Translations of this privacy statement into other languages, including Italian and Spanish, can be found here.
This privacy statement is for you if you are:
Access to each Site and the use of information contained in each Site is governed by the relevant Terms of Use. If you book an exam, order products or register for training, you may also be subject to specific terms and conditions for such booking, order or registration which are for the protection of both you and us, so we advise that you please take the time to read them carefully. In addition, you are advised to read our Data Protection Policy.
Trinity College London is the main data controller in respect of any personal information we collect from and about you, except where indicated otherwise in this statement.
Exam Services Related to the Secure English Language Test (SELT)
Where Trinity College London provides exam services in relation to the Secure English Language Test (SELT) for UK visas and immigration purposes, the Home Office is the data controller of your personal information that we collect and use, which means that the Home Office is responsible for determining the purposes and means of processing your personal information (and providing you with information about how they process your personal information). We are the data processor processing this personal information on behalf of the Home Office. This Privacy Statement does not apply to any activities we carry out as a data processor.
However, we will also process some of this personal information for our own purposes as an independent controller in order to comply with our own regulatory obligations as a regulated awarding organisation. These include obligations under the Office of Qualifications and Examinations Regulations (OFQUAL) Conditions of Recognition, as well as those of the Northern Ireland qualifying authority, which may require Trinity to provide information to assist them in any investigations they commence in exercising their regulatory functions. We are also subject to obligations to the Home Office for the Secure English Language Test Services. We will collect and use your personal information in relation to the Secure English Language Test Services as a data controller in accordance with this privacy statement.
Trinity College London Press Limited is a data controller in respect of any personal information about you collected where you purchase a resource, sign-up for marketing updates or interact with the Trinity College London shop (at shop.trinitycollege.com) or where you sign-up to be featured on or interact with or use the Trinity Teacher Directory (at trinitycollege.com/teacher-directory).
Other subsidiaries of Trinity College London, such as Trinity College London (Spain), S.L.U., Trinity College London (Italy) S.r.l., Trinity College London (India) Private Limited and Trinity College London (New Zealand) Limited, act as data processors where they provide exam services to Trinity College London and act on the instructions of Trinity College London, but may also be a data controller in respect of your personal information where they carry out business development and marketing activities or organise or participate in events, training and awareness or community building activities.
Whether as a data controller or a data processor, we are committed to protecting your privacy at all times in accordance with all applicable laws and regulations governing the use or processing of personal information, including (where applicable) the European Union General Data Protection Regulation (EU) 2016/679, the United Kingdom General Data Protection Regulation and the Data Protection Act 2018.
We have appointed a Data Protection Officer (‘DPO’) to oversee compliance with this notice. If you have any questions about this privacy statement or how we handle your personal information, or if you wish to exercise your rights or make a complaint, please contact the DPO at dpo@trinitycollege.com
You can also contact or make a complaint at any time to the ICO (hico.org.uk) on 00 44 (0)303 123 1113.
We use cookies and other similar technologies such a pixels (together ‘cookies’) to collect information about you when you use our Sites. We will always obtain your consent where we use cookies unless those cookies are absolutely essential for the Site(s) to operate. We do not need to obtain consent where we use cookies which are essential for our Site(s) to operate. More information about the cookies we use and the data we collect about your visits to our Sites and the purposes for which we collect it can be found in our Cookie Policy. The information collected about your visits to our Site(s) by cookies is usually limited to personal information such as:
Device Information
Information related to the browser or device you use to access our Site(s). This includes the IP address of the device you use to access our Sites, device identifiers, the type of web browser you use, the type of device you use to access the internet and whether you reached our Site(s) using a search engine or if you clicked a link on another website.
Usage Information
Information about how you use and interact with our Site(s), communications, products and services.
We will also collect certain personal information about you when you interact with us directly. This includes:
We may collect, store and use the following information from you:
Identification Information
Your name, job role, employer, gender, age/date of birth, country location, information that we require to verify your identity such as the details of your identity documentation and/or a photograph and/or copy of your passport, driving licence or other identity documentation, any special needs requests, unique candidate learning number and password or other log in details (to access our online assessment tools and Sites), profile information on our Sites and your DBS certificate. This may include the use of facial recognition biometric technology to confirm your identity.
