Privacy Policy
Your privacy is important to us. This policy outlines how we collect, use, and protect your personal information.
Last updated: February 2026
1. Introduction
The St. Gabriel's Pre-University ("we," "our," or "us") is committed to protecting the privacy and personal data of our students, prospective students, parents/guardians, staff, and website visitors. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, apply for admission, or interact with our institution.
This policy complies with Indonesian data protection regulations (UU PDP No. 27/2022 - Personal Data Protection Law) and international best practices for educational institutions.
2. Information We Collect
We collect the following categories of personal information:
Personal Identification Data: Full name, date of birth, nationality, passport/ID number, photographs, and gender.
Contact Information: Email address, phone number, mailing address, and emergency contact details.
Academic Records: Previous educational transcripts, certificates, test scores (IELTS, TOEFL), and academic references.
Application Data: Program preferences, personal statements, financial information for scholarship applications, and admission-related correspondence.
Website Usage Data: IP address, browser type, pages visited, time spent on pages, and cookies/tracking technologies as described in our Cookie Policy.
Communication Records: Emails, chat messages, phone call records, and feedback/survey responses submitted through our platforms.
3. How We Use Your Information
We use your personal information for the following purposes:
Admission Processing: To evaluate and process your application for enrollment in our programs.
Academic Administration: To manage student records, track academic progress, issue certificates, and maintain educational standards.
Communication: To send important updates about programs, schedules, events, and institutional announcements.
Certificate Verification: To enable employers and institutions to verify the authenticity of certificates issued by our institution.
Improvement of Services: To analyze website usage patterns and improve our educational offerings and user experience.
Legal Compliance: To comply with applicable laws, regulations, and accreditation requirements.
Marketing (with consent): To send promotional materials about our programs and events, only with your explicit consent.
4. Information Sharing & Disclosure
We may share your personal information with:
Partner Universities: University of Bolton, ATHE, and other academic partners for credit transfer, degree validation, and joint program administration.
Accreditation Bodies: Ofqual and relevant regulatory authorities for quality assurance and accreditation purposes.
Government Authorities: Indonesian immigration (for student visa processing), education ministry, and tax authorities as required by law.
Service Providers: Third-party vendors who assist with IT services, payment processing, and communication platforms, bound by strict confidentiality agreements.
We do NOT sell, rent, or trade your personal information to third parties for marketing purposes.
5. Data Security
We implement appropriate technical and organizational measures to protect your personal data, including:
Encryption: All data transmitted through our website is encrypted using SSL/TLS technology.
Access Controls: Personal data access is restricted to authorized personnel on a need-to-know basis.
Secure Storage: Student records and certificates are stored in secure, encrypted databases with regular backups.
Staff Training: All staff members receive regular training on data protection and privacy best practices.
Incident Response: We maintain a data breach response plan and will notify affected individuals and authorities within 72 hours of discovering a breach, as required by Indonesian law.
6. Data Retention
We retain personal data for the following periods:
Student Academic Records: Permanently retained for certificate verification and academic reference purposes.
Application Data (unsuccessful): Retained for 2 years after the application decision, then securely deleted.
Website Usage Data: Retained for 12 months for analytics purposes.
Communication Records: Retained for 3 years for quality assurance and dispute resolution.
Financial Records: Retained for 10 years as required by Indonesian tax regulations.
You may request early deletion of your data where retention is no longer necessary, subject to legal and regulatory requirements.
7. Your Rights
Under Indonesian data protection law (UU PDP), you have the following rights:
Right of Access: You may request a copy of the personal data we hold about you.
Right of Rectification: You may request correction of inaccurate or incomplete personal data.
Right of Deletion: You may request deletion of your personal data, subject to legal retention requirements.
Right to Restrict Processing: You may request that we limit how we use your data in certain circumstances.
Right to Data Portability: You may request your data in a structured, machine-readable format.
Right to Withdraw Consent: Where processing is based on consent, you may withdraw consent at any time.
Right to Lodge a Complaint: You may file a complaint with the relevant Indonesian data protection authority.
To exercise any of these rights, please contact our Data Protection Officer at the contact details provided below.
9. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Data Protection Officer The St. Gabriel's Pre-University CBD Pluit A20, Penjaringan, North Jakarta, Indonesia
Email: [email protected] Website: https://stgcollege.id Office Hours: Monday - Friday, 08:00 AM - 06:00 PM (WIB)
This Privacy Policy was last updated on February 2026. We reserve the right to update this policy at any time. Changes will be posted on this page with an updated revision date.