MRC Policies 2018

MRC always strives to maintain the highest standards of teaching and learning.

  • Data BREACH POLICY

    Policy

    In the event of a data breach – which we define as any circumstance when data has or might have been removed or copied and/or taken from outside of our control – the following will occur

    • A breach log (“Breach Log”)will be set up to record breaches
    • The first person to identify or suspect the breach will immediately inform the DPO (dpo@mrcollege.ac.uk)
    • The DPO will or will arrange to investigate and will assess as soon as possible whether there is a breach and if so what has been removed or otherwise breached and whether it could be considered as a breach posing a risk of harm to the Data Subject
    • Any breach involving losses of multiple sets of data will be considered as likely to pose a risk of harm
    • If there is no risk of harm to the Data Subject the DPO will:
      - Note the breach in the Breach Log
      - Take steps to ensure that it cannot happen again including where necessary providing additional training
    • If there is a risk of harm the DPO will:
      - Will ensure to have robust breach detection, investigation and internal reporting procedures in place.
      - Report to ICO and those affecting individuals within 72 hours using the template letter
      - Advise the relevant data subjects using the template letter
      - Note the breach in the Breach Log
      - Takes steps as above to ensure it cannot happen again
      - Take such other steps as are reasonably required
      - Comply with any requirements of the ICO

  • DATA MANAGEMENT PROTECTION POLICY

    Data Protection Officer (DPO): Mr. Ahmar Adnan

    1. Objective of the Policy

    The purpose of this policy is to confirm that proper procedures are in place for the processing and management of personal data. The DPO has specific responsibility for data protection compliance. All teaching or non-teaching staff understand that their responsibility when processing personal data and that methods of handling that information are clearly understood. A supportive environment and culture of best practice processing of personal data is provided for staff and individuals should be fully aware of who to who to contact, where to submit the request and fully aware of rights of other individuals as well. Staff know that Subject Access Requests and other relevant requests need to be dealt with punctually and courteously and individuals need to be sure that their personal data is processed in accordance with the data protection principles, that their data is secure at all times and safe from unauthorised access, alteration, use or loss and also that other organisations with whom personal data needs to be shared or transferred, meets compliance requirements. Any new systems being implemented are assessed (if necessary a Data Protection Impact Assessment) to determine whether they will hold personal data, whether the system presents any privacy risks, damage or impact to individuals’ data and that it meets this policy’s requirements

    2. The data protection principles and individual rights

    The General Data Protection Regulation (GDPR) covers six “Data Protection Principles” set out in Article 5. These specify that personal data must be:

    • Processed lawfully, fairly and in a transparent manner in relation to individuals
    • Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
    • Adequate, relevant and limited to what is necessary in relation to the purposes
    • Adequate, relevant and limited to what is necessary in relation to the purposes
    • Kept in a form which permits identification of data subjects for no longer than is necessary;
    • Processed in a manner that ensures adequate security of the personal data using appropriate technical or organisational measures.

    Accurate and, where necessary, kept up to date;
    Article 5(2) also sets out an overarching accountability principle ‘the controller shall be responsible for, and be able to demonstrate, compliance with the principles.’

    Individual rights are set out in a separate part of the GDPR. In brief, the GDPR provides the following rights for individuals:

    • The right to be informed
    • The right of access
    • The right to rectification
    • The right to erasure
    • The right to restrict processing
    • The right to data portability
    • The right to object
    • Rights in relation to automated decision making and profiling

    3. Scope of Policy

    • This policy has been written within relevant ICO guidelines
    • Definitions and terms used in relation to the GDPR can be found at
      https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/
    • This policy applies to all personal data and special categories of data (sensitive personal data) collected and processed by Mont Rose College of Management and Sciences in the code of conduct of its business, in electronic in any medium and within paper filling
    • This policy appliesd to all College employees, whether permanent, temporary, contractor, students, teaching staff, non-teaching staff, consultants and apprentices.

    4. Policy Principles

    To fulfil the requirements of data protection principles and individual rights set out in the GDPR, the College follows to the following values when processing personal data:

    Fair Collection and Processing.