Contact Information
Your email address, postal address and telephone number, name and contact details of parent/guardian for candidates and users of the Skill Up! application or Trinity College London NoteLab, or for candidates or users who are under 18 and/or the submitter of the candidate’s entry or exam performance video where applicable.
Exam Information
Information about your application provided in a relevant application form, image, video and/or audio recordings, including of the exam you undertake, where exams are undertaken at home we also process the contents of your screen that are shared with the invigilator/proctor, any images, video and audio recordings of any chaperones that accompany exam takers and if you are doing an Arts Award we may collect your related portfolios and videos.
Educational Platform Information
This includes information collected when you use Skill Up! App or NoteLab such as exercises on the Skill Up! or NoteLab Applications, recordings, form, image, video or audio where applicable, or on your use of services such as exercises on the Skill Up! application; or lesson plans on NoteLab or other user generated content on our Sites. This also includes personal data put in as part of your prompts using our AI functionality, as well as personal data included as part of the AI output.
Feedback Information
This includes information relating to your exam performance and assessment and your exam results, as well as feedback provided via educational platforms.
Payment information
Details about payments made through our Site(s), by telephone or, if via an app, through the App Store or Google Play.
Marketing and Communications Preferences
Your marketing and communication preferences.
Event Information
This includes any images, videos and/or audio recordings of you taken at our events.
Social Media Information
Your social media handle or user name and the country in which you are located in relation to social media prize draws or competitions.
Secure English Language Test Data
If you take one of our Secure English Language Tests, for example for visa and immigration purposes, university admission, we will collect as a data processor on behalf of the Home Office:
your photo, full name, candidate ID, date of birth, nationality, ID type, ID number, gender, exam name, exam date, certificate issue date, exam centre, result, unique electronic reference number, agent name and address, and the pdf certificate of award. We do this to prevent exam fraud. The Secure English Language Test will be delivered by secure video link at the exam centre until further notice. We will use CCTV recording equipment to record the exams. We do this to confirm the identities of exam participants, for examiner and centre staff training and standardisation purposes, research and to combat exam malpractice
We may also collect this information as a data controller to comply with our legal obligations as a registered awarding organisation (see section 3 above).
Your personal information (as listed above) may also be shared with us by third parties. For instance, we may receive it from your training provider, the submitter of your entry or exam performance video, validated course provider or validated course and assessment provider, parent or guardian, or, in the case of Arts Award, your Arts Award centre or adviser. We may also generate some personal information about you when performing our usual business functions that we do not collect from you directly, for example when an exam is booked on yourr behalf by a third party.
Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with our products or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
Data protection law recognises that certain categories of personal information are sensitive and require higher levels of protection. These categories of data include information about health, biometrics used to uniquely identify someone and ethnicity.
We may collect and/or use special categories of data in connection with our qualifications and the provision of our services, for example, in order to make adjustments for any disabilities you may have. We may also collect race, nationality, or ethnicity data from you (should you choose to provide it), to ensure meaningful equal opportunity monitoring, reporting and treatment and biometric data, with your explicit consent or for reasons of substantial public interest. In certain cases we may also collect criminal record information such as in the Trinity Teacher Directory where necessary to comply with regulatory requirements and where necessary for reasons of substantial public interest.
We will only process these special categories of data if there is a valid reason for doing so and where the applicable data protection laws allow us to do so.
The Sites are not intended for user by individuals under 13 years of age and so, if you are under 13, you must not use the services on our Sites or provide any personal information to us without the express consent or supervision of your parent or guardian.
If you are under 18 years of age, we may need to verify your parent or legal guardian’s consent for your use of certain services on the Sites and/or your registration for an exam.
Further information in relation to our collection, use and transfer of personal information of individuals under 18 years of age is set out within the relevant sections of this privacy statement.
Where we collect, use, store or otherwise process your personal data for a particular purpose, the law requires us to have a ‘legal basis’ for each of those purpose. We will only use your personal data for the purposes and legal bases set out below.
To enable individuals to set up a user account with Trinity
Identification Information, Contact Information, Marketing and Communication Preferences
It is necessary for us to process your personal data in order for us to perform our contract with you, or to take steps at your request prior to entering into a contract with you.
