Contact us

INTO University Partnerships Limited - Privacy Notice

DATE OF ISSUE: August 2025

This notice will help you understand how INTO University Partnerships looks after your personal data, and covers your use of this site and the services that are offered by us.

In this privacy notice, the terms "we", "our", and "us" refers to INTO University Partnerships Limited of 1 Gloucester Place, Brighton BN1 4AA, UK. Details of other companies in our group who may direct you to our site are available here and may be collectively referred to as “INTO” and individually as an “INTO Entity” in this notice.

We are a controller of your information which means that we are responsible for looking after it. We will use your personal data fairly, lawfully and in a transparent manner, and in accordance with UK data protection laws.

1. What’s in this policy?

This privacy notice is for when you’re in the UK. It tells you:

  • what information we might collect about you
  • how we might use that information
  • when we might use your details to contact you
  • what information we might share with others
  • your choices about the personal information you give us.

We have supplementary privacy notices available to read for when you’re outside the UK.

Supplementary privacy notices

Australia – privacy notice Click Here

China – privacy notice Click Here

U.S.A. - privacy notice Click Here

If you are based within the European Union:

We have appointed EU Rep (Bizlegal t/a EUREP, Company number 635921, Ireland) as our Representative under Article 27 of the EU General Data Protection Regulation (“GDPR”). All GDPR queries from EU Data Subjects or Data Protection authorities should be submitted to EU Rep via their dedicated form.

Third-party links

Our websites may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share information about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.

2. The information we collect about you

Depending on which services you use, we collect different kinds of information from or about you, which we have grouped together as follows:

  • Identity Information includes first name, last name, username or similar identifier.
  • Contact Information including email address and telephone number.
  • Employment Information relates to the name of the organisation you represent and your role.
  • Device or other Technical Information includes your device ID, browser type and version, browser plug-in types and versions, or operating system.
  • Location Information may depend on the type of device you’re using or its settings but can include IP address, time zone setting and geographical location.
  • Usage Information includes information about how you use our websites, services, and other resources.
  • Marketing and Communications Information includes your preferences for receiving marketing and other communications from us.

Applying for a job with us: We may process other personal information when you apply for a job with us - our Privacy Notice for Candidates and Prospective Employees gives you more information about this.

3. How is your personal data collected?

We use different methods to collect information from and about you, including through:

  • Information you provide when completing a form, either in hard copy or online, making an enquiry or by corresponding with us by post, phone, email or otherwise.
  • From websites and apps that use our services. As you interact with our websites, we may automatically collect technical information about the device you use, browsing actions and patterns. We collect this personal information by using cookies and other similar technologies, and to find out more about how we do this, please visit our Cookies Policy.
  • Third parties or publicly available sources. We may receive personal information about you from various third parties including analytics providers, search information providers or from other third party companies we may engage from time to time.

4. How do we use your personal data?

We have to have a valid reason to use your personal information – it’s called a “lawful basis for processing”. Sometimes we might ask for your permission to do things, such as when you complete our “Contact Us” form. There may be other times when you’d reasonably expect us to use your personal information, but we will only do so when the law says it’s fine to use it, and it fits with your rights (see section 9. “Your legal rights” below.

We may use your personal information for these things:

  1. to register your interest in our services when you submit an enquiry ;
  2. to answer your enquiry and provide you with information regarding our partnership services or to respond to a comment or complaint;
  3. to deliver our services to you and to provide you with information about them, including letting you know about any new offers and services which may be of interest to you, and to enable us to personalise and tailor our communications to you;
  4. to enable you to participate in our research surveys – these are issued from time to time and are always voluntary - or recommend things that we think could be of interest to you;
  5. to help us understand what kind of services you might use and sometimes how you might share information with other people;
  6. to update you on any changes we think you should be aware of, for example when a relevant policy or the terms of use for this website are updated; and
  7. to deal with any requests from you regarding your rights under this notice to enable us to comply with a legal obligation.

Automated decision making: Assumptions are made about your interests depending on the information you have supplied to us about yourself, and about the website you were visiting when you did so. For example, if you enquired about our presence in the UK, we assume you may be interested in our partnership activities and services in the UK.

If you require any further information about the automated decision making processes we have in place, please contact us at privacy@intoglobal.com

Marketing: We aim to provide you with choices regarding how we contact you for marketing purposes and advertising of our services. We may use the information you have given us to form a view on what we think you may want or need, or what may be of interest to you: for example, in respect of a new promotion or service that we are running. We also conduct surveys and research and analyse the information that we have in order to evaluate and improve existing products and services and develop new products or features.

Cookies: We use cookies and similar technologies to provide and support our services. Please read our Cookies Policy to learn more.

5. Disclosures of your personal data

We may share your personal information with other INTO Entities. We may also share your personal information with selected external third parties including:

  • business partners;
  • third party suppliers, service providers and sub-contractors who perform any services for us: for example, technology companies whose systems we use; or agencies who provide services on our behalf, such as carrying out marketing campaigns;
  • analytics and search engine providers that assist us with the improvement and optimisation of our websites;
  • third parties with whom we have a duty to disclose, for example, where disclosure is necessary due to a legal process or an enforceable governmental request; and
  • third parties to whom we may choose to sell, transfer or merge part of our business to or with. Alternatively, we may seek to acquire other businesses or merge with them.

We require all third parties to respect the security of your personal data and to treat it in accordance with data protection laws, and when relevant, we will also ask third parties to process your personal data for specified purposes in accordance with our instructions.

6. Transferring personal data outside the UK

The information we collect from you may be transferred to, and stored at, destinations outside the UK and the European Economic Area (EEA). It may also be processed by staff of another INTO Entity operating outside the UK. When submitting your personal data to us, please keep in mind that it could be transferred, stored or processed in a location outside the UK and the EEA.

Please contact us if you want further information on the specific safeguards we use when transferring your personal data out of the UK.

7. Protecting personal data

We are strongly committed to keeping your information safe and hold current Cyber Essentials Plus certification. We also have dedicated teams in place to look after the security of the personal data we hold, starting from the point of collection to the point of destruction or anonymisation. 

We will also only transfer personal data to third parties if they agree to comply with INTO’s specific data security measures, or we are satisfied that they have in place adequate security measures themselves.

At the same time, the security of any password that may allow you to access certain parts of our website is your responsibility, whether we have given you the password or you have chosen it yourself. We ask you to please not share your password with anyone. We will not be liable for any unauthorised transactions entered into using your username, personal information and/or password.

8. Information retention

We will keep your personal information for as long it’s needed to fulfil the purposes we collected it for, including satisfying any legal, accounting, or reporting requirements. We may also keep it for a period after this time as may be necessary and relevant to our legitimate operations.

A number of factors help us decide how long to keep your personal data for: the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, or any legal requirements (for example, any laws which require us to keep certain types of document for a certain length of time).

In some circumstances we may anonymise your personal data (so it can no longer be associated with you) for statistical purposes, in which case we may use this information indefinitely without further notice to you. We may also keep records of your stated objection to the processing of your personal data or your objections to receiving communications, for the sole purpose of ensuring that we can continue to respect your wishes to not contact you further.

9. Your legal rights

Your personal data matters and we hope the information below will help you understand your rights and exercise them as easily as possible.

If you would like more help in relation to one of these rights, or need any further information, please complete our Online Rights' Request form or send an email to: privacy@intoglobal.com - we will likely need to ask for further information to help us deal with your request, which may include asking for some identification. This is a security measure to ensure your personal data is not disclosed to any person who has no right to receive it.

Under data protection law, you have the right to:

  • Request access to your personal data (commonly known as a "data subject access request") – this allows you to ask for a copy of the personal data that we hold about you, please contact us and explain the details of what you want to help us find it;
  • Request the correction of your personal data – if you think any of the information we hold about you is wrong, please contact us for help and tell us what needs updating;
  • Request erasure of your personal data (also known as “right to be forgotten”) means you can ask us for your personal information to be deleted – sometimes we can delete your information, but other times it’s just not possible because the law tells us we can’t. If this happens, we will tell you but also let you know if we can limit the amount of data that we hold about you;
  • Object to the processing of your personal data – if we’re using your information for direct marketing purposes then you can unsubscribe at any time by using the specific link in our communications. For other types of requests, please contact us and we’ll consider the reasons why you would like us to stop processing your data, although there are some instances where we may need to keep your data if we have a valid reason;
  •  Move your personal data (as known as “right to data portability”) – this right allows you to ask for and download personal information so you can move, copy or keep it yourself. Please note: this right only applies to automated information which you initially gave us electronically.

Time limit to respond: We aim to respond to all legitimate requests as soon as possible and within one calendar month of receipt. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

10. How to contact us

We work to high standards when processing personal data. You can contact our Data Protection team with any questions about this privacy notice, or our data privacy practices more generally, by email to: privacy@intoglobal.com or by post to: The Data Protection Officer, INTO University Partnerships Limited, One, Gloucester Place, Brighton, East Sussex, BN1 4AA.

We’re regulated by the Information Commissioner’s Office (ICO). If you’re unhappy with how we have used your data, you can also contact the ICO for advice and support and their address is: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF 

11. Changes to this policy

We regularly review and update this policy. If we make important changes, like how your personal information will be used by us, we’ll let you know. This might be in a notice posted on this site or an email.