English Online Service Privacy Notice

The British Council is the Data Controller of the information that you provide to us; this means we are responsible for determining how your information is collected, used and disclosed to others.

We collect your personal data for the following purposes:

  • For processing your registration to all our English Online services, including trial and explorer registrations, enabling your use of our mobile app, and for service-related communications.
  • For delivering and administering teaching activities.

  • To respond to additional medical needs or disabilities, to ensure we adjust the learning process to your needs.
  • For direct marketing i.e., to send you news about the English Online and other activities, services and events provided by the British Council).
  • We may also invite you to review our products and services; your feedback will help us improve our English Online Services and may also be used for our promotional materials.
  • For safeguarding needs, where children or adults could be at risk , so we can act proportionately.

Legal basis

Any collection and use of personal information requires having a lawful basis or justification to process it, and this may vary depending on the activity we collected it for. We rely on the following lawful bases:

  • For registration-and teaching related activities: the processing is necessary for us to carry out  the British Council English Online  Terms and Conditions of use.
  • For additional medical needs or disabilities: your consent. Collection of this information is optional, and you provide it at your discretion.
  • For direct marketing: your consent.
  • For review invitations, we rely on our legitimate interest to improve our products and services by seeking feedback from our customers.
  • For safeguarding needs: your consent. Collection of this information is optional, and you provide it at your discretion.

You have the right to withdraw your consent at any time, but this will not affect the lawfulness of any data processed with your consent prior to your withdrawal.

Information Retention

  • We will keep all account types and information kept in those profiles, as well as all additional needs data, for a period of 3 years after the end of the active registration.
  • Any payment related information will be kept for a period of 7 years.

  • For direct marketing: for as long as you are in agreement. You control when to stop receiving these communications with the unsubscribe option.

Recipients of your personal information

For these purposes British Council will share your personal information with the following organisations, which all act as Data Processors and will process your personal data on our behalf, under our contractual instructions

  • For the design and development of our English Online platform and mobile app: Compas3.
  • For marketing communications: Hubspot.
  • For customer management: Salesforce.
  • For sending feedback reviews: TrustPilot
  • To facilitate your payment of the course: we use Stripe and other local payment processors, where applicable. Payments by credit or debit card are processed immediately via the Payment Processor over a secure link and the British Council does not see or hold any credit card details.
  • For service-related communications and our internal administration: British Council corporate Microsoft 365 Suite.

Where your course is sponsored by another organisation , for example your employer, we will share your course information with them, as part of our contractual agreement to deliver your English course.

Other than for the purposes mentioned herein, your personal information will not be shared outside the British Council without your explicit permission.

International Transfers of Data

In order to achieve the necessary purposes outlined above, your personal information will be securely transferred and stored in the following locations: Ireland (Compas3 hosting), EU (MS365 Data Centres), UK (STRIPE), HubSpot and Salesforce (USA), South Korea and India (local payment processors for local payment transactions only).

In order to achieve the necessary purposes outlined above, your personal information will be securely transferred and stored in the following locations: Ireland (Compas3 hosting), European Union (Microsoft Data Centres), Denmark (TrustPilot) United Kingdom (Stripe), United States (HubSpot and Salesforce), South Korea and India (local payment processors for local payment transactions only).

Some of our corporate service providers are located outside of the UK/ European Economic Area (EEA). When personal data is transferred to locations which are not deemed to have an adequate level of protection under the General Data Protection Regulation (GDPR), we have put in place the Standard Contractual Clauses approved by the European Commission and the International Data Transfer Addendum issued by the UK Information Commissioner. 

Data Protection Statement and Your Rights

The British Council complies with the UK Data Protection Act 2018 incorporating the UK GDPR as retained version of the General Data Protection Regulation EU 2016/679, and data protection laws in other countries that meet internationally accepted standards.

You have the right to ask for a copy of the information we hold on you, and the right to ask us to correct any inaccuracies in that information. If you have concerns about how we have used your personal information, you also have the right to complain to a privacy regulator.

For further detailed information about your rights, how to raise a complaint and how we process personal information, please refer to the Data Protection section of our website Data protection | British Council.

We are here to help

Get in touch with our Customer Support Team with any questions you may have.

Contact us