We also have a legitimate interest to communicate with users of our products and services to ensure that we are providing an excellent user experience.
To provide you with products and services that you purchase from us
Identification Information, Contact Information, Exam Information, Educational Platform Information, Feedback Information and Payment Information,
If you have purchased products or services from us directly, it is necessary for us to process your personal data in order for us to perform our contract with you, or to take steps at your request prior to entering into a contract with you.
We also have a legitimate interest to provide our services and grow our business.
To communicate with you in relation to products and services that we provide, including about registrations for exams and exam results, or where you use one of our educational platforms
Identification Information, Contact Information, Exam Information, Educational Platform Information and Feedback Information
We have a legitimate interest to communicate with users of our products and services to ensure that we are providing an excellent user experience. For example, where you ask us queries relating to different types of exams, we will rely on the legitimate interest legal basis.
To update your learner record where relevant
Identification Information, Contact Information, Exam Information and Feedback Information
We have a legitimate interest in ensuring that we provide a good service to our users.
To enable you to book an exam through our platform
Identification Information, Contact Information, Exam Information
We have a legitimate interest in providing a service that allows you/candidates/teachers, to book an exam for the candidate to be assessed in the chosen qualification and level by digital means.
The system facilitates your requirements whilst providing Trinity with the information to support the assessment.
To enable you to take an exam submitting exam responses including audio and video recordings
Identification Information, Contact Information, Exam Information, Device Information
We have a legitimate interest in providing a service that allows you to take an exam and to be assessed in the chosen qualification and level including by digital means. The system facilitates your requirements whilst providing Trinity with the information to support the assessment.
To enable us to carry out proctoring and invigilation, both in person and remotely
Identification Information, Contact Information, Exam Information, Device Information
We have a legitimate interest in ensuring our exams are carried out with integrity.
To provide you with digital exam certificates
Identification Information, Contact Information, Exam Information, Device Information
We have a legitimate interest in processing your personal information to provide you with digital exam certificates.
To provide you with paper exam certificates
Identification Information, Contact Information, Exam Information, Device Information
It is necessary for us to process your personal data in order for us to perform our contract with you, or to take steps at your request prior to entering into a contract with you.
To enable you to purchase educational apps such as the Skill Up! App and associated services
Identification Information, Contact Information, Education Platform Information, Payment Information
We have a legitimate interest to provide our services and grow our business.
To provide our educational apps such as the Skill Up! App
Some of our Apps use AI functionality to create a personalised learning path. For example, our Skill Up! App uses generative AI to adapt to every learner’s pace creating a customised learning path for each learner, focusing on building and developing listening & reading skills.
We may use (and approved third parties may use) your input and output data (including personal data) to fine tune, train, or develop our AI functionality or models and services.
Identification Information Contact Information, Device Information, Usage Information
Education Platform Information, Payment Information
We have a legitimate interest to provide and improve our services and grow our business.
To enable you to obtain a NoteLab login account
Identification Information, Contact Information
We have a legitimate interest to provide our services and grow our business.
To provide our NoteLab platform
Identification Information, Contact Information, Education Platform Information, Device Information, Usage Information, Payment Information, where applicable
We have a legitimate interest to provide our services and grow our business.
To provide our Trinity Teacher Directory which includes publicly available teacher profiles and allows students to find appropriate teachers
Identification Information, Contact Information, Device Information, Marketing and Communications Preferences
We have a legitimate interest to provide information about available teachers.
On the basis of your consent (where details used for marketing purposes). Where applicable, we may require the consent of your parent or guardian.
To collect and review a copy of your certificate from the UK’s Disclosure and Barring Service (DBS) to evidence that you have no prior criminal convictions (for the Trinity Teacher Directory).
Identification Information, Contact Information
On the basis of your consent.
Identification Information, Contact Information, Exam Information
We have a legitimate interest to carry out research, standardisation and training to ensure that we provide an excellent service to our users.
Identification Information, Contact Information, Exam Information
On the basis of your consent. Where applicable, we may require the consent of your parent or guardian.
For publicity and advertising of our business
Identification Information, Contact Information, Exam Information, Event information
We have a legitimate interest in promoting and advertising our business.
On the basis of your explicit consent (for the extraction of biometric features from photos provided at our events to store as biometric templates which then allow us to use IT tools (including AI tools) to match your image against other images of you in our events database in order to be able to tag you for our publicity and advertising purposes). Where applicable, we may require the consent of your parent or guardian.
To deal with enquiries and requests and keep records incoming and outgoing communications (eg emails, telephone calls)
All Information
It is necessary for us to process your personal data in order for us to perform our contract with you, or to take steps at your request prior to entering into a contract with you. For example, where we are dealing with enquiries or requests in relation to products and services that you have purchased directly from us.
We have a legitimate interest to ensure that we are responding to all enquiries made to our business. For example, where we are dealing with general enquiries.
To monitor malpractice, prevent fraud and misuse of service
Identification Information, Contact Information, Exam Information, Educational Platform Information, Feedback Information, Payment Information, Device Information, Usage Information, Event Information
We have a legitimate interest to ensure our products and services are used fairly, in compliance with the terms and conditions and to prevent fraud and misuse of our services.
To deal with complaints and appeals
All Information
It is necessary for us to process your personal data in order for us to perform our contract with you, or to take steps at your request prior to entering into a contract with you. For example, where we are dealing with a complaint or appeal in relation to a product or service that you have purchased from us.
We have a legitimate interest to ensure that all complaints and appeals are dealt with effectively. For example, where we receive a general complaint about our business.
To monitor the quality of assessments
Identification Information, Contact Information, Exam Information, Educational Platform Information, Feedback Information, Payment Information
We have a legitimate interest to ensure that the products and services that we provide are of a high standard.
To test, develop, receive feedback on and improve our products and services
Identification Information, Contact Information, Exam Information, Educational Platform Information, Feedback Information, Payment Information, Device Information, Usage Information, Event Information
We have a legitimate interest to review and improve our products and services.
To consider and process applications for exams centre to become a Trinity registered exam centre or a Trinity registered exam hub
Identification Information, Contact Information
We have a legitimate interest to ensure any exam centres registered under the Trinity brand are suitable.
To enable you to register for our events
Identity Information, Contact Information
We have a legitimate interest to run events to promote our business.
To provide you with access to downloadable support resources (if available on the relevant Site)
Identity Information, Contact Information
It is necessary for us to process your personal data in order for us to perform our contract with you, or to take steps at your request prior to entering into a contract with you. For example, where we provide resources for a product or service that you have purchased from us.
We have a legitimate interest to provide appropriate support resources to promote our business. For example, where we provide general support resources via our Site(s).
To manage registered user records
Identity Information, Contact Information, Exam Information, Educational Platform Information, Feedback Information, Payment Information, Marketing and Communications Preferences
We have a legitimate interest to monitor and manage records for our registered users.
To administer our online forums (when such functionality is available on our Site(s)
Feedback Information; Identification Information if applicable; Contact Information
We have a legitimate interest to obtain feedback on our products and services and prospective new products from users and teachers and interested participants.
To respond to requests by government or law enforcement authorities, or regulatory bodies, conducting investigations
Identity Information, Contact Information, Exam Information, Payment Information, Educational Platform Information, Feedback Information, Device Information, Usage Information, Event Information, Secure English Language Test Data
Where we are required to comply with a legal obligation.
We have a legitimate interest to ensure that we respond appropriately to any investigations by a regulatory body such as OFQUAL or by the Home Office in relation to SELT.
To deal with legal claims or prospective legal claims (including disclosure of such personal information in connection with legal process or litigation)
Identity Information, Contact Information, Exam Information, Educational Platform Information, Feedback Information, Payment Information, Device Information, Usage Information, Event Information
To comply with a legal obligation in connection with a litigation process.
We have a legitimate interest to ensure that we respond appropriately to any legal claims or prospective legal claims.
To enforce compliance with our terms of use and other policies
Identity Information, Contact Information, Exam Information, Educational Platform Information, Feedback Information, Payment Information, Device Information, Usage Information, Event Information
We have a legitimate interest to ensure that our terms and policies are being complied with.
To provide you with a personalised experience on our Site(s)
Identification Information, Contact Information, Exam Information, Educational Platform Information, Feedback Information, Payment Information, Device Information, Usage Information as applicable
We have a legitimate interest to provide users with user friendly access to our web site to our users.