    • The particular conditions contained in Article 6 and 9 of the GDPR regarding the fair collection and use of personal data will be complied with.
    • Individuals will be made aware that their information has been collected, and the intended use of the data specified either on collection or at the earliest opportunity following collection through relevant privacy notices
    • Personal data will be collected and processed only to the extent that it is needed to fulfil business needs or legal requirements
    • Personal data held will be kept up to date and accurate, where necessary.
    • Personal data held will be kept up to date and accurate, where necessary.
    • Retention of personal data will be valued and risk assessed to determine and meet business needs and legal requirements, with the appropriate retention schedules applied to that data.
    • Personal data will be processed in accordance with the rights of the individuals about whom the personal data are held.
    • It is important that you determine a lawful basis for processing any personal data and document this. This becomes more of an issue under the GDPR because the lawful basis for processing has an effect on individuals’ rights. A ‘cease processing request’ from an individual will be acknowledged within 3 working days, with the final response within 21 days. The final response will state whether the College intends to comply with the request and to what extent, or will state the reasons why it is felt the requestor’s notice is unjustified.
    • Staff will advise the Data Protection Officer in the event of any intended new purposes for processing personal data. The DPO may then arrange for a Data Protection Impact Assessment to be conducted

    Security

    • Suitable technical, organisational and administrative security measures to safeguard personal data will be in place.
    • This policy relates to had copy material as well as electronic data
    • Hard copy data will be kept secure under lock and key
    • Staff will report any actual, near miss, or suspected data breaches to the DPO for investigation. Lessons learnt during investigation of breaches will be relayed to those processing information to enable necessary improvements to be made.
    • A breaches policy is attached and the DPO will follow that policy in the event of a breach
    • Any authorised use of corporate email by staff, including sending of sensitive or personal data to unauthorised persons, or use that brings the College into disrepute will be regarded as a breach of this policy.
    • Relevant Data Protection Awareness Training will be provided to staff to keep them better informed of relevant legislation and guidance regarding the processing of personal information. Data protection training will also promote awareness of the College’s data protection and information security policies, procedures and processes. Staff are strongly encouraged to complete this training this training during induction and subsequently on an annual basis.
    • Relevant Data Protection Awareness Training will be given to staff to keep them better educated of applicable enactment and direction in regards to the handling of individual data. Information insurance preparing will likewise advance consciousness of the College's information assurance and data security approaches, techniques and procedures. Staff are firmly urged to finish this preparation this preparation amid acceptance and along these lines on a yearly premise.
    • The College shall routinely make certain personal information publicly available. For an example include publication of degree results in graduation booklets, contact details on the website etc. The College will undertake to cease such activity, where possible, for any data subject on the grounds of such disclosure causing damage and distress on application to, and agreement by, the Data Protection Officer.
    • Regular information sharing with third parties, where there is a valid business reason for sharing information, shall be carried out under a written agreement setting out the scope and limits of sharing. Data processing Agreements will be applied to all contracts and management agreements where the College is the data controller contracting out services and processing of personal data to third parties (data processors). These agreements will clearly outline the roles and responsibilities of both data controller and the data processor. A log of data processing agreements will be kept in the attached format
    • Data processors shall agree to follow to this policy and the GDPR as far as possible, assure the College against any prosecution, claim, proceeding, action or payments of compensation or damages without limitation and provide any personal information specified on request to the Data Protection Officer.
    • All relevant privacy notices the College will inform individuals of the identity of third parties to whom we may share, disclose or be required to pass on information to, while accounting for any exemptions which may apply under the GDPR and other relevant legislation.
    • Personal data will not be transferred outside the European Economic Area unless that country or territory can ensure suitable level of protection for the rights and freedoms of the data subjects in relation to the processing of their personal data. The DPO shall be consulted before any data is sent out side of the EU

    Sharing and disclosure of personal information

    • The College shall routinely make certain personal information publicly available. For an example include publication of degree results in graduation booklets, contact details on the website etc. The College will undertake to cease such activity, where possible, for any data subject on the grounds of such disclosure causing damage and distress on application to, and agreement by, the Data Protection Officer
    • Regular information sharing with third parties, where there is a valid business reason for sharing information, shall be carried out under a written agreement setting out the scope and limits of sharing. Data processing Agreements will be applied to all contracts and management agreements where the College is the data controller contracting out services and processing of personal data to third parties (data processors). These agreements will clearly outline the roles and responsibilities of both data controller and the data processor. A log of data processing agreements will be kept in the attached format
    • Data processors shall agree to follow to this policy and the GDPR as far as possible, assure the College against any prosecution, claim, proceeding, action or payments of compensation or damages without limitation and provide any personal information specified on request to the Data Protection Officer.
    • All relevant privacy notices the College will inform individuals of the identity of third parties to whom we may share, disclose or be required to pass on information to, while accounting for any exemptions which may apply under the GDPR and other relevant legislation
    • Personal data will not be transferred outside the European Economic Area unless that country or territory can ensure suitable level of protection for the rights and freedoms of the data subjects in relation to the processing of their personal data. The DPO shall be consulted before any data is sent out side of the EU

