Privacy Policy

Introduction

Nexsy Academy Ltd is committed to protecting your privacy and safeguarding your personal data whilst delivering exceptional professional development education through our innovative training programmes. This Privacy Policy explains how we collect, use, process, and protect your information when you enrol in our courses and utilise our educational services.

​

As a private training provider specialising in digital skills, business process optimisation, and artificial intelligence education, we understand the sensitive nature of educational data and have implemented comprehensive measures to ensure your information remains secure and is used only for legitimate educational purposes that benefit your learning journey and professional development.

​

We process personal data in accordance with the General Data Protection Regulation (GDPR), the UK Data Protection Act 2018, and all applicable data protection legislation. This policy provides you with clear information about your rights regarding your personal data and how to exercise them.

​

Contact Information:

• Email: info@nexsy.co.uk

• Address: 128 City Road, London EC1V 2NX

• Telephone: +44 (0) 1268 533 827

 

Data Controller and Our Role

Nexsy Academy Ltd acts as the data controller for personal data processed in connection with our educational services. We determine the purposes and means of processing your personal data in the context of course delivery, student support, assessment, and qualification awarding processes.

​

It is important to note that whilst we utilise the Learning Management System (LMS) provided by Nexsy Ltd (a separate company), Nexsy Academy Ltd remains the data controller for all student data processed for educational purposes. Nexsy Ltd acts as a data processor on our behalf under a comprehensive data processing agreement that ensures your data protection rights are maintained.

​

Our role as data controller means we are responsible for ensuring lawful, fair, and transparent processing of your personal data, protecting your rights, implementing appropriate security measures, and responding to any data protection concerns you may have.

​

Information We Collect

​

Student Registration and Profile Information

We collect essential information required for course administration and student support services. This includes your full name, date of birth, contact details including postal address, email address, and telephone number, emergency contact information, educational background including prior qualifications and relevant experience, and employment details where relevant to your course selection or funding arrangements.

​

We also collect course preferences and learning objectives to help us provide personalised educational support, accessibility requirements or reasonable adjustments needed for your studies, and marketing preferences regarding how you wish to receive information about our services and opportunities.

​

Educational and Assessment Data

Throughout your studies, we collect comprehensive educational data to support your learning journey and meet regulatory requirements. This includes course enrolment records, attendance data for live sessions, participation in online learning activities through our LMS, assessment submissions including written work, practical demonstrations, and project materials, grades and feedback provided by instructors, and progress tracking information showing your advancement through course modules.

​

We maintain records of Individual Learning Plans where applicable, accommodations provided for special educational needs or disabilities, learning style assessments that help personalise your educational experience, and communication records with instructors and support staff regarding your academic progress.

​

Technology Usage and Platform Interaction Data

When you use our LMS and participate in online learning activities, we automatically collect certain technical information to ensure platform functionality and improve your learning experience. This includes login timestamps and session duration, navigation patterns within the LMS, feature usage statistics, video conferencing participation data for live sessions, and system performance data to optimise platform delivery.

​

We collect device information, including IP addresses, browser types, and operating system details, for security and technical support purposes. This information helps us ensure platform compatibility, identify technical issues, and maintain the security of our educational systems.

​

AI-Enhanced Learning Data

Our educational platform incorporates artificial intelligence features designed to personalise and enhance your learning experience. The AI systems analyse your learning patterns, engagement with course materials, assessment performance trends, and learning style preferences to provide customised recommendations and support.

​

AI-generated data includes personalised content recommendations based on your progress and interests, automated feedback on certain types of assignments and exercises, learning path optimisation suggestions, and intelligent tutoring responses to support your understanding of course concepts.

​

All AI processing is conducted with appropriate safeguards to protect your privacy, and you maintain control over how AI features are utilised in your learning journey.

​

Financial and Payment Information

For course fee processing, we collect payment method details, billing addresses, purchase history, and records of any financial assistance or funding arrangements. Payment processing is handled through secure third-party providers, and we do not store complete payment card details on our systems.

We maintain financial records necessary for accounting purposes, regulatory compliance, and to support any queries regarding payments or refunds in accordance with our Payment Terms and Conditions.

​

Third-Party Integration Data

We integrate with various platforms to enhance your educational experience, including video conferencing services for live sessions, external assessment platforms where required by awarding organisations, and professional networking platforms for career development opportunities.

​

When you use these integrations, we may receive information from these services in accordance with their privacy policies and your consent preferences. We ensure all third-party partnerships maintain appropriate data protection standards.

​

How We Use Your Information

​

Educational Service Delivery

We process your personal data primarily to deliver comprehensive educational services tailored to your learning needs and professional development objectives. This includes course administration activities such as enrolment processing, timetabling, and student record management, delivering live instruction through qualified instructors via video conferencing platforms, providing access to learning materials and resources through our LMS, and facilitating assessment and feedback processes.

​

We use your information to personalise your learning experience through AI-enhanced recommendations, adaptive content delivery based on your progress and learning style, and individualised support from instructors and student services staff. Your data enables us to track your academic progress, identify areas where additional support may be beneficial, and ensure you achieve the learning outcomes defined for your chosen course.

​

Assessment and Qualification Processes

Personal data is essential for conducting fair and accurate assessments that meet the standards required by awarding organisations and industry bodies. We use your information to create and manage assessment schedules, deliver practical assessments via video conferencing where appropriate, provide detailed feedback on your performance, and maintain comprehensive records for internal and external verification processes.

​

Your assessment data supports the awarding of qualifications, certificates, and professional credentials that validate your newly acquired skills and knowledge. We also use anonymised assessment data to continuously improve our course content and delivery methods.

​

Student Support and Welfare

We process personal data to provide comprehensive support services that enhance your educational experience and personal development. This includes academic support through study skills guidance and learning assistance, technical support for LMS and platform-related issues, career guidance and professional development advice, and welfare support, including reasonable adjustments for disabilities or learning difficulties.

​

Your information enables us to identify students who may benefit from additional support, coordinate with external services where appropriate, and maintain a safe and inclusive learning environment for all participants.

​

Regulatory Compliance and Quality Assurance

As a private training provider, we must maintain comprehensive records to comply with educational regulations and quality assurance requirements. This includes reporting to awarding organisations, regulatory bodies, and funding providers where applicable, maintaining audit trails for assessment and qualification processes, demonstrating compliance with educational standards and data protection requirements, and supporting external inspections and reviews.

​

Your data supports our commitment to educational excellence and helps ensure the qualifications and certificates you earn maintain their value and recognition within your chosen industry.

​

Communication and Engagement

We use your contact information to communicate important course-related information, assessment deadlines, and educational opportunities that support your professional development. This includes administrative notifications regarding course changes or important announcements, educational content such as additional learning resources and industry insights, and optional marketing communications about new courses and professional development opportunities.

​

All marketing communications are sent only with your consent, and you can manage your communication preferences or opt out at any time through your LMS profile or by contacting our student services team.

​

Legal Basis for Processing

We process personal data based on several legal grounds depending on the context and purpose of processing. For core educational services, including course delivery, assessment, and qualification awarding, we rely on the performance of our contract with you as established through our Student Terms and Conditions.

​

Where we have legitimate interests in improving our educational services, conducting educational research with anonymised data, ensuring platform security, or maintaining business operations, we balance these interests against your rights and freedoms. We conduct regular assessments to ensure our legitimate interests do not override your privacy rights.

​

For optional services such as marketing communications or enhanced personalisation features, we seek your explicit consent. You can withdraw consent at any time without affecting the lawfulness of processing conducted prior to withdrawal.

​

We also process data where necessary to comply with legal obligations, including educational regulations, data protection requirements, health and safety obligations, and financial record-keeping requirements.

​

Data Sharing and Disclosure

​

Awarding Organisations and Educational Partners

We share relevant student data with awarding organisations responsible for the qualifications you are pursuing. This includes registration information, assessment results, and any other data required for qualification awarding processes. These organisations are bound by their own privacy policies and data protection obligations.

​

We may share data with educational partners, including placement providers, industry collaboration partners, and professional bodies, where this supports your educational objectives or career development opportunities. All partnerships are governed by appropriate data sharing agreements.

