer.
- Monitor and prevent fraud and abuse.
WTC may display your IP address to the owners or maintainers of certain WTC pages when you post to those pages and the owner or maintainer has enabled functionality on the site for this purpose.
A cookie is a small amount of data, which often includes an anonymous unique identifier that is sent to your browser from a web site’s computers and stored on your computer’s hard drive.
If you reject all cookies, you may not be able to use WTC products or services that require you to “log in,” and you may not be able to take full advantage of all offerings.
You can configure your browser to accept all cookies, reject all cookies, or notify you when a cookie is set.
WTC uses its own cookies for a number of purposes, including to:
- Require you to re-enter your password after a certain period of time has elapsed to protect you against others accidentally accessing your account contents.
- Keep track of preferences you specify while you are using WTC services.
- Estimate and report our total audience size and traffic.
- Conduct research to improve WTC content and services.