International School Searching Made Easy

Privacy Policy

  1. Definitions 

The term “Personal Data” refers to any information which identifies you or can be used to identify a data subject when used in conjunction with other information.   

The term “Data Subject” describes the person about whom the personal data is about.   

The term “PDPL” describes Personal Data Protection Laws of the relevant country or jurisdiction.

The term “Data Controller” will be regarded as ALL International Education LLC or allinternationalschools.com .

The term “Data Protection Officer” or “DPO” refers to the assigned person in the company whose responsibility is to ensure processes and procedures are in compliance with PDPL.

The term “Process” describes how we collect, use, store or disclose personal data directly from the data subject concerned (or often in the case of students, from their parents).  In some cases, we collect data from third parties (e.g. referees/references, schools) or from publicly available resources.   When we process any personal data (sensitive/special category or otherwise), we do so in accordance with applicable law and regulations (including with respect to safeguarding or employment).  Personal data held by the company is processed by appropriate members of staff for the purposes for which the data was provided. 

  1. Purpose

ALL International Education LLC (hereafter referred to as “ALL” or “the company”) cares about the data privacy of all members of our community, staff, students, parents and schools.  We therefore provide this data privacy notice to inform our policy in relation to the individual (“you” or “Data Subject”) in accordance with the PDPL.

The purpose of this data privacy notice is to provide detailed information about how we process personal data. The personal data we process takes different forms as described in item 5) of this document.  For example, we use the data:

  • To assess and manage applications for students’ admission.
  • To communicate with parents/legal guardians regarding student wellbeing and other relevant matters.
  • To contact parents/guardian/employers (as applicable) for billing and other finance-related purposes.
  • To assess and improve the quality of our consulting services.
  • To meet the compliance with legal and regulatory requirements.
  • To meet the company’s operational management, including the compilation of student records; the administration of invoices, fees and accounts; the management of company property; the management of security and safety arrangements and monitoring of the company’s IT and communication systems; the administration and implementation of our company’s rules and policies for staff; and the maintenance of historic archives.
  • To meet staff administration, including the recruitment of staff/engagement of contractors; administration of payroll, pensions, and sick leave; review and appraisal of staff performance; conduct any grievance, capability or disciplinary procedures; and the maintenance of appropriate human resources records for current and former staff; and providing references.
  • To analyze website traffic, demographic, and behavior using analytical tools and cookies.
  • To promote the company through our website and other publications and communications, including through our social media accounts.
  • To maintain relationships with our clients and former employees.
  • For keeping a record of historical and memorable events relevant to the maintenance of historical records.

We take appropriate technical steps to ensure the security and integrity of personal data about individuals, including policies around use of technology, security appliances and devices, with authorized account management for users to access our company’s information system.  Additionally, the company’s information systems can be managed and operated by third party cloud-based providers.

  1. Scope

This data privacy notice applies to:

  • Staff or individuals employed by ALL in any capacity, including full-time and part-time employees.
  • Students that are current, prospective, or prior students that have received consultation from the company.
  • Parents that are current, prospective, or prior parents, and/or legal guardians, of a student(s) that have received consultation from the company.
  • Third parties that are referred as individuals or organizations that are not affiliated with or employed by the company.

Please note that some of the web links on our platforms may lead to third party platforms. If you access these platforms your personal data will then be processed under the third party’s terms & condition policy.  Please make sure that you have read those related data privacy notices when accessing such platforms. 

  1. Policy

This data privacy policy informs you of how we collect, use, store or disclose your personal data, what and why we collect, use, or disclose your personal data, how long we retain it, who we disclose it to, your rights, what steps we will take to make sure that your personal data stays private and secure, and how you can contact us regarding to questions that you may have about your data.

4.1. How we collect, use, or disclose your personal data

We process your personal data where it is necessary and there is a lawful basis for collecting or disclosing it.  This includes where we collect, use, or disclose your personal data based on the legitimate grounds of our legal obligations, performance of a contract you have with us, our legitimate interests, performance under your consent and other lawful basis.  Reasons for collecting, using, or disclosing are provided below:

4.1.1. Our legal obligation

We are regulated by laws, rules, regulations, and government regulatory authorities.  To fulfill our legal and regulatory requirements with these authorities it is necessary to collect, use or disclose your personal data for the following purposes, which include but are not limited to:

a) Compliance with the PDPL and any amendment to the law thereafter;

b) Compliance with laws, including conducting identity verification, criminal background checks, other checks and screenings (including screening against publicly available database of regulatory authorities and/or official sanctions lists), and ongoing monitoring that may be required under any applicable laws;

c) Compliance with regulatory obligations and/or orders of authorized persons (e.g. orders by any court of competent jurisdiction or of governmental, supervisory or regulatory authorities or authorized officers).

