The British Council is the United Kingdom’s international organisation for cultural relations and educational opportunities.
We collect and use personal information to offer people information, products and services. This policy will apply in all locations where we operate to all forms of information and to all systems used to collect, store, process or transfer information.
In countries where there are different privacy and data protection laws, we will comply with those laws where they meet internationally accepted privacy principles and fair information handling practices.
The British Council is committed to:
- performing privacy impact assessments to protect the privacy and rights of its customers and employees
- protecting the confidentiality, integrity and availability of the information it collects, stores, transfers and processes in accordance with UK law and international good practice, and to meeting its legal requirements and contractual obligations
- explaining why it needs personal information, only asking for the personal information it needs and only sharing personal information within the British Council and with other organisations as necessary or where the person concerned has given their consent
- allowing people to request access to the personal information it holds on them and to complain if they believe their information has been mishandled
- not keeping personal information for longer than necessary
- taking measures to protect the rights and freedoms of individuals whose personal information may be transferred to countries with differing data protection laws
- ensuring that actual or suspected breaches of information security are reported and investigated
- assessing and measuring the maturity of its information security controls annually
- applying these standards to its supply chain and delivery partners.
We will provide adequate and appropriate resources to implement this policy and will ensure it is communicated and understood.
The British Council will review this global policy statement annually to reflect new legal and regulatory developments and ensure good practice.
This global policy statement was approved by Sir Ciarán Devane, Chief Executive, in March 2018 and is due for review in March 2019.
This policy forms part of our Code of Conduct and is referred to within it to support compliance and the management of risk.