Terms, Policies & Agreements
These terms & policies explain our legal relationship with you in relation to all OSC Courses and study resources.
If you are attending an at-location course, please take a look at your course’s separate Addendum, by clicking here.
- OSC Courses Terms of Service
- OSC Courses Parental Consent
- OSC Courses Refund Policy
- OSC Study App Terms of Service
- OSC Study App Parental Consent
- KCSIE Compliance
- EU – US Privacy Shield and Swiss – US Privacy Shield
- General Data Protection Regulations (GDPR)
- Cookies Policy
EU – US Privacy Shield and Swiss – US Privacy Shield
Pamoja Education Ltd (“PJE”) respects individual privacy and values the confidence of its customers, employees, consumers, business partners and others. PJE strives to collect, use and disclose personal information in a manner consistent with the laws of the countries in which it does business, and prides itself on upholding the highest ethical standards in its business practices. This EU-US Privacy Shield and Swiss – US Privacy Shield Policy (the “Policy”) sets forth the privacy principles that PJE and its parent companies follows with respect to personal information transferred from the European Union (EU), the United Kingdom (UK) and / or Switzerland to the United States.
The United States Department of Commerce and the European Commission and the Swiss Administration, respectively, have agreed on a set of data protection principles and frequently asked questions (the “Privacy Shield Framework”) to enable U.S. Companies to satisfy the requirement under European Union and Swiss law that adequate protection be given to personal information transferred from the EU and Switzerland to the United States. Consistent with its commitment to protect personal privacy, PJE adheres to the Privacy Shield Principles.
This Privacy Shield Policy (the “Policy”) applies to all personal information received by ManageBac in the United States from the European Economic Area and the United Kingdom, and Switzerland, respectively, in any format including electronic, paper or verbal.
For purposes of this Policy, the following definitions shall apply:
“Personal information” means any information or set of information that identifies or is used by or on behalf of PJE to identify an individual. Personal information does not include information that is encoded or anonymized, or publicly available information that has not been combined with non-public personal information.
“Sensitive” means personal information that reveals race, ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, or trade union membership, or that concerns an individual’s health. In addition, PJE will treat as sensitive personal information any information received from a third party where that third party treats and identifies the information as sensitive.
Notice and Choice
PJE enters into Service Agreements with its Clients in the United States, European Union and the United Kingdom, and Switzerland which may include the processing and/or storage of information relating to their Clients’ customers (students, parents and staff). In these agreements, the Client agrees and recognizes that it is the ‘data controller’ for the purposes of data protection legislation. This means that our US, EU, UK and Swiss Clients are responsible for complying with the data protection legislation in the relevant Member State, US and Switzerland national law before it sends its customer data to PJE for processing and/or storage. This includes informing individuals about the choices and means they offer individuals for limiting the use and disclosure of their personal data. In order to exercise their rights under this principle, the individual must reach out to the Supplie. Any data processed or stored by PJE is only disclosed to third parties at the request and direction of its European, US and Swiss Client as the data controller, in accordance with the choices made by the individuals to whom such personal information relates, or when required by law. Any information that our EU, US and Swiss Clients identify as sensitive will be treated as such.
PJE has a Compliance Manager who is responsible for the internal supervision of PJE privacy policies. PJE also has technicians to handle data security. PJE continuously educates its employees about compliance with the Data Protection Act 2018, the Privacy Shield Principles and has self-assessment procedures in place to ensure its compliance. PJE with its affiliates and parent companies participates in both GDPR in the UK and the EU – the amended US Privacy Shield Framework according to the Schrems II decision and revised standard contractual clauses put in place to enhance security of data transport.
Information Gathering and Usage:
PJE will take reasonable precautions to protect personal information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction.
We use the information provided and that we collect to improve the content and quality of the Service, error correction, improving our marketing, and for administrative purposes.
Your use of the Service results in collection of audit log records, which are collected through third party solutions. These facilitate providing the Service, through web hosting companies or by using analytics providers. This allows us to monitor system and application performance, to track usage activity and to enable our support team to provide you with a professional standard of service when you have any issue.
In the course of providing the Service, we use the information provided to:
- Process account registration and enrolment;
- Organise curriculum, activity and assessment information;
- Compile academic histories and formal academic records;
- Aggregate, collect and input details of your academics into our system for central management;
- Present information entered to other logged in users provided Parental Consent is provided when applicable;
- Monitor system performance and collect aggregate analytics;
Access Personal Data
If your personal information changes, you are able to login to keep it up to date by changing your profile. If you no longer wish to receive the Service or if you find that information on the Website is not accurate and you cannot update it, please inform PJE in the first instance. You may email us at firstname.lastname@example.org if you continue to have concerns. If you do not receive a response to your email to us within 7 days please call us or write to
Pamoja Education Ltd
Data Protection Officer
Postal Mail: Building 9400, Sir Alec Issigonis Way, Oxford. OX4 2HN.
PJE shall bear liability in cases of onward transfer.
PJE will conduct compliance audits of its relevant privacy practices to verify adherence to this Policy. Any employee that PJE determines is in violation of this policy will be subject to disciplinary action up to and including termination of employment. PJE is subject to the investigatory and enforcement powers of the Information Commisioner’s Office (ICO).
Contact information for the Information Commissioner’s Office in your member state is available here: https://ico.org.uk
Contact information for the European Data Protection Authorities (DPAs) in your member state is available here: https://edpb.europa.eu/about-edpb/board/members_en.
Contact information for the Swiss Federal Data Protection and Information Commissioner is available here: https://www.edoeb.admin.ch/?lang=en
Client Data Storage:
PJE complies with the Information Commissioner’s Office’s guidance regarding the collection, use, and retention of data from the European Union, United Kingdom, and Switzerland.
Pamoja Education Ltd
Data Protection Officer
Postal Mail: Building 9400, Alec Issigonis Way, Oxford. OX4 2HN
To learn more about the Data Protection Act 2018 and the ICO implementation of the GDPR please visit: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/