4.1.2. Contract made by you with us

We will process personal data with the request and/or agreement made by you with us, for the following purposes, which include but not limited to:

  • Process your request prior to entering into an agreement, consider for approval in relation to the provision of our services, and deliver products, including any activities that if we do not proceed, then our operations or our services may be affected or may not be able to provide you with fair and ongoing services.
  • Authenticate when entering or executing any transactions.
  • Carry out your instructions (e.g. to debit amounts from bank accounts, or respond to your enquiries); provide online training, consultations, and online learning platforms.
  • Track or record your transactions.
  • Produce transaction reports requested by you or for our internal usage reports.
  • Notify you with transaction alerts and notify the due date of the company’s fees and services.
  • Proceed with any acts relating to insurance policy or claim for compensation (e.g. proceed with or monitor any claim under your insurance policy, claim against third party).

4.1.3. Our legitimate interests

We rely on our legitimate interests by considering our benefits or third party’s benefits with your fundamental rights in personal data in which we will collect, use, or disclose for the following purposes, which include but are not limited to:

  • Conduct our company operations (e.g. to audit, to conduct risk management, to monitor, prevent, and investigate misconduct, or other crimes, including but not limited to carrying out the criminal record checks of any persons related to our company).
  • Conduct our management relationships (e.g. to serve parents and students, to conduct parent/student surveys, to handle complaints).
  • Develop and improve our company communication, services, and systems to enhance our service standards.
  • Use your personal data for the greatest benefits in fulfilling your needs, including to conduct research, analyze data and benefits suitable to you by considering the fundamental rights of your personal data.
  • Record images and/or voices or videos in relation to meetings, consultations, training, seminars, or marketing activities.

4.1.4. Your consent

Under PDPL, the rights belong to the individual to whom the data relates (”Data subject”).  However, where consent is required as the lawful basis for processing personal data relating to students, we often rely on parental consent. Unless, given the nature of the processing in question, and the student’s age and level of understanding, it is more appropriate to use student consent.  Parents should be aware that in such situations, they may not be consulted, depending on the interests of the child, the parent’s rights at law or under their contract, and considering all the relevant circumstances.

In general, we will assume that student consent is not required (and that other lawful bases are more appropriate, as described above) for ordinary disclosure of their personal data to their parents.

In certain cases, we may ask for your consent to collect, use or disclose your personal data to maximize your benefits and/or to enable us to provide services to fulfill your needs for the following purposes, which include but is not limited to: 

  • Collect and use your sensitive personal data as necessary (e.g. to use face recognition or your identification card photo (which contains your sensitive personal data, namely religion and/or blood type) for verification of your identity before continuing a transaction).
  • Collect and use your personal data and any other data to conduct research and analyze for the greatest benefits in developing products and services to truly fulfill your needs and/or to contact you for offering products, services, and benefits exclusively suitable to you.
  • Send or transfer your personal data overseas, to entities that have adequate personal data protection standards (unless the PDPL specifies that we may proceed without obtaining consent).
  • Disclose your personal data and any other data as shown on the company’s website and/or our trusted business partners for the following purposes: (1) conducting research and analyzing your web application access and other personal data and any other data for the greatest benefits in developing products and services to truly fulfill your needs; and (2) contacting you for offering products, services, and benefits exclusively suitable to our clients.

4.1.5. Other lawful basis

Apart from the lawful basis mentioned above, we may collect, use, or disclose your personal data based on the following lawful basis:

  • Prepare historical documents or archives for the public interest, or for purposes relating to research statistics.
  • Prevent or suppress a danger to you or another person’s life, bodily harm, or physical/mental health.
  • Necessary to carry out a public task, or for exercising official authority. 

If the personal data we collect from you is required to meet our legal obligations or to enter into an agreement with you, we may not be able to provide (or continue to provide) some or all the company’s products or services to you if you do not provide such personal data when requested.

