Data protection is concerned with personal data, which is defined as information regarding a living person who can be directly or indirectly identified either from the data or by the use of other sources of information. The legal definition specifically includes both opinions about the person and the data controller’s intentions for them. Everyone who is responsible for using personal data has to follow statutory data protection principles.  They must make sure the information is:
 used fairly and lawfully
 used for limited, specifically stated purposes
 used in a way that is adequate, relevant and not excessive
 accurate
 kept for no longer than is absolutely necessary
 handled according to people’s data protection rights
 kept safe and secure
 and not transferred outside the UK without adequate protection
Personnel must be aware that there is stronger legal protection for more sensitive information, such as:
 ethnic background
 political opinions
 religious beliefs
 health
 sexual health
 criminal records

MAEL is registered under the DPA and so information can be stored electronically.   Personal information covered by the DPA includes names, addresses and telephone numbers and other sensitive and confidential information such as ethnic origin, health status, special needs or credit card details. Photographs and films taken of learners or children are also covered by the DPA, as are assessment grades.

Data Protection Policy

MAEL requires personal data to be collected and retained in order to carry out its duties efficiently.

For further details click (more…)


The following data is retained:
 contact details of adult learners and copy certification with transcripts (to facilitate the issuance of accurate duplicates, or references – retained permanently) held securely as both hard copy and electronically
 references & testimonials (kept permanently to facilitate the issuance of consistent comments in the event of needing to deal with subsequent enquiries)
 copies of correspondence with learners or teaching centres, held for 2 years (or permanently if the subject matter may bear on subsequent issues or enquiries.)
 results/copies of assessments of adult learners (retained until 2 years after certification to allow for appeals) together with records of moderation procedures – held as hard copy with electronic storage of summaries
 financial information relating to teaching centre fees and company salaries and expenses (retained for 6 years or until the legal requirement lapses) – held securely as hard copy
 records of complaints/appeals (kept for 6 years after the matter has been resolved – to enable solutions to be consulted in the event of a repetition) – held as hard copies.
 all communications with regulatory bodies (retained for 5 years after the annual report has been made) held as hard copy or electronically depending on the mode of communication employed.

It will be necessary to collect personal information about the learners provided for in Centres in order to manage the business, as well as company employees. The Data Protection Act 1998 (DPA) applies to this information and it is the responsibility of all staff to protect that information, be it about other staff, directors, shareholders, Centres, learners or children. Overseas centres must accept responsibility for becoming aware of, and observing, regional or national legislation, as well as complying with UK legislation. Any perceived conflict must be reported to the MD to investigate and recommend the appropriate course of action. The report may be by any mode of communication but a written format is preferred.

There is a separate Confidentiality Policy (see navbar above), which is an essential part of the data protection procedures.


 Reviewed 13/05/2021