​

Technology Service Providers

We work with carefully selected technology providers to deliver our educational services effectively. This includes Nexsy Ltd, which provides our Learning Management System under a comprehensive data processing agreement that ensures your data is protected to the same standards we maintain, cloud hosting providers that support our digital infrastructure with enterprise-grade security measures, video conferencing platforms used for live sessions with appropriate privacy safeguards, and payment processing services that handle financial transactions securely.

​

All technology partnerships are governed by strict data processing agreements that limit how your data can be used and ensure appropriate security measures are maintained throughout the data processing lifecycle.

​

Regulatory and Legal Requirements

We may disclose information when required by law or to comply with legal processes, including responses to court orders, regulatory investigations, or valid requests from law enforcement agencies. We may also share data to protect our rights and property, ensure platform security and integrity, or protect the safety and welfare of students and staff.

​

Such disclosures are made only to the extent necessary and in accordance with applicable legal requirements and data protection principles.

​

Business Transfers and Corporate Changes

In the event of a merger, acquisition, or other business transfer affecting Nexsy Academy Ltd, your personal data may be transferred to the new entity as part of the business assets. We would notify you of any such transfer and ensure that the receiving entity commits to protecting your data under terms at least as protective as this Privacy Policy.

​

Data Security and Protection Measures

We implement comprehensive security measures to protect your personal data throughout its lifecycle. Technical safeguards include encryption of data both in transit and at rest using industry-standard protocols, secure authentication systems with multi-factor authentication capabilities, regular security assessments and vulnerability testing, and robust access controls ensuring only authorised personnel can access specific data categories.

​

Organisational measures include comprehensive data protection training for all staff, clear policies and procedures for data handling and incident response, regular security awareness updates, and strict access controls based on job responsibilities and data processing needs.

​

Our LMS provider, Nexsy Ltd, maintains equivalent security standards for all data processed through their platform, including secure hosting infrastructure, regular security updates, and comprehensive monitoring systems to detect and respond to potential security incidents.

​

International Data Transfers

Some of our service providers may process data outside the UK and the European Economic Area (EEA). Where this occurs, we ensure appropriate safeguards are in place through adequacy decisions for countries with equivalent data protection standards, Standard Contractual Clauses approved by the European Commission, or other legally recognised transfer mechanisms.

​

Our primary educational services and student data are processed within the UK, where possible, minimising the need for international transfers whilst ensuring optimal service delivery and functionality.

​

We regularly review our international transfer arrangements to ensure they continue to provide appropriate protection for your personal data in accordance with UK data protection requirements.

​

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, comply with legal and regulatory obligations, and resolve any disputes that may arise. Student academic records, including enrolment information, course completion data, and qualification awards, are retained for seven years after course completion in accordance with educational sector requirements and regulatory guidance.

​

Assessment data, including submissions, feedback, and verification records, are retained for three years to support quality assurance processes and any appeals or disputes regarding assessment decisions. Course participation data, including attendance records and LMS usage analytics, are retained for two years for educational improvement and quality monitoring purposes.

​

Personal contact information and communication preferences are retained until you request deletion or withdraw consent, subject to any overriding legal requirements. Financial records are maintained for seven years in accordance with accounting and tax obligations.

​

Upon expiry of relevant retention periods, personal data is securely deleted or anonymised in accordance with our data destruction procedures and industry best practices.

​

Your Rights Under UK Data Protection Law

You have comprehensive rights regarding your personal data under the General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018. You have the right to access copies of your personal data and receive detailed information about how it is processed, including the purposes of processing, categories of recipients, and retention periods.

​

You can request correction of inaccurate or incomplete personal data, and we will update our records promptly upon verification of the correct information. In certain circumstances, you may request deletion of your personal data, though this may be subject to educational record-keeping requirements and regulatory obligations.

​

You can restrict how we process your data in specific circumstances, such as while disputes regarding accuracy are resolved, and you can request your data in a portable format for transfer to another service provider where technically feasible.

​

Where we rely on legitimate interests for processing, you can object to such processing, and we will cease unless we can demonstrate compelling legitimate grounds that override your interests. You can withdraw consent for any processing based on consent at any time without affecting the lawfulness of processing conducted prior to withdrawal.

​

To exercise these rights, please contact us at [email address] with specific details of your request and appropriate identification to verify your identity and protect your personal data from unauthorised access.

​

Children's Privacy and Educational Context

Our courses are designed for adult learners aged 18 and above, and we do not knowingly collect personal data from individuals under 18 years of age. If we become aware that we have inadvertently collected data from a minor, we will take immediate steps to delete such information and implement additional safeguards to prevent future occurrences.

​

For students aged 18-25, we recognise the additional considerations that apply to younger adult learners and provide enhanced support services and clear information about data processing activities that may affect their educational and career development.

​

AI Processing and Automated Decision Making

Our educational platform incorporates artificial intelligence systems designed to enhance your learning experience through personalised recommendations, adaptive content delivery, and intelligent tutoring support. These AI systems utilise machine learning algorithms to analyse your learning patterns and provide customised educational support.

​

Our AI systems are designed to augment human instruction and support rather than replace qualified educators. All significant educational decisions, including final grades, qualification awards, and course completion determinations, involve human oversight and professional judgment from qualified staff.

​

Cookies and Online Tracking Technologies

We use cookies and similar technologies to ensure platform functionality, enhance user experience, maintain security, and analyse usage patterns to improve our educational services. Essential cookies are necessary for platform operation, including user authentication, session management, and security features.

​

Functional cookies enhance your experience by remembering your preferences, customising content presentation, and maintaining your progress through course materials. Analytics cookies help us understand how students interact with our platform, identify areas for improvement, and optimise educational delivery methods.

​

You can manage cookie preferences through your browser settings, though disabling essential cookies may affect platform functionality and your ability to access certain course features. Detailed information about our cookie usage is available in our Cookie Policy.

​

Third-Party Links and Services

Our educational platform may contain links to external websites, resources, or services that are not operated by Nexsy Academy Ltd. These third-party sites have their own privacy policies and data practices, and we encourage you to review their policies before providing any personal information.

We are not responsible for the privacy practices or content of external sites, though we endeavour to link only to reputable educational and professional resources that align with our educational objectives and professional standards.

​

When using integrated third-party services such as video conferencing platforms or external assessment tools, your interaction with these services is subject to their respective privacy policies in addition to this Privacy Policy.

​

Data Breach Procedures

In the unlikely event of a data breach affecting your personal information, we have comprehensive procedures to respond quickly and effectively. We will contain the breach and assess its potential impact within 24 hours of discovery, conduct a thorough investigation to determine the cause and extent of the incident, and notify the Information Commissioner's Office within 72 hours where required by law.

​

If a breach is likely to result in high risk to your rights and freedoms, we will notify you directly without undue delay, providing clear information about what happened, what data was affected, what steps we are taking to address the breach, and what actions you can take to protect yourself.

​

We maintain comprehensive records of all security incidents for regulatory review and continuous improvement of our data protection measures.

​

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our services, legal requirements, technological developments, or enhanced privacy protections. Significant changes will be communicated with reasonable advance notice through email notification and platform announcements.

​

We encourage you to review this policy regularly to stay informed about how we protect your information and any changes to our data processing practices. Your continued participation in our courses after policy updates indicates acceptance of the revised terms.

​

Contact Information and Complaints

For privacy-related questions, concerns, or to exercise your data protection rights, please contact us at info@nexsy.co.uk  with "Privacy Enquiry" in the subject line. Please provide specific details about your request or concern, relevant account information, and any supporting documentation.

We aim to respond to all privacy enquiries within 30 days and will provide regular updates if additional time is needed for complex matters. Our student services team can also assist with privacy-related questions during business hours.

​

If you believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection. The ICO can be contacted at ico.org.uk or by calling 0303 123 1113.

​

Supervisory Authority

The Information Commissioner's Office (ICO) is the UK's independent authority established to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals. You have the right to lodge a complaint with the ICO regarding our processing of your personal data.

ICO Contact Information:

• Website: ico.org.uk

• Telephone: 0303 123 1113

• Post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

​

Legal Framework and Compliance

This Privacy Policy is designed to comply with all applicable UK data protection legislation, including the General Data Protection Regulation (GDPR) as retained in UK law, the UK Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR).

​

We regularly review our privacy practices to ensure ongoing compliance with evolving legal requirements and industry best practices for educational data protection.