Please do not come to the old site on the Surrey Research Park as this will be closed from 1st March 2025.
Please check course information carefully for details about your training venue.
Privacy Policy
We care about your privacy and want to help you understand how we collect, use, and share your personal information.
This privacy notice links to our organisation’s Data Protection Policy available from https://www.cofeguildford.org.uk/data-protection-policies-/
Data Controller
The data controller is:
The Diocesan Board of Finance, Guildford Diocese Church House, Guildford, 20 Alan Turing Road, Guildford, Surrey GU2 7YF
1. Why we collect and use your personal data
- To enable you to access the online services, learning and resources on this site and participate in training.
- To monitor usage and improve the provision of services and training.
- To ensure access to online services, training, learning and resources is restricted to those entitled to use them.
2. The categories of data we collect
When you use this site, information in the following categories is collected
- Required Personal Data
- Optional Personal Data
- Technical Data
- Usage Data
Cookies
Three cookies are used by this site:
The Session cookie is essential. It enables your browser to provide continuity and to maintain your login from page to page. When you log out this cookie is destroyed from your browser.
The CSRF cookie is essential. This is an encrypted cookie that is included with each response generated by the website. This cookie is used to prevent a certain type of malicious activity and is common to many websites. It does not contain any personally attributable data.
The Google Analytics cookie is active by default but can be disabled in your browser’s site settings. This cookie collects general information about your website use, including pages visited and your approximate location (City or authority).
No other cookies are used by this site.
3. Details of the data collected and the lawful basis for using your information
| Category of Data | Type of Data | Lawful basis for processing |
| Personal Data |
| Necessary for our legitimate interests (to ensure that access to the site in general and to specific resources is only provided to people with the right access to these resources) |
| Resource Participation Data |
| Your Consent – any participation data which is shared will be expressly stated on the individual modules. |
| Optional Personal Data |
| By entering this optional information, you are providing consent for it to be stored. You can delete/edit it at any time. |
| Technical Data |
| Necessary for our legitimate interests (provision of administration and IT services, network security and to prevent fraud.) |
| Usage Data |
| Necessary for our legitimate interests (to ensure that access to particular resources is restricted to specific groups of users, troubleshooting and site optimisation) and to record numbers for evaluation purposes. |
Aggregated Usage Data
Data about the use of the various service agreements, services, training, learning and resources is aggregated and is not personal data. It is used to inform the development of the site and help optimise the use of the site and for evaluation purposes.
Legitimate Interest Assessment
| We have a specific purpose with a defined benefit. | To provide access to our service agreements, services, training, learning and resources, allow resources to be shared and facilitate communication between site users. |
| The processing is necessary to achieve the defined benefit. | Technical and Usage Data needs to be collected to provide this service. Details of access to the site are stored for security, for troubleshooting and to improve the site. |
| The purpose is balanced against, and DOES override, the interests, rights and freedoms of data subjects. | Since the processing of data is kept to a minimum and is for the purpose of a) providing the data subjects to purchase services, online learning and resources that they wish to use, and b) reporting of evaluative data to fulfil funding requirements, the purpose, and our Legitimate Interest DOES override, the interests, rights and freedoms of data subjects. |
For a copy of the full Legitimate Interest Assessment please contact the person named in section 7.
4. Who we collect from or share your information with:
We collect basic personal information about you from the information you give us and from your participation in resources. We do not collect personal information about you from any other source.
a) You may be asked to give more information via a questionnaire, course evaluation or other service activity that will be visible only to the Site Administrator and, at times, other named people with designated site permissions “Primary School Admin” and “School Admin”.
b) This will be optional, and we will explain why we want this information, who will see it and what we will do with it at the point of collection.
c) When you participate on the portal platform, your name and optional personal data will be made visible to Site Administrators and, at times, other named people with designated site permissions “Primary School Admin” and “School Admin”.
d) We report data on: numbers registered from each school/academy/organisation, service engagement, feedback responses.
This site provides access and links to different resource providers. We do not provide these sites with any information about you. Each of these will have their own privacy policy and you should read their privacy policies before providing them with your information.
5. How long do we keep your information?
Data is kept for a maximum of two years after your last access to the site. Each January, any user who has not accessed the site in the last 24 months will have their personal identifiable data deleted. You may request that your personal data is deleted prior to this.
Data which is required for the purpose of billing our chargeable services and training is kept for a minimum of six years in line with requirements set out by HM Revenue & Customs and in accordance with UK Legislation governed under UK Law.
6. Your rights
You have the following rights regarding your personal data:
- The right to be informed about any data we hold about you;
- The right to request a copy of your personal data which we hold about you;
- The right to request that we correct any personal data if it is found to be inaccurate or out of date;
- The right to request your personal data is erased where it is no longer necessary for us to retain such data;
- The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
- The right to object to the processing of your personal data.
- The right to obtain and reuse your personal data to move, copy or transfer it from one IT system to another
To exercise these rights, please contact the Data Protection Team using the contact information provided below. The National Church Institutions data protection (NCI) Individual Rights Policy is available on request.
7. Queries, complaints or concerns
If you have any queries regarding this processing activity, or how the gdbe-elevate.org portal platform handles your personal data please contact, in the first instance:
- I) GDBE School Services Manager on 01483 484911 or via email gdbe-elevate@cofeguildford.org or at Church House Guildford, 20 Alan Turing Road, Guildford, Surrey GU2 7YF
- II) If you have any questions about The Diocese of Guildford Privacy Notice or the information, we hold about you or to exercise all relevant rights, queries or complaints please contact our Data Protection Team on 01483 790300 by email at data.protection@cofeguildford.org.uk or at Church House Guildford, 20 Alan Turing Road, Guildford, Surrey GU2 7YF
Alternatively, you can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/cont... or at Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF