Privacy Policy

Edit Article

Last Updated: 27 January 2026

  1. introduction

    1. This Privacy Policy is provided by Global Admission Services, a company registered in England and Wales under company number: 07259338 with registered office 22 St John Street, Newport Pagnell, Buckinghamshire, United Kingdom, MK16 8HJ (‘we’, ‘our’ or ‘us’) for use of our websites, services, web and mobile applications www.globaladmissions.com (Services).

    2. This privacy policy (together with the terms and conditions) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by Global Admissions (UK). Please read the following carefully to understand our policy regarding your personal data and how we will treat it.

    3. We know you ("you" or the "User") care about how your personal information is used and shared – and we take your privacy seriously.

    4. This Privacy Policy describes and governs our practices regarding the collection, processing and usage of information we collect from Users (Personal Data). Personal Data we collect from Users is used, disclosed and protected according to this Privacy Policy. It also explains your rights in relation to your personal data and how to contact us or the relevant regulator in the event you have a complaint. Our collection, storage, use and sharing of your personal data is regulated by law, including under the UK General Data Protection Regulation (UK GDPR).

    5. By using or accessing the Service in any manner, you acknowledge that you accept the practices and policies outlined in this Privacy Policy, and you hereby agree that we may collect, use, and share your information as set forth below. For purposes of this Privacy Policy, the term "includes" or "including" mean including without limitation.

  2. Data collection

    1. UK GDPR distinguishes between organizations that process Personal Data for their own purposes (data controllers) and organizations that process personal data on behalf of other organizations or individuals (data processors). If you have any questions or complaints about how your Personal Data is handled, these should always be directed to the relevant data controller since they are the ones with primary responsibility for your Personal Data.

    2. We may act as either a data controller or a data processor with respect to your Personal Data, depending on the circumstances. We will be a data controller of any information you submit to us in order to create a User account or an Organiser account. However, once a User submits Personal Data to an Organiser in conjunction with use of the Services, Global Admissions becomes a data processor with respect to the Organiser Collected Personal Data.

  3. Consent

    1. We only collect, use, and share your personal data when we have a lawful basis to do so. In many cases, this will be based on your explicit consent.

    1. When We Ask for Your Consent

      1. We will request your consent before processing your data for any of the following purposes:

        1. Sending you promotional emails or newsletters

        2. Sharing your contact details with universities or third parties for marketing or follow-up

        3. Using cookies or similar tracking technologies

        4. Allowing our AI assistant to access your profile and applications for personalised support

        5. Collecting and processing special categories of personal data, if applicable

      2. You will be given the option to provide or withhold consent at the point of data collection (e.g., during account creation, event signup, chatbot use, or through a cookie banner).

    2. Withdrawing Consent

      1. You may withdraw your consent at any time by:

        1. Adjusting your communication preferences in your account settings

        2. Opting out via links in our emails

        3. Contacting our support team directly

      2. Please note that withdrawing consent will not affect the lawfulness of any processing carried out before your withdrawal.

    3. Mandatory vs. Optional Consent

      1. Some types of data processing are required to deliver our core services (such as processing your university application). In these cases, your consent is not optional, and if you do not provide the required data, we would not be able to provide the service.

      2. Other types of data use (such as receiving promotional updates or enabling chatbot personalization) are optional, and you can opt out at any time without affecting your access to core services.

  4. Personal Data We Collect About You

Category of data

In more detail

Identity and account data you input into the Services

Registration is mandatory in order to use the Services

  • Your name;

  • email address;

  • residential address

  • telephone numbers;

  • Passport number;

  • Academic results; and

  • Your account details, such as username and password

Data collected when you use specific functions in the Services

Data you store online with us using the Services including your usage history or preferences (while such data may not always be personal data as defined at law in all cases we will assume it is and treat it in accordance with this policy as if it were)

  • Information which you provide to us from any of the input areas within the website.