    Access

    • Only where it is required member of staff will have access to personal data and Staff should also be aware that in the event of a Subject Access Request being received their emails may be searched and relevant content disclosed, whether marked as personal or not.
    • A relevant contact address will be made available on the internet for data subjects to use should they wish to submit a Subject Access Request, make a comment or complaint about how the College is processing their data, or about our handling of their request information. A log of Access Requests in the attached format will be kept
    • In the event of a Subject Access Request the attached procedure will be followed
    • Until their identity has not been verified data subject personal information will not be disclosed to them.
    • Third party personal data will not be released by Mont Rose College of Management and Sciences when responding to a Subject Access Request or Freedom of Information request (unless consent is specifically obtained, obliged to release by law or necessary in the substantial public interest)
    • All data subjects have a right of access to their own personal data. Advice will be provided to data subjects on how to request or access their personal data held by the College.
    • All data subjects have a right of access to their own personal data. Advice will be provided to data subjects on how to request or access their personal data held by the College.

    Documents
    Please see the template on our website.;

    Data Protection responsibilities
    Who What
    College as a corporate body Data Controller
    Board of Directors Ultimately responsible for compliance with the GDPR.
    Data Protection Officer (Ahmar Adnan) dpo@mrcollege.ac.uk with assistance from the Risk Assessment (Ali Fraz Khan) a.khan@mrcollege.ac.uk

    Maintain the College notification with the ICO.

    Advise staff on data protection compliance.

    Coordinate responses for subject access requests.

    Report any personal data breaches to the ICO/police as appropriate.

    Issue data sharing guidance and oversee data sharing agreements between the College and third parties

    Develop, administer, disseminate, review and support application of this policy.
    CDS

    Nominated processor for all post sent to and within the College.

    Compliance with data protection legislation and with the principles set out in this policy.
    All staff

    Be familiar with and comply with the policy.

    Ensure that information provided in connection with employment is up-to-date and accurate.

    Observe and comply with the data protection principles and individuals data protection rights.

    Bring queries and issues around data protection to the attention of the Information Governance Officer.

    Do not attempt to gain access to information that is not necessary to hold, know or process.

    Report subject access and other requests to Information Governance staff.

    Note that unauthorised disclosure will usually be a disciplinary matter, and may be considered gross misconduct in some cases. It may also result in a personal liability for the staff member as there is provision within the legislation to prosecute individuals for certain offences.
    All students

    Be familiar with and the policy and comply where necessary.

    Ensure that personal information provided is up-to-date and accurate.

    Observe and comply with the data protection principles and individuals data protection rights.

    Note that unauthorised disclosure of personal data will usually be a disciplinary matter.

  • INFORMATION ACCESS REQUEST PROCEDURE

    If a person (Data Subject) on whom we hold data in a request to see, update, delete or take part or all of the Data we hold for them the following procedure will be followed:

    • The full name address and contact details of the Data Subject should be obtained
    • Ask what information he or she requires
    • Inform the Data Subject that we will let them have a reply within a one calendar month
    • Note the request in the Access log
    • Consult the DPO (dpo@mrcollege.ac.uk) for further information and detail

    The following email should be used to confirm that a request is being dealt with
    Dear Sir/Madam

    On behalf of Montrose College of Management and Sciences I write to acknowledge receipt of your request for certain information on the Data we hold about you. We will deal with your application and get back you to you within one calendar month.

    Yours…

  • LETTER TO SUBJECT INFORMATION OF LOSS

    Wording for letter to Data Subject in the event of a notifiable breach

    Dear Sir/Madam
    Loss of Data Notification pursuant to Article 35 General Data protection Regulations We regret to have to inform you that a data security breach at our business has meant that certain of your personal data has been lost to a third party.

