Last updated: 16th June, 2025

Chase Business School (“CBS”, “we”, “us”) is committed to protecting your personal data and respecting your privacy. This Privacy Notice explains how we collect, use, store, and share your data, in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Chase Business School is an education provider based in the United Kingdom. For the purposes of data protection, we act as the “data controller.”

• Registered address: Queensbury House, 106 Queens Road, Brighton, BN1 3FX
• Email: privacy@chasebusinessschool.com
• Phone: 01273 094 611
• Data Protection Lead: Andy Woodrich

2. What Personal Data We Collect

We may collect and process the following personal data:

• Contact information: name, email address, phone number, postal address
• Account details: username, password, communication preferences
• Course application data: educational background, qualifications
• Purchase and subscription details: billing address, order history, subscription type
• Payment details (processed via Stripe secure gateway – we do not store full card details)
• Technical data: IP address, browser type, device info, cookie identifiers
• Marketing preferences and interaction history

3. How We Collect Your Data

We collect personal data when you:

• Create an account or enrol in a course
• Purchase or subscribe to services on our website (via WooCommerce and WooCommerce Subscriptions)
• Fill in forms, contact us, or sign up to newsletters
• Use our Moodle Learning Platform at https://moodle.chasebusinessschool.com
• Interact with us on social media platforms (Facebook, Instagram, LinkedIn)
• Engage with our marketing and communication platform (ActiveCampaign)
• Browse our website, which uses cookies and Google Analytics to improve performance and usability

4. How We Use Your Data

We use your information to:

• Process course enquiries, orders, and manage subscriptions
• Process payments securely using Stripe, including recurring billing for subscriptions. Stripe is certified to PCI Service Provider Level 1 — the most stringent level of certification available in the payments industry
• Deliver services via our Moodle Learning Platform and provide educational support
• Register you with the Chartered Management Institute (CMI) for certification and quality assurance
• Send account updates, service communications, and renewal reminders
• Provide customer support and respond to enquiries
• Analyse website usage and improve user experience
• Send marketing emails (only with your consent)

5. Lawful Bases for Processing

We process your personal data under the following lawful bases:

• Contract – to deliver the course or service you have enrolled in
• Consent – for sending marketing communications and optional tracking
• Legal obligation – to meet accreditation and regulatory requirements
• Legitimate interests – to enhance educational service delivery and ensure quality assurance

6. Sharing Your Data

We only share your data with:

• The Chartered Management Institute (CMI) for the purpose of registration, certification, and moderation
• Our service providers (e.g. WooCommerce, ActiveCampaign, Moodle, and secure payment processors)
• Legal authorities, if required by law
• Our secure payment processor Stripe, for handling card payments and recurring subscriptions. We do not store your full card details.

We do not sell your personal data to any third party.

7. Cookies and Website Analytics

We use cookies to provide core functionality and enhance performance:

• Essential cookies (e.g. WooCommerce cart/session)
• Analytics cookies (via Google Analytics)
• Marketing cookies (if you opt in)

See our Cookie Policy for more information. You can manage your preferences via your browser settings.

8. Data Retention

We only keep your data as long as necessary:

• Enrolment/course data: retained until course is completed, failed, or lapsed
• Moodle logs and assignment history: retained for up to 3 years for accreditation purposes
• Marketing and enquiry data: deleted after 12 months unless you opt in for continued communications

9. Your Rights

You have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data (in certain cases)
• Object to or restrict processing
• Withdraw consent at any time
• Lodge a complaint with the Information Commissioner’s Office (ICO)

10. Moodle Platform Usage

All course participation, assignment submissions, and tutor communication are managed via our Moodle Learning Platform (https://moodle.chasebusinessschool.com). Moodle activity may be monitored for quality assurance, moderation, and academic integrity purposes. Students must also comply with relevant legislation including:

• UK GDPR (2018)
• Copyright, Designs & Patents Act 1988
• Computer Misuse Act 1990
• Protection from Harassment Act 1997

11. Contact Us

For any privacy-related questions or requests, contact:

Andy Wudrich – Data Protection Lead, Chase Business School
privacy@chasebusinessschool.com