  1. What personal data we collect, use, or disclose

The type of personal data, namely personal data, and sensitive personal data, in which we collect, use, or disclose, varies on the scope of products and/or services that you may have used or had an interest in. The type of personal data shall include but is not limited to:

#CategoryExample of personal data
1Personal detailsGiven name, middle name, surname, nickname (if any), Gender, Date of birth, Age, Educational background, Nationality
2Contact detailsMailing address, E-mail address, Phone number, Name of representatives or authorized persons acting on your behalf, Social media accounts
3Identification and authentication detailsID card photo, Identification number, Passport information, Birth Certificate/Alien ID information, Driving license, Signatures
4Employment detailsOccupation, Employer’s details and workplace, Position, Salary/ income/ remuneration
5Financial details and information about your relationship with usInformation about your Banking transactions
6Geographic IT information and information about your device and softwareYour GPS location, IP address, Computer Name, Hostname, MAC Address, Other IT Technical details that are uniquely identifying data
7Investigation dataData for due diligence checks
8Survey research, marketing research informationParents, Student, Health & Safety survey, Information and opinions expressed when participating in the company’s market research, Details of services you receive and your preferences
9User login and subscription dataLogin information for using the company’s website. Other applications used by the company. Other subscriptions used by the company.
10Information concerning securityVideo or Audio recordings, Visual images, Personal appearance
11Sensitive Personal DataRacial or Ethnic Origin, Political Opinions, Cult, Religious or Philosophical Beliefs, Sexual Behavior, Health Data, Disability, Trade Union Information, Genetic Data,Biometric Data, Child Safeguarding Records, Criminal Records
12Other informationRecords of correspondence and other communications between you and usInformation that you provide us through any other channels. Information about insurance policy and claim for your compensation.

6. Sources of your personal data

Normally, we will collect your personal data directly from you, but sometimes we may get it from other sources, in such cases we will ensure the compliance with the PDPL.  Personal data we collect from other sources may include but is not limited to: 

  • Information obtained by us from other companies, schools, financial institutions, business partners, and/or any other persons who we have relationship with;
  • Information obtained by us from persons related to you (e.g. your family, friends, referees);
  • Information obtained by us from corporate customers as you are a director, authorized person, attorney, representative or contact person;
  • Information obtained by us from governmental authorities, regulatory authorities, financial institutions, credit bureau and/or third-party service providers;
  • Information obtained by us from insurance companies and/or other persons in relation to insurance policy or claim for compensation;
  • Information obtained by us from publicly available resources.

7. Your rights

You can exercise your rights under the PDPL as specified below, through the channels prescribed by us at our contact details (see Section 14).

7.1 Right to access and obtain copy

You have the right to access and obtain a copy of your personal data held by us, unless we are entitled to reject your request under the law or a court order, or if such request will adversely affect the rights and freedoms of other individuals.

7.2 Right to rectification  

You have the right to rectify your inaccurate personal data and to update incomplete personal data related to you.

7.3 Right to erasure

You have the right to request us to delete, destroy or anonymise your personal data, unless there are circumstances where we have the legal grounds to reject your request.

7.4 Right to restrict

You have the right to request us to restrict the use of your personal data under certain circumstances.  For example, during the investigation of your request to rectify your personal data; or to object the collection, use or disclosure of your personal data, or you request to restrict the use of personal data instead of the deletion or destruction of personal data which is no longer necessary as you have necessity to retain it for the purposes of establishment, compliance, exercise of protection of legal claims.

7.5 Right to object

You have the right to object to the collection, use or disclosure of your personal data in case we proceed with legitimate interests’ basis or for the purpose of direct marketing, or for the purpose of scientific, historical or statistical research, unless we have legitimate grounds to reject your request.  For example, we have compelling legitimate grounds to collect, use or disclose your personal data, or the collection, use or disclosure of your personal data is carried out for the establishment, compliance, or exercise of legal claims, or for the reason of our public interests.

7.6 Right to data portability 

You have the right to receive your personal data in a format which is readable or commonly used by means of automatic tools or equipment and can be used or disclosed by automated means.  Additionally, you have the right to request us to send or transfer your personal data to a third party, or to receive your personal data which we sent or transferred to a third party, unless it is impossible to do so because of the technical circumstances, or we are entitled to legally reject your request.

7.7 Right to withdraw consent

You have the right to withdraw your consent that has been given to us at any time pursuant to the methods and means prescribed by us unless the nature of consent does not allow such withdrawal.  The withdrawal of consent will not affect the lawfulness of the collection, use, or disclosure of your personal data based on your consent before it was withdrawn.  You can review and change your consent to use or disclose your personal data for marketing purposes through channels as specified in Section 14 below.

7.8 Right to lodge a complaint

You have the right to make a complaint to the competent authority where you believe that the collection, use and disclosure of your personal data is unlawful or non-compliant with the PDPL.