On the basis of your consent. Where applicable, we may require the consent of your parent or guardian.
To monitor and analyse how our Sites are being used
Device Information, Usage Information
On the basis of your consent. Where applicable, we may require the consent of your parent or guardian.
To generate anonymous reports about the use of our Sites to help us to understand how our Sites are being used and how we can improve the user experience on our Sites
Device Information, Usage Information
We have a legitimate interest to analyse how our Sites are being used to improve the user experience and gain insights into the user journey on our Sites.
To create aggregate and statistical data (which cannot be used to directly identify you). For example, aggregate data may include data that describes the general demographics, usage or other characteristics of our exam candidates. We may use this aggregate and statistical data for marketing and publicity purposes or for educational resources, training and professional support materials
Identity Information, Contact Information, Exam Information, Educational Platform Information, Feedback Information, Device Information, Usage Information.
We have a legitimate interest to understand how our products and services are being used.
To invite you to participate in marketing and academic surveys
Identity Information, Contact Information, Exam Information, Educational Platform Information, Feedback Information
On the basis of your consent
We have a legitimate interest in carrying out surveys for customer satisfaction purpose and to improve our products and services.
To run prize draws and competitions including on social media in accordance with the relevant terms for such prize draws and competitions
Identity Information, Contact Information, Social Media Information
On the basis of your consent. Where applicable, we may require the consent of your parent or guardian.
Providing you with information and news about our exams, products and programmes of events, our syllabuses, publications, competitions, webinars or conferences, including if you have requested to receive our newsletters or if you are our existing or former customer
Identity Information, Contact Information, Marketing and Communications Preferences, Device Information, Usage Information
On the basis of your consent. Where applicable, we may require the consent of your parent or guardian.
If you are an existing or former customer we may rely on a different legal basis. In those circumstances, where you have purchased a product or service from us and we want to send you marketing information about similar products and services, we will do so based on the legitimate interest legal basis provided that we give you an opportunity to opt out when we collect your contact details and in each subsequent marketing communication.
To carry out targeted online advertising on our Sites and third party sites and to measure the effectiveness of our advertising.
We and our commercial partners may use cookies or similar technologies for these purposes both on our Sites and on the third party sites. Please see our Cookie Policy for more information.
For some of the activities referred to in this section, we may be joint controllers with some of our commercial partners and the use of your personal data may also be subject to the privacy policies and practices of our commercial partners and choices that you have made on third party sites.
For instance, for activities related to the Facebook Pixel, we are a joint controller with Meta Platforms Ireland. This means that we have to provide you with this notice, but you should contact Meta Platforms if you wish to exercise your data protection rights. Further information, including how Meta Platforms enables you to exercise your data protection rights, and subsequently processes your information as independent data controller can be found in Meta's Privacy Policy .
Device Information, Usage Information
On the basis of your consent. Where applicable, we may require the consent of your parent or guardian
To further our charitable aim to advance education for the public benefit in general.
Marketing and Communications Preferences; Feedback Information; Educational Platform Information; Exam Information
We have a legitimate interest to review and improve our products and services and activities and to improve and extend educational services.
There are instances where we have a legitimate interest to use your data. Our legitimate interest will vary depending on what we are using your data for, and we explain above what the interest is and how it relates to the processing operations that we are carrying out. Where we process personal data on the basis of a legitimate interest, then – as required by data protection law – we have carried out a balancing test to document our interests, to consider what the impact of the processing will be on individuals and to determine whether individuals interests outweigh our interests in the processing taking place. You can obtain more information about this balancing test by using the contact details set out above.
We will only share personal information where necessary to fulfil the purposes set out in section 7 above. We may share information that we collect about you with:
All categories
Companies in our group, such as our subsidiaries
To enable them to provide support services to us.
Identity Information, Contact Information, Exam Information
Schools, colleges, education centres, validated course providers and assessment centres, local authorities and any other entity that provides training courses preparing for a qualification awarded by us
Where necessary to provide them with information about your results.
Identity Information, Contact Information, Exam Information
Persons or bodies contracted by us to carry out the roles of examiner, marker, advisor, moderator, proctor, tutor, consultant, steward, representative or other similar roles
Where we have appointed such persons or bodies on our behalf in the context of our provision of qualifications and/or in the course
of providing training, educational resources or other support materials to such persons or bodies.