    Either

    The Data lost is as follows:

    Or

    We are not yet certain of the extent of the lost data but will inform you as soon as we are aware of
    exactly what is lost and in any event within 10 working days

    Yours faithfully

  • LETTER OF BREACH TO ICO

    Wording for letter to ICO in the event of a notifiable breach

    Dear Sir/Madam
    ICO Registration number: Z1116113

    We write to advise you of a breach of the General Data Protection Regulations under Article 33 of the Regulations as follows:
    Date of breach:
    Nature of breach:
    Possible effect of breach:

    We are immediately looking to rectify the situation and to ensure this does not happen again

    Yours faithfully

  • PRIVACY POLICY

    We need to provide you with certain information on the personal information we collect from you (also called “Data”) and the information below sets out how we may collect the information and use it

    We take your privacy and security of any information (which, for the purposes of this Notice we will refer to as ‘Personal Data’) that you provide to us very seriously.
    It is this policy (together with all of our other Terms of Use) as documented or referred to on our website which sets out the basis on which any personal data we collect from you or that you provide to us will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting our website and by completing or filling any of our forms you are accepting and consenting to the practices described in this policy.

    1. Formalities

    For the purposes of the EU General Data Protection Regulations and any subsequent UK legislation based on those Regulations (GDPR) the data controller and processor is the Mont Rose college of Management and Sciences (the College) and our Data Protection Officer is Mr. Ahmar Adnan. If you have any issues about how your data is being used he may be contacted dpo@mrcollege.ac.uk.

    2. The detail

    We may collect and process the following data.
    Information you give to us

    This is information about you that you give us by filling in forms on our Website (including the information you provide when you register to use our website, subscribe to our service, search for a product, place an order on our Website or participate in any function on our Website) or completing any forms that we have provided you with or by corresponding with us by phone, email, in person or otherwise.

    To be absolutely clear this information may which is mention on our application form and enquiry form. Which available on website and in person hard copy.

    • With regard to each of your visits to our website and our e-learning website (Moodle) we will automatically collect the following information
    • Technical Information. This may include, for example, the IP address used to connect your computer to the internet, your log-in information, browser type and version, and time-zone setting.
    • Information about your visit. This may include the full URL through and from our Website including date and time.
    • Such information as is otherwise provided by you in order for us to reasonably be able to provide you with our services.

    We may also receive information about you from other sources including other websites that we operate or other services that we provide. We may share that data internally and combine it with data we have already collected. We will only share and combine your data so we can provide the services that you have requested. We work closely with some third parties (including, for example, business partners, sub-contractors, search information providers and DBS check). We will notify you when we receive information about you from them and the purposes for which we intend to use that information.

    It is also possible that we may collect information as a result of combining certain data we have collected or which has been inferred by analytical algorithms. Any such information will only be used if we can reasonably comply with this policy

    Uses that we make of the information provided

    We use the information held about you in the following ways
    If you provide us with information you consent to us using it as follows:

    • To carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us.
    • To provide you with information about other services and courses we offer which we reasonably feel would be of interest to you
    • To provide you with permitted selected relevant third parties e.g. our partner`s institute.
    • To notify you about changes to our services / courses
    • To send you text, email or call for any promotions, open days or any other activity going on.
    • To ensure that content from our website is presented in the most effective manner for you and your computer.
    • You consent to us using information we have collected about you either directly or from other sources (but not necessarily directly from you) for:

    3. Website

    • To improve our To administer our Website and for internal operations including trouble-shooting, data analysis, testing, research, statistic and survey purposes.
    • Website to ensure that content is presented in the most effective manner for you and your computer.
    • To allow you to participate in inter-active features of our service when you choose to do so.
    • As part of efforts to keep our Website safe and secure
    • To make suggestions and recommendations to you and other users of our Website about goods, services or courses that may interest you or them.

    4. Our relationship with you

    As set out in or referred to in our other policies and in particular our personal information use policy

    5. Information we receive from other sources

    We will use this combined information for purposes set out above, depending on the types of information concerned.

    6. These paragraphs tell you who we will share your information with

    You agree that we have the right to share your personal information with:

    • Any member of our Group which means our subsidiaries, our ultimate holding company and its subsidiaries as defined in Section 1 on 59 of the UK Companies Act 2006.
    • Subject to your consent to selected third parties including
    • Business Partners, Suppliers and Sub-Contractors for the performance of any contract we enter into with you
    • Analytics and Search Engine Providers that assist us in the improvement and optimisation of our Website

    In particular we may disclose your personal information as follows:

    • With your consent
    • If the College or substantially all of its assets are required by the third party, in which case personal data held by the College will be one of the transferred assets.
    • If we are under a duty to disclose or share your personal data in order to comply with any legal obligation or in order to enforce or apply our Terms of Use and any other Agreements or to protect the rights, property or safety of our staff students or others.

