AAA Eureka MBITT SKE - Data Processing for Subject Knowledge Enhancement (SKE) Programmes (Privacy Policy)


Version: 3.0


Eureka Online College – SKE Course Delivery
Last updated: September 2025


Introduction

Eureka Online College delivers Subject Knowledge Enhancement (SKE) courses on behalf of MBITT, under the Department for Education (DfE) programme. We are committed to protecting your personal data and being transparent about how we use it.


This notice gives you a clear summary of how we collect, use, and protect your information when you apply for or take part in an SKE course.


Who We Are

We work in partnership with MBITT, a DfE-approved framework provider, to deliver SKE courses. The Department for Education (DfE) is the Data Controller, and Eureka Online College acts as a data sub-processor, handling information on behalf of MBITT and the DfE.


If you apply for an SKE course through AAA Eureka MBITT SKE, your information will be processed in line with our contract and the DfE’s service specification.


What Information We Collect

We may collect and process the following types of information:


  • Contact details (name, email, date of birth, phone number)
  • Eligibility evidence (e.g. ITT offer, ID, degree certificate)
  • Course progress, engagement, and assignment data
  • Feedback and support records
  • Bank details (if bursary payments apply)
  • Website usage data (e.g. anonymous analytics)


This information may be provided directly by you, or by your ITT provider (e.g. when confirming eligibility or course status). You may also choose to upload non-essential data to our systems (e.g. a profile image), which is done voluntarily.


Why We Collect It

We use this data to:


  • Check your eligibility for SKE funding
  • Deliver your SKE course and monitor your engagement
  • Process bursary payments (where applicable)
  • Provide support and maintain training records
  • Fulfil DfE and ITT reporting requirements
  • Support audit and assurance checks


We do not use your data for marketing purposes, and we do not sell or share your data with third parties for commercial reasons.


How We Keep Your Data Safe

We use secure, access-controlled platforms such as:


  • Google Drive and Dropbox (for document storage)
  • Moodle (for course delivery and engagement tracking)
  • Typeform or similar tools (for applications and eligibility)
  • GalaxKey (for encrypted communication with the DfE)


Tutors and support staff only access the data they need to carry out their roles. All systems are reviewed regularly for compliance and security.


Your Rights

Under UK GDPR, you have the right to:


  • Access the personal data we hold about you
  • Ask us to correct incorrect or incomplete information
  • Request deletion of certain records (where appropriate)
  • Object to or restrict how your data is used


You can contact Eureka Online College directly for queries or requests relating to your data at:

EurekaMail@SKEonline.co.uk


If your request relates to formal data access or broader data rights, you should contact the Department for Education (Data Controller) at:


SKE.INBOX@education.gov.uk


We will advise you if a request needs to be handled by the DfE, and will support the process if needed.


How Long We Keep Your Data

We retain most records for up to 7 years, in line with funding and audit requirements. Some system access records (e.g. Moodle) may be deleted earlier.


For full details, please see our Data Retention Policy


How to Raise a Concern or Make a Complaint

If you have a course-related concern (e.g. about your SKE experience or tutor support), please refer to our Complaints Policy for how to raise this with us.


If you have a concern about how your personal data has been handled, you can email Eureka Online College at EurekaMail@SKEonline.co.uk for clarification or to request a correction.


However, if your concern relates to a potential data breach, serious misuse of data, or a rights-based issue under UK GDPR, you should raise this directly with the Department for Education (DfE) as the data controller:


SKE.INBOX@education.gov.uk


Our Full Policies


To view our full data and course-related policies, click below:


This policy section will be reviewed annually and updated as necessary to reflect any changes in the DfE’s service specification, audit requirements, or contractual terms.