This website uses cookies
We use cookies to personalise content and ads, to provide social media features and to analyse our
website traffic. We also use and may share information about your use of our site with our social
media, advertising and analytics partners who may combine it with other information that you have
provided to them or that they have collected from your use of their services to provide personalised
advertising to you.
How we use your personal information
Our privacy policy tells you about the personal information we collect from you, how we use it, and
what your rights are. We’ve divided it into headings you can select and view, depending on the
services you are using.
If we make any major changes to this policy, we’ll add an alert on this website, our social media
channels, or contact you. If you are under the age of 13, you can take a look around our website, but
you shouldn’t give us your personal information, as our services are for people aged 13 or over. As
GreenAcademy processes personal information of individuals under the age of 18 we handle data
and develop our systems and services in accordance with Code of Practice known as the ‘Children’s
Code’, which has been released by the Information Commissioner’s Office (ICO).
If you’ve got any questions about our privacy policy, or how we use personal information,
email datagovernance@greenacademy.co.uk or write to: Data Protection Officer, GreenAcademy,
1B, Etim Inyang Crescent, Off Muri Okunola. Victoria Island, Lagos.
Terms used in this policy
Who we are
GreenAcademy stands for the ‘Universities and Colleges Admissions Service’ – we manage
applications to higher and further education in Nigeria.
All personal information provided by you through this website is under the control of
GreenAcademy, and we’re responsible for taking care of your personal information in line with the
Data Protection Act 2018, and the UK General Data Protection Regulation (GDPR) and applicable
laws in Nigeria.
This policy may refer to the organisation as ‘GreenAcademy’, ‘our’, ‘us’, or ‘we’, and our registered
office is 1B, Etim Inyang Crescent, Off Muri Okunola. Victoria Island, Lagos.
Terms used in this policy
When explaining how we use your personal information, we use quite a few terms to describe our
services.
We try to use language that is easy to understand and avoid legal terms. However, we’re required by
law to include certain information in our privacy policy – here we explain what these terms mean:
Nigeria and International General Data Protection Regulation (GDPR) is a regulation on data
protection and privacy, that applies within Nigeria and the United Kingdom (UK). The regulation
provides individual control and rights in respect of personal information.
Data Protection Act 2018 (DPA), along with the GDPR, sets the regime for handling personal data
within Nigeria and the UK.
Personal data is information about individuals, like name and address, or educational or work
achievements. Our policy may refer to personal data as ‘personal information’.
‘Special category’ personal data is personal information the GDPR considers to be sensitive, such as
information about ethnicity, sexual orientation, religious beliefs, or mental and physical health. Use
of this personal information is subject to stricter conditions under the GDPR.
Criminal convictions personal data is personal information about someone’s criminal convictions. If
you apply to some courses, such as ones that involve working with children, we will ask you if you
have any criminal convictions.
Lawful basis for processing – all uses of personal information must be supported by a ‘lawful basis
for processing’. This means there must be provisions in the GDPR or DPA allowing the use of
personal information for specific purposes.
Keeping your information secure and transfers of personal data
We use a variety of measures to make sure we hold your personal information securely, and only
share it with organisations who need to access it. This includes maintaining an Information Security
Management System, in line with the international standard ISO 27001:2013.
We use third party suppliers who provide parts of our services for us. We have contracts with these
suppliers, which require them to use personal data only to provide these services to us.
Where we use the services of a supplier which involves transferring personal data outside the United
Kingdom (UK), these will be made to countries with a level of data protection law similar to the UK,
or we will include approved model contract clauses, which provide safeguards for the personal data
transferred. If you want to know more about international transfers of your personal data, please
contact datagovernance@greenacademy@gmail.com
Retention of personal information
We retain your personal information in accordance with the GDPR, which obliges us to keep it only
for as long as is necessary. If we do not have any requirement to retain personal information for
business, regulatory, or legal reasons, we will delete it.
Article 89 (1) of the GDPR allows us to retain personal information for statistical and research
purposes in the public interest. If you apply through one of our admissions schemes, we’ll retain and
use this, in combination with other information we hold, to produce statistical analysis and research
in respect of the higher education sector, for public benefit.
Some of the public benefit research we undertake means we must retain this information in a way
that allows individuals to be identified. Examples of such research include:
universities wanting to measure the success of their ‘widening participation’ schemes. This is
government policy, and requires them to encourage and review participation in higher education
across different social groups, and to measure the success of their interventions on admissions to
higher education in respect of named individuals
data from our admissions schemes over historic cycles, which we link to other datasets. to help
produce reports on equality in higher education admissions
Where possible, we also deploy additional security measures encouraged by the GDPR. This includes
using personal information held in a format that does not directly identify specific individuals,
without the use of a separately stored code or key that allows identification. This is referred to in the
GDPR as ‘pseudonymised data’.
Personal information – your rights
The GDPR provides you with rights in respect of your personal information.
The right to be informed about the way UCAS processes your information – we provide these details
when you first use a UCAS service and this includes the information available through this privacy
policy.
The right of access to information GreenAcademy holds about you. There may be a requirement to
provide identification details so we can be sure we are sharing information with the right person. We
may also ask you for confirmation of the information you are hoping to obtain or your interactions
with GreenAcademy to support this handling of your request.
The right of data portability – provides a right to a machine-readable copy of your information in
certain circumstances.
The right to object to ‘automated decision-making’ including profiling – you have a right under the
GDPR to object to any decision that has legal effects on you made by solely automated means (e.g.
no human intervention). GreenAcademy’s uses of personal information doesn’t include automated
decision-making as defined in the GDPR.
The right to ‘rectification’ of your information – if you believe that the information GreenAcademy
holds about you is inaccurate, you have a right to ask us to amend or update that information.
The right to request deletion of your personal information – GreenAcademy rretains personal
information to support research into the higher education sector. However, you can request that we
delete the personal information we hold about you and will provide a response.
The right to object to uses of personal information, in particular where the lawful basis for
processing relies on processing in the public interests, or GreenAcademy’s legitimate interests. See
the section ‘Lawful basis for processing’ for more information.
The right to restrict processing, which is available in certain circumstances.
If you would like to apply these rights, or have questions about GreenAcademy’s’ use of personal
information, please email datagovernance@greenacademy.gmail.com, or write to: Data Protection
Officer, GreenAcademy, 1B, Etim Inyang Crescent, Off Muri Okunola. Victoria Island, Lagos.
If you’d like to opt out of receiving direct marketing, you can click the ‘Unsubscribe’ or ‘Update
preferences’ links in the communications we send.