  • Information which you provide to us by any means.

  • Information which you provide to us in connection with your application, which will be handled in accordance with this privacy policy and our data protection statement, which forms part of the declaration.

  • If you contact us, we may keep a record of that correspondence.

Other data the Services collects automatically when you use it

  • Your activities on, and use of, the Services which reveal your preferences, interests or manner of use of the Services and the times of use

Data collected when you make an enquiry with us

Your name and email address, we may keep a record of that correspondence.

  1. If you do not provide personal data we ask for where it is required, including the geo-localisation services, it may prevent us from providing services and/or the Services to you.

  2. We collect and use this personal data for the purposes described in the section ‘How and why we use your personal data’ below.

  1. Sensitive Data

Certain Personal Data we collect is treated as a ‘special category’ to which additional protections apply under data protection law. This is also known as ‘Sensitive Data’. When we process such Sensitive Data, we will also ensure we are permitted to do so under data protection laws, and any such data will be collected on the basis of your consent.

  1. Sensitive personal data (also known as special category data) means information related to personal data revealing racial or ethnic origin; political opinions; religious or philosophical beliefs; trade union membership; genetic data; biometric data (where used for identification purposes); data concerning health; data concerning a person’s sex life; and data concerning a person’s sexual orientation.

We may collect sensitive personal data or information about you from your Passport. We may also, on occasion, be required to undertake a check of your identity. This will be conducted in confidence. We will normally discuss this with you prior to carrying out any identity checks except as set out in our data protection statement.

  1. How your personal data is collected

    1. We collect personal data from you directly when you sign up to the Services, contact us directly, make submissions via the Services, or indirectly, such as your activity while using the Services.

    2. At this point in time, we do not collect any personal information about you using cookies or similar technologies. We may collect information about your computer, including where available your IP address, operating system and browser type. This is statistical data about our users' browsing actions and patterns, and does not identify you as an individual. In the event that this were to change and if we were to decide to collect personal data about you using cookies, you would be notified of this change by means of in-app notification, with detailed information regarding our use of cookies and similar technologies to be made available in the relevant cookies policy.

  2. How and why we use your personal data

    1. Under data protection law, we can only use your personal data if we have a proper reason, e.g.:

      1. where you have given consent

      2. to comply with our legal and regulatory obligations

      3. for the performance of a contract with you or to take steps at your request before entering into a contract, or

      4. for our legitimate interests or those of a third party

A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests. We will carry out an assessment when relying on legitimate interests, to balance our interests against your own. You can obtain details of this assessment by contacting us (see ‘Contacting Us’ below).

The table below explains what we use your personal data for and why.

What we use your personal data for

Our reasons

Create and manage your account with us

To perform our contract with you or to take steps at your request before entering into a contract

Providing services and/or the functionalities of the Services to you

Depending on the circumstances:

  • to perform our contract with you or to take steps at your request before entering into a contract (in this case, the contract means the Terms and Conditions of Use which apply to the Services)

  • to process your application.

  • to ensure that content from our website is presented in the most effective manner for you and for your computer.

  • to keep you informed (with your consent) by electronic means, or other means, of information about specific funding, sponsorship opportunities or services and products that we think may be of interest to you.

  • to provide you (unless you object) with general information relevant to students.

To enforce legal rights or defend or undertake legal proceedings

Depending on the circumstances:

  • to comply with our legal and regulatory obligations

  • in other cases, for our legitimate interests or those of a third party, i.e. to protect our business, interests and rights or those of others

Communications with you not related to marketing, including about changes to our terms or policies or changes to the Services or service or other important notices

Depending on the circumstances:

  • to comply with our legal and regulatory obligations

  • in other cases, for our legitimate interests or those of a third party, i.e., to provide the best service to you

Protect the security of systems and data

To comply with our legal and regulatory obligations we may also use your personal data to ensure the security of systems and data to a standard that goes beyond our legal obligations, and in those cases our reasons are for our legitimate interests or those of a third party, i.e., to protect systems and data and to prevent and detect criminal activity that could be damaging for you and/or us

Operational reasons, such as improving efficiency, training, and quality control or to provide support to you

  • For our legitimate interests or those of a third party, i.e., to be as efficient as we can so we can deliver the best service to you

  • to notify you about changes to our service.