    7. How we will look after your personal information we have collected

    • We will ensure that we keep a full record of your information
    • We will only keep your information for as long as we reasonably need in order to provide you with the services you have requested unless you have opted for us to keep it for specific times or reasons
    • Your personal information will be stored on secure servers based at our offices and will be protected by passwords to limit those who have access
    • We will ensure that your personal data is held compliant with your rights set out below

    8. Under GDPR you have certain rights which we set out below;

    • The right to be informed about the personal information held and to access it
    • The right to check that the personal information we hold is accurate
    • The right to have inaccuracies deleted or altered
    • The right to have the information erased or to restrict processing
    • The right to take your any away any personal data that you have provided, you have consented to us obtaining or is obtained by automatic methods
    • The right to object generally and to lodge a complaint to the Information Commissioners Office
    • The right not to be subjected to automatic decision making

    9. Outside of the European Union?

    If we send your personal information outside of the EU we will always need your specific consent. Without that our policy is not to send personal information outside of the EU

  • EMAIL POLICY FOR STAFF AND STUDENTS

    Overview

    Email is used as a means of communicating official company information to staff, students and other relevant authorities, convenient, rapid, environmentally aware, and cost effective. Mont Rose College of Management and Sciences issues an email address and disk space for email storage to all staff and students. Mont Rose College of Management and Sciences also distributes email software on computer systems. This practice ensure that all staff and students have email communication readily available to them. The purpose of this policy is to set forth the rights and responsibilities of both users and providers of electronic mail for staff and students. Email facilities are provided primarily to improve communications among staff and students for matters relating to their roles within Mont Rose College of Management and Sciences. Limited use for personal and social purposes is tolerated, not such use should not become excessive.

    1. Purpose

    This policy protects Mont Rose College of Management and Sciences assets and helps ensure our ability to continue business operations.

    2. Scope

    This policy applies to Student and Staff that have access to Mont Rose College of Management and Sciences

    3. Use of Email

    Mont Rose College of Management and Sciences uses electronic mail to communicate official Mont Rose College information of many kinds to Staff, Students and others. Staff are responsible for reading and responding to their email on a frequent and regular basis, since some official communications may be time sensitive. Mont Rose College of Management and Sciences suggests that Staff access their email account on a daily basis.

    Staff need to set up an automatic out of office reply through Outlook when they are away from the College. This should include alternative contact details for urgent enquiries.

    No user should send insulting, abusive, bullying, harassing , obscene, racist, sexist offensive, incitement to commit a criminal offense or threatening or which may contains any malicious code; for example virus. No information should be communicated within or outside the college which is defamatory, which brings Mont Rose College of Management and Sciences into disputes, or which violates laws.
    All users must act sensibly and appropriately when using the College’s email, or computing facilities to send an email, whether internally or externally using the internet.

    If anyone receive these email containing any such material, and they are concerned about this should inform relevant authority. Any user must not send an email which might bring the College into disrepute or purport to be the view of College unless they are authorised in writing to express views on behalf of the College.

    Under the data protection act personal data processed for any purpose or purposes shall not be kept for longer than necessary for that purpose or those purposes. To prevent unauthorised or accidental disclosure of the information, it is essential to exercise care in its disposal, including protecting its security and confidentiality during storage, transportation, handling and destruction.

    Any one Staff or Student found to be in breach of this policy may be subject to disciplinary action.

    4. Email Termination

    Mont Rose College of Management and Sciences retained the right to terminate email addresses allocated to the students within 90 days of completion or leaving the course. The College will not take any responsibility for any loss of data after a given period. Therefore, it is a student`s responsibility to back up their data within the given time.

    For the staff upon leaving the College their email address will be terminated immediately.