Identity Information, Contact Information, Exam Information
Other exam candidates
Where necessary for relevant exams, such as exam candidates participating with you in the discussion component of an ESOL Skills for Life exam.
Identity Information, Contact Information, Exam Information
Online service providers such as Submittable and Music Gurus
To provide our online assessment tools, to provide an exam performance video submission service, to test and process results data and to produce qualification certificates on our behalf (see further information on digital certificates below).
Identity Information, Contact Information, Marketing and Communications Preferences, Device Information
Marketing automation tool service providers
For the purpose of managing email lists and issuing communications on our behalf.
Device Information, Usage Information
Social media providers
To enable us to serve targeted advertising to you on our Sites and on third party sites.
Identity Information, Contact Information, Exam Information
Parents and/or guardians (of children under 18 years of age)
Where parents and/or guardians raise a specific request in relation to, or ask to view, your personal information, or where the terms of a service or product require parents or guardians to sign-up for a product or service in relation to a child under 18 years of age, or where we need to obtain consent from your parents and/or guardians (for children under 13 years of age) or where we have any concerns.
Identity Information, Contact Information, Exam Information
Academic research partners
For the monitoring, assessment and development of our products and services.
Identity Information, Contact Information, Exam Information
Any relevant universities, schools, colleges, local authorities or other such entities
To progress your applications with those organisations – for example, we may share your personal information with a university or the University and Colleges Admissions Service
Identity Information, Exam Information.
The Department of Education
To enable the Department of Education to obtain necessary statistics for it to perform its statutory duties
Identity Information, Contact Information, Exam Information, Payment Information
Prospective buyer or seller
If we buy or sell any business or assets or if most of our assets are acquired by a third party, we will disclose your personal information to the prospective buyer or seller of such business or assets.
Identity Information, Contact Information, Exam Information, Payment Information
Auditors
For auditing purposes, for example finance audits where we employ chartered accountants.
Identity Information, Contact Information, Exam Information, Payment Information
Regulators and government and law enforcement bodies
If we are under any legal or regulatory obligation to do so (for example as required by our regulators, e.g. the Office of Qualifications and Examinations Regulation (Ofqual) or the Information Commissioner’s Office).
Identity Information, Contact Information, Exam Information, Payment Information
Third parties in connection with legal proceedings (eg lawyers, the courts, witnesses)
In order to establish, exercise or defend our legal rights.
Identification Information, Contact Information (including email address or email address of parent or guardian if under 18), Exam Information
EdInvent, Inc, D.B.A. (‘ Accredible ’) acting as a data processor for Trinity (or as a sub-processor for the Home Office in relation to Secure English Language Tests
To provide you with the digital certificate where we have chosen to provide you with a Trinity digital certificate available via Accredible website.
Identification Information, Contact Information, Exam Information of Arts Award advisers and prospective advisers registering via artsaward.org.uk
Arts Award
to advocate and deliver Arts Award training and support and engage with you as an Arts Award adviser.
for the purpose of monitoring and reporting information about our Arts Award activities including adviser, candidate and supporter engagement with the programme.
for the purpose of profiling and consulting with young people who have achieved an Arts Award or Trinity qualification
Arts Award supporter organisations registering via www.artsawardsupporter.com
Contact Information, Exam Information, Feedback, Event Information
Arts Award centres or advisers, Arts Council England, Bridge organisations and Upstart Projects
Some of the information you supply will be publicly available or shared with the recipients for the purposes of managing registrations and communicating with Arts Award supporters, promoting supporter offers and for monitoring and reporting engagement in the programme.
Identification Information, Contact Information, Exam Information
Skills Funding Agency
In England and Wales only to fulfil our statutory functions, issue/verify your Unique Learner Number (ULN) and update/check your Personal Learning Record.
Candidate names, candidate unique learning number, date of birth, exam results, mark sheets, centre staff name, adviser, centre number, panel name
Our third-party printers, Damco Solutions Limited
For the purpose of uploading mark sheets into a csv format and returning this to Trinty to be uploaded into its database
Candidate names, candidate unique learning number, exam details, centre details and exam results, centre staff name, centre staff address, centre number
Our paper certificate printers, Stephen Austin Limited
For the purpose of printing paper certificates
Identification Information, Contact Information, Exam Information
Our national and local representatives such as registered Trinity Representatives
To deliver information and services in relation to our exams in your locality.
Education Platform Information, Device Information, Usage Information
Large Language Model (LLM) and AI providers
To enable our AI functionality, we share your personal data with LLM/AI providers for the provision ofthis functionality. These providers primarily act as our data processors for these services but may with our permission, use your personal data to fine tune/train their AI models
Accredible
Accredible, referred to in the table above, may also provide the option for you to open an account with Accredible (that may have Trinity branding). Please note that where you choose to open an account with Accredible directly and provide Accredible with additional personal information in relation to this account and where you use your account with Accredible in relation to credentials other than your Trinity digital certificate (for example, where you use your account with Accredible to hold certificates issued by another organisation), another party (ie not the Home Office or Trinity), such as Accredible or the other organisation that issued such credentials to you, is the data controller and you should refer to their privacy statement for further information about how your personal information is collected and used. We are not responsible for the contents of such other party’s privacy statement and policies.
We may disclose your personal information to other selected third party processors. Examples include processors which provide product delivery, advertising and marketing activities (including digital and personalized advertising), IT services, email service providers, data hosting, and management or support of our Sites but only in connection with our own processing purposes, as outlined above in paragraph 6. Any such third party will be required to use any personal information they receive from us in accordance with our instructions and the applicable data protection laws.
Credit card online payment transactions from SELTbooking.trinitycollege.co.uk, musicbooking.trinitycollege.co.uk, https://booking.trinitycollege.com and www.trinityrock.com are either handled via Paypal or Barclaycard SmartPay or 2Checkout/Verifone. We are not responsible for the contents of their privacy policies, which can be found at:
Credit/debit card and bank transfer online payment transactions from secure.trinitycollege.com and secure.2checkout.com are handled via 2 Checkout/Verifone. We are not responsible for the contents of their privacy policy, which can be found at: www.2co.com/privacy.html
Credit/debit card online payment transactions from trinity.musicgurus.com are handled via Stripe. We are not responsible for the contents of their privacy policy, which can be found at: https://stripe.com/gb/privacy
Downloads and payment transactions relating to the app showcased on www.trinityrock.com/app are either handled by Apple via the App Store, or by Google via Google Play. We are not responsible for the contents of their privacy policies, which can be found respectively at: www.apple.com/uk and policies.google.com/privacy
Where your personal information is transferred, stored, and/or otherwise processed outside the UK or the European Economic Area (“EEA”) in a country which does not offer an equivalent standard of protection to the UK or EEA, we will put in place appropriate transfer mechanisms as required under the relevant data protection laws and take all reasonable steps necessary to ensure that the recipient implements appropriate safeguards designed to protect your personal information.
Personal information that we collect from you may be transferred to and stored at a destination outside the UK/EEA including, in particular, to US, or India for example, to comply with a legal duty or to work with or receive services from our service provider or other group companies who we use to help provide our services and develop our business. If we do transfer your personal information outside of the EEA or UK, we will make sure that it is protected by relying on safeguards available to us under applicable data protection laws such as:
- Transfer it to a non-UK/EEA country with data protection laws that give the same protection as the UK/EEA. Some countries or data transfers have been deemed adequate by the EU and the UK. For example, personal information which is transferred to our service operations provider Freshworks, Inc in the US under the EU-US Data Privacy Framework or the UK Extension to the EU-US Data Privacy Framework;
- Put in place a contract with the recipient that means they must protect it to the same standards as the UK/EEA or use other mechanisms and measures to achieve adequate protection. For example, we may use the EU standard contractual clauses published by the EU Commission or the UK international data transfer agreement or international addendum to the EU Standard Contractual Clauses by the UK Government; or
- Binding corporate rules. These are internal rules adopted by group companies to allow international transfers of personal data to entities within the same corporate group located in countries which do not provide an adequate level of protection.
If you have any questions about the transfer of your personal information or the mechanisms we use, please contact us.
Where we rely on your consent to use your personal information, you have the right to withdraw your consent at any time. Under certain circumstances, by law, you have the right to:
a) Request access to your personal information (by a ‘data subject access request’). This enables you to receive a confirmation from us as to whether we process any of your personal information or not, and if this is the case, to receive a copy of such personal information and to check that we are lawfully processing it. For further details please refer to the Data Subject Access Request Policy.
b) Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
c) Request erasure of your personal information (often referred to as ‘the right to be forgotten’). This enables you to ask us to delete or remove personal information where there is no appropriate reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
d) Object to the processing of your personal information where we are relying on a legitimate interest (ours or those of a third party) and there is something about your particular situation which causes you to object to processing on this ground. You also have the right to object if we are processing your personal information for direct marketing purposes.
e) Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example, if you want us to establish its accuracy or the reason for processing it.
f) Request the transfer of your personal information to another party.
Parents and/or guardians may be able to exercise some of these rights on behalf of their child (who is under the age of 18 years) in connection with their child’s personal information, though, depending on the circumstances, we may need to keep the child informed of such exercise of their rights by a parent and/or guardian.
Your rights described above may be limited in some instances where statutory exemptions apply, such as where they would infringe the rights of a third party or our rights or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. For example, under data protection laws, Trinity is not required to provide personal information comprising information recorded by candidates during exams and/or in circumstances where its release would adversely affect our rights in the intellectual property and confidentiality of our exams or reveal the personal information of another data subject. We will inform you of the relevant exemptions we rely upon when responding to any request you make.
We do not use your personal information for any solely automated decision making which can have legal or significantly similar effects.
To exercise any of these rights or to obtain other information, such as a copy of a legitimate interests balancing test, you can get in touch with us by contacting our Data Protection Officer using the details set out at the end of this document. If you have unresolved concerns, you have the right to complain to a UK or EU data protection authority where you are based or where you believe a breach may have occurred. In the UK this is the ICO (https://ico.org.uk/). You can also contact or make a complaint at any time to the ICO on 00 44 (0)303 123 1113
Except in relation to individuals who have already signed-up for an exam, event or other service or good from us, Trinity operates a strict ‘opt-in’ policy for individuals. That means that where you have already signed-up for an exam, event or other good or service from Trinity, we may send you news and information of similar exams, events, goods or services that we provide until we are informed that this communication is no longer required. We will give you an opportunity to ‘opt-out’ of receiving such communications at the time that we collect your personal information and every time after that when we contact you with such communications. In all other cases, we will not send you any information unless you have requested to receive email/text/social media message updates from us. We may require the consent of a parent or guardian where a child under the age of 13 years wishes to ‘opt-in’ to receive such updates from us.
You have an absolute right to opt-out of direct marketing, or profiling we carry out for direct marketing, at any time. You can do this by clicking on the unsubscribe link in the relevant email or message, or by emailing us at unsubscribe@trinitycollege.com. Once this information is received we will remove you from our direct marketing database.
Trinity takes its security obligations under the data protection laws seriously. We will endeavour to take all reasonable steps to protect your personal information in order to prevent unauthorised access to or alteration or destruction of personal information in our possession. All the personal information we collect is stored securely on servers and we use secure internet protocols and secure networks to protect data collection and processing.
Any payment transaction from our Sites will be encrypted. While we will use all reasonable efforts to safeguard your personal information, you acknowledge that the use of the internet is not entirely secure and for this reason, we cannot guarantee the security or integrity of any personal information that is transferred via the internet. If you have any particular concerns about your information, please contact us (see paragraph 3 above for our contact details).
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
We will only retain your personal information for as long as is necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. In determining the appropriate retention period for your personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements. Information which is necessary to verify or confirm exam results may be kept by us indefinitely.
For further details about the periods for which we retain personal information and the criteria determined for setting these periods, please see our Data Retention Policy and Data Retention Schedule.
We may update this privacy statement from time to time. When we do, we will publish the updated version on our website. If material changes are made to this privacy statement we will notify you by email or by placing a prominent notice on the website.
The Data Protection Officer is the owner of this document and is responsible for ensuring that this document is reviewed in line with the review requirements.
Effective date: 22 April 2025
© Trinity College London 25 November 2020 (amended on 22 April 2025)
Make sure you don’t miss the latest news from Trinity College London. Sign up for email updates about your subject area.