Statistical analysis to help us manage our business, e.g., in relation to our performance, customer base, app and functionalities and offerings or other efficiency measures

For our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can deliver the best service to you and improve and develop our app

Updating and enhancing user records



Depending on the circumstances:

  • to perform our contract with you or to take steps at your request before entering into a contract (in this case, the contract means the Terms and Conditions of Use which apply to the Services)

  • to comply with our legal and regulatory obligations

  • where neither of the above apply, for our legitimate interests or those of a third party, eg making sure that we can keep in touch with our customers about their accounts and new products or functionalities related to the Services and our services

To comply with our legal and regulatory obligations

Depending on the circumstances:

  • to perform our contract with you or to take steps at your request before entering into a contract (in this case, the contract means the Terms and Conditions of Use which apply to the Services)

  • to comply with our legal and regulatory obligations

where neither of the above apply, for our legitimate interests or those of a third party, e.g. making sure that we can keep in touch with our customers about their accounts and new products or functionalities related to the Services and our services

See ‘Who we share your personal data with’ for further information on the steps we will take to protect your personal data where we need to share it with others.

  1. Marketing

    1. We intend to send you email marketing to inform you of our services such as promotions.

    2. We will always ask you for your consent before sending you marketing communications, except where you have explicitly opted-in to receiving email marketing from us in the past or except where you were given the option to opt-out of email marketing when you initially signed up for your account with us and you did not do so.

    3. You will have the right to opt out of receiving marketing communications at any time by:

      1. contacting us at [email protected]

      2. using the ‘unsubscribe’ link included in all marketing emails you may receive from us

    4. We will always treat your personal data with the utmost respect and never sell or share it with other organisations for marketing purposes.

  2. Who we share your personal data with

    1. We routinely share personal data with service providers we use to help us run our business or provide the services or functionalities in the Services, including developers, cloud storage providers.

    2. We only allow service providers to handle your personal data if we are satisfied they take appropriate measures to protect your personal data. We also impose contractual obligations on service providers to ensure they can only use your personal data to provide services to us and to you.

    3. We or the third parties mentioned above may occasionally also need to share your personal data with:

  1. institutions staff which:

    1. you have previously or currently attend as a student; or

    2. you are making an application to attend for further or higher education as indicated in your application (either directly or through a third party on your behalf). This may include cross-border transfer depending on your location and the university you are applying to.

  2. external auditors, e.g. in relation to the audit of our accounts and our company —the recipient of the information will be bound by confidentiality obligations

  3. professional advisors (such as lawyers and other advisors)—the recipient of the information will be bound by confidentiality obligations

  4. law enforcement agencies, courts or tribunals and regulatory bodies to comply with legal and regulatory obligations

  5. other parties in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency - usually, information will be anonymised but this may not always be possible, however, the recipient of the information will be bound by confidentiality obligations

If you would like more information about who we share our data with and why, please contact us (see ‘How to contact us’ below).

We will not share your personal data with any other third party.

  1. How long your personal data will be kept

    1. We will keep your personal data for as long as you have an active account with us and for a period of up to 7 years thereafter if you enrol at a University through our Service to comply with any accounting or legal obligations including in the event of the pursuit or defence of legal claims. For inactive or incomplete accounts, data is typically deleted after 12 months.

    2. Once you have closed your account with us, we will move your personal data to a separate database so that only key stakeholders in our business on a ‘need to know basis’ have access to such data.

    3. Following the end of the aforementioned retention period, we will delete or anonymise your personal data.

  2. Chatbot & AI