  • HOW AND WHY DOES THE COLLEGE USE PERSONAL DATA

    • To enable us to administer student-related functions from original applications through to graduation and to provide alumni services;
    • To produce information including statistics for relevant external agencies such as the Higher Education Statistical Agency (HESA) and the Higher Education Funding Council for England (HEFCE) which allocates funds to the College on the basis of student numbers;
    • To enable College staff to communicate with students;
    • To monitor academic progress over the period of enrolment towards completion of a qualification;
    • To carry out assessments, authorise award of qualifications and verification of awarded qualifications
    • To monitor, complaints, disciplinary cases and academic appeals;
    • To provide student support services, IT and Moodle where the student has access to their learning sources;
    • To monitor, develop and update College systems to ensure they continue to operate effectively and securely
    • The College also processes personal data in relation to staff, both academic and non-teaching. This is undertaken to facilitate recruitment activity and to administer the requirements the College must meet as an employer in line with UK law. In addition, it is used to facilitate operational activity within the relevant faculty / professional service.

    1. What personal data does the College collect?

    The College collects personal data from students at several stages. The personal data collected is mentioned below:
    Initial email/telephone enquiry

    • Name and Address
    • Contact details (Telephone Number, Email Address)
    • Subject / Area of interest

    Details from application forms:

    • Name and Address
    • Contact details (Telephone Number, Email Address)
    • Age / Date of birth
    • Gender
    • Nationality and Country of Residence
    • Educational Records to Date
    • Academic References (Including personal statement ,Resume and grades)
    • Disability Declaration
    • Criminal Conviction Declaration
    • How did they hear about us and if a friend who study here recommends mention their name or Student ID.
    • Programme name
    • Next to Kin detail (Name, Address, mobile, home phone, email and country and town.
    • Applicant passport number, place of issue, date of issue and valid till.
    • Work Experience detail if applicant has it
    • Ethnic Origin
    • Proof Addres
    • Sexual Orientation
    • Religion or Belief
    • Student support eligibility check
    • Previous qualification results
    • Photograph
    • For students taking courses in HND Health and Social Care and Diploma in Education and training need a DBS Clearance.

    2. The College collects the following information from academic and non-teaching staff which is outlined below:

    Initial application:

    • Name and Address
    • National Insurance Number
    • Contact details (telephone number, email address)
    • Self-declaration of permission to work in the UK and upload of passport/visa copy if necessary
    • Relevant qualifications or indication of highest qualification held
    • Professional Development / training and membership of any professional body
    • Employment history
    • Referee details
    • Data captured for equal opportunities monitoring (gender, date of birth, nationality, marital status, sexual orientation, religious belief, ethnicity)
    • Declaration about any disability as defined under the Equality Act 2010 Once a candidate has been made an offer of employment:
    • Bank details
    • Emergency contact details
    • Health information
    • Certain positions also require a DBS compliance check to be completed
    • Data captured for equal opportunities monitoring

    3. Sharing of personal data

    Professional and Funding Bodies:

    • Validation of registrations and awards; and
    • Approval of funding applications. National/Local Government Departments and other public bodies:
    • Higher Education Statistics Agency (HESA) and HEFCE to produce a variety of statistical reports about higher education that are required to be published in the public interest;
    • UK Immigration agencies to ensure compliance with the conditions attached to student/staff visas;
    • The Student Loans Company in connection with grants, fees, loans and bursaries;
    • The courts, the police and other organisations with a crime prevention or law enforcement function (subject to meeting the conditions of Section 29 of the DPA Data Protection Act);
    • Local authorities for the purposes of assessing and collecting council tax.
    • Employers who request a reference from the College (for relevant staff and students).
    • Internal examiners for examination, assessment and moderation purposes;

  • WEBSITE AND IT EQUIPEMENT ACCEPTABLE USE POLICY

    1. What’s in these terms?

    This acceptable use policy sets out the content standards that apply when you upload content to our Site, make contact with other users on our site, link to our site, or interact with our Site in any other way,

    2. Who we are and how to contact us

    www.mrcollege.ac.uk (the Site) is a site operated by Mont Rose College of
    Management and Sciences (“We” or “the College”).
    To contact us, please se below

    By using our site you accept these terms

    • By using our site, you confirm that you accept the terms of this policy and that you agree to comply with them.
    • If you do not agree to these terms, you must not use our site.
    • We recommend that you print a copy of these terms for future reference.