8. How we share your personal data

We may disclose your personal data to the following parties under the provisions of the PDPL:

  1. Our ALL business partners and/or other persons that we have a legal relationship with, including our directors, executives, staff, contractors, representatives, advisors.
  2. Government authorities and/or supervisory or regulatory authorities.
  3. Suppliers, agents and other entities (e.g. professional associations to which we belong, external auditors, depositories, document warehouses, overseas financial institutions) where the disclosure of your personal data has a specific purpose and under lawful basis, as well as having appropriate IT security measures.
  4. Special requests from legal authorities such police, lawyers, courts, authorities or any persons whom we are required or permitted by law, regulations, or orders to share such personal data.
  5. Social media service providers (in a secure format) or so they can display relevant messages to you and others on our behalf about our products and/or services.
  6. Third-party security service providers.
  7. Other persons that provide you with benefits or services associated with your services.  For example, insurance agents or insurance companies who provide insurance coverage for the company.
  8. Our attorney, sub-attorney, your authorized persons, or legal representatives who have lawfully authorized power.
  9. Financial institutions on payment details to facilitate payment transactions.
  10. External health or medical providers on health data.
  11. Safeguarding information can be shared with external safeguarding professionals where necessary.
  12. Parental requests to provide references, recommendations, reports or transcripts to a new school or university.
  13. Enabling the performance of the contract between parents and the company.
  14. Data Processors and other parties assisting with the provision of education and support services.
  15. Other companies, schools or organizations for references or educational information.

9. International transfer of personal data

When it is necessary for us to send or transfer your personal data internationally, we will always exercise our best effort to have your personal data transferred to our reliable business partners, service providers or other recipients by the safest method to maintain and protect the security of your personal data, which includes the following circumstances:

  • Comply with our legal obligation.
  • Inform you of the inadequate personal data protection standards of the destination country and obtain your consent in compliance with the PDPL.
  • Perform the agreement made by you with us or your request before entering into an agreement.
  • Comply with an agreement between us and other parties for your own interest.
  • Prevent or suppress a danger to your or other persons’ life, bodily harm or your health if you are incapable of giving consent at such time.
  • Carry out activities relating to the substantial public interest in compliance with the PDPL.

10. Retention period of personal data

All personal data is securely stored in accordance with the PDPL requirements.  We retain your personal data only for legitimate purposes, relying on one or more of the lawful bases as set out above, and only for so long as necessary for those purposes, or as required by law.

The period we keep your personal data will be linked to the prescription period or the period under the relevant laws and regulations (e.g. Accounting Laws, Tax Laws, Labor Laws and other laws to which we are subject both in the United States and in other countries).

11. Use of Cookies

We may collect and use cookies and similar technologies when you use our products and/or services. This includes when you use our websites, and other company applications.  The collection of such cookies and similar technologies helps us recognise you, remember your preferences and customize how we provide our products and/or services to you. We may use cookies for several purposes.  For example, enabling and operating basic functions, helping us understand how you interact with our websites or emails, or enabling us to improve your online experiences or our communications with you.  

12. Use of personal data for original purposes

We are entitled to continue collecting and using your personal data, which has previously been collected by us before the enactment of the PDPL in relation to the collection, use and disclosure of personal data, in accordance with the original purposes. 

13. Security

We endeavor to ensure the security of your personal data through our internal IT security measures and strict policy enforcement. The measures extend from data encryption to firewalls. We also require our staff and third-party contractors to follow our applicable IT security standards and policies and to exercise due care and measures when using, sending, or transferring your personal data.

14. How to contact us

If you wish to exercise any of your rights under the PDPL for which we are the data controller, please make your request by emailing our Data Protection Officer and follow-up with written request with your identification documents at the company as detailed below:

The Data Protection Officer

ALL International Education LLC

Wilmington, Delaware USA 19890

Telephone: +1 302 123 4567

Email: davidm@allinternationalschools.com

Please note that these rights are not absolute, and we may be entitled to or required additional personal identification as required by the company.  We will respond to any such written requests as soon as is reasonably practicable and within statutory time limits.  

15. Changes to this Data Privacy Notice

We will update this Data Privacy Notice from time to time.   Any substantial changes that affect how we process your personal data will be displayed on our website and sent to you directly when deemed necessary.

Facebook-f Linkedin-in

©ALL International Schools 2024

  • Don’t see your school listed here?
  • Want to upgrade your school’s profile?
Contact Us