JW John Wheatley College · Glasgow

Policies

Data Protection

Our approach to keeping applicant, student and staff data safe and compliant.

Our approach

John Wheatley College complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 in all aspects of how we collect, process and store personal data.

Security measures

  • Encrypted data storage and transmission for all applicant and student records
  • Role-based access controls limiting data access to authorised staff only
  • Regular security reviews of our systems and third-party processors
  • Secure, access-controlled storage of uploaded identification and academic documents

Data sharing

We only share personal data with third parties where legally required — for example, with UK Visas and Immigration for CAS issuance, or with the Student Loans Company where applicable. We do not sell personal data.

International transfers

Where data is transferred outside the UK (for example, to a placement employer or partner institution overseas), we ensure appropriate safeguards are in place in line with UK GDPR requirements.

Data Protection Officer

Our Data Protection Officer oversees compliance and can be contacted at dpo@jwheatley.uk.