    3. Terms and Condition

    The College reserves the right to withdraw or amend the services provided on the Site without notice and access to the Site is permitted on a temporary basis only. The College is not liable if for any reason the Site is unavailable at any time for any period. The College may restrict access to users to any part of the site or to the entire site for technical, administrative or legal reasons. If you are provided with, a user identification code, password or any other piece of information as part of the College’s security procedures, you must treat such information as confidential and you must not disclose it to any third party. The College has right to disable any credentials, whether chosen by you or allocated by the College at any time if in the College’s opinion you have failed to comply with any of the provisions of these terms of use. You are responsible for ensuring you have complied with all procedures relating to use of the Site. You are also responsible for confirming that all persons who access the Site through your internet connection are aware of these terms and comply with them.

    You may use the Site, only for lawful purposes. You must not use the Site:

    • In any way that breaches any applicable local, national or international law or regulation.
    • In any way that is unlawful or fraudulent, or has any unlawful or fraudulent purpose or effect.
    • For the purpose or harming or attempting to harm minors in any way
    • To send, knowingly receive, upload, download, use or re-use any material that does not comply with Content Standards.
    • To transmit, or procure the sending of, any unsolicited or unauthorised advertising or promotional material or any other form of similar solicitation (spam)
    • The courts, the police and other organisations with a crime prevention or law enforcement function (subject to meeting the conditions of Section 29 of the DPA Data Protection Act);
    • To knowingly transmit any data, send or upload any material that contains viruses or any other computer code, programmes or files designed to destroy, interrupt or limit the functionality of any computer, computer software or hardware or telecommunications equipment

    You also agree:

    • Not to reproduce, duplicate, copy or re-sell any part of our site in contravention of these terms
    • Not to access without authority, interfere with, damage or disrupt:
    • Any part of our Site;
    • Any equipment or network on which our Site is stored;
    • Any software used in the provision of our Site; or
    • Any equipment or network or software owned or used by any third party.

    4. Intellectual property rights

    The is the licensee/owner of all intellectual property rights in the site and in the material published on it, those works are protected by copyright and such rights are reserved to the . You may must not use any photographs, video or audio sequences or any graphics separately from any accompanying text. Any kind of direct or indirect commercial use of the site material is prohibited.

    Breach of this policy
    When we consider that a breach of this acceptable use policy has occurred, we may take such action as we deem appropriate.

    Failure to comply with this policy constitutes a material breach of the terms upon which you are permitted to use our site, and may result in our taking all or any of the following actions:

    • Immediate, temporary or permanent withdrawal of your right to use our site or IT Equipments.
    • Immediate, temporary or permanent removal of any Contribution uploaded by you to our site.
    • Issue of a warning to you.
    • Any equipment or network on which our Site is stored;
    • Legal proceedings against you for reimbursement of all costs on an indemnity basis (including, but not limited to, reasonable administrative and legal costs) resulting from the breach.
    • Further legal action against you.
    • Disclosure of such information to law enforcement authorities as we reasonably feel is necessary or as required by law.

    We exclude our liability for all action we may take in response to breaches of this acceptable use policy. The actions we may take are not limited to those described above, and we may take any other action we reasonably deem appropriate.

    5. Which country  laws apply to any disputes?

    If you are a consumer, please note that the terms of this policy, its subject matter and its formation are governed by English law. You and we both agree that the courts of England and Wales will have exclusive jurisdiction except that if you are a resident of
    Northern Ireland you may also bring proceedings in Northern Ireland, and if you are resident of Scotland, you may also bring proceedings in Scotland. If you are a business, the terms of this policy, its subject matter and its formation
    (and any non-contractual disputes or claims) are governed by English law. We both agree to the exclusive jurisdiction of the courts of England and Wales.

    6. Prevent Duty

    As part of our prevent duty we will be montiroing all users and liase with relevant authorities where it is necessary. Please see our website for further information related to Prevent.

    7. User of IT Equipment

    Staff, teachers and students are not allowed to connect to their personal devices using College PCs and Laptops or any devices does not belong to Mont Rose College e.g remote desktop or any third party software any electronic devices.

    Teachers are not aollowed to use their personal computers within College premises providing that they have been given a PC or Laptop to work with.

    8. General

    Nothing in these terms of use is intended to nor shall it confer any benefit on a third party whether under the Contracts (Rights of Third Parties) Act 1999 or otherwise. The Colleges failure or delay to exercise or enforce any rights in these terms of use does not waive the College’s right to enforce that right.

    9. Contact details

    Mont Rose College of Management and Sciences,
    Shakespeare House- South Campus,
    267 Cranbrook Road, Ilford, Greater London
    IG1 4TG.
    Email: info@mrcollege.ac.uk
    Phone: 020 8556 5009