Data Protection and Privacy Statements
Data Protection Law controls what The Cheadle and Marple College Network does with the personal information provided by individuals who work for us, study with us or access our services.
Our Privacy Statements describe what we do with the personal information we are provided with by members of the public. You may be asked to give us personal information to answer an enquiry you have. You may also be asked to provide personal information when you become an applicant or student, are a client or wish to use the services we offer across our Colleges.
If you provide us with information, it will only be used in the ways described in our Privacy Statements. Our statements will be updated from time to time and the latest version will always be published here on our website.
The Cheadle and Marple College Network is a Data Controller registered with the Information Commissioner’s Office (ICO) (Registration Number: Z7396061). All members of The Cheadle and Marple College Network operate within the Data Protection arrangements agreed by the Corporation Board.
All written correspondence in relation to Data Protection should be addressed to:
The Data Protection Officer
The Cheadle and Marple College Network,
Cheshire. SK8 5HA
The Data Protection Officer, Jan Hill, Quality Manager.
Please forward any communication for the attention of the Data Protection Officer to:
Subject Access Requests
The Data Protection Act (2018), General Data Protection Regulations (GDPR) and our Data Protection Policy give any individual the right to obtain confirmation if their data is being processed by us and to have access to the personal data we hold. The right of access to this information is referred to as Subject Access Request (SAR).
We aim to provide access to personal data within one month of receipt of a Subject Access Request. If a request is complex, an extension of up to a further two months may be requested from the individual making the request. The Data Protection Officer, or a member of our team, will communicate regularly with individuals where this is the case.
A copy of the information will be provided free of charge. However, a reasonable fee may be charged if a request is found to be excessive, or where information is requested repeatedly. We will always notify the individual making a request if we intend to make a charge, and the reason for the charge.
Who can make a Subject Access Request?
Subject Access Requests will be accepted from:
- The individual whose data is being requested (also known as the Data Subject)
- A representative of the Data Subject who has written consent (e.g. a parent or carer a solicitor; a court appointed representative if the Data Subject could no longer manage his or her own affairs; a person with enduring Power of Attorney)
- The parent or carer of a child under 16 years of age: In cases where the child agrees, or it is in the child’s best interest for access to the data to be given
How can I make a Subject Access Request?
Please complete a copy of our Subject Access Request Form and forward it to:
Please note that we will use reasonable means to verify the identity of the individual making the request, but may require individuals to visit one of our campuses with proof of their identity in order to receive copies of access request responses.
Requests to delete personal data
One of the key principles underpinning UK Data Protection Law is the right of an individual to request the deletion or removal of personal data where there is no compelling reason for its continued processing. This is also known as the ‘right to be forgotten’.
Individuals may have a right to have personal data erased and to prevent processing in specific circumstances such as:
- Where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed
- When the individual withdraws consent
- When the individual objects to the processing and there is no overriding legitimate interest for continuing the processing
- Where the personal data was unlawfully processed (i.e. otherwise in breach of the Data Protection Act)
- The personal data must be erased to comply with a legal obligation
Please note that the right to erasure does not provide an absolute ‘right to be forgotten’. Under Data Protection Law The Cheadle and Marple College Network can refuse to comply with a request for erasure where the personal data is processed for particular reasons. This will always be explained to you by our Data Protection Officer if your request cannot be fulfilled.
How can I make a request to have my personal data deleted?
Please complete a copy of our Data Erasure Request Form and forward it to:
Each request will be handled on a case by case basis.
Can I speak to the Data Protection Officer before I make a Subject Access Request or Request for Erasure?
Yes. We take all concerns and questions relating to data protection, use of personal information and the experience of our students with the utmost importance. If you would like to speak to the Data Protection Officer with a question or concern before making a formal request, please do not hesitate to contact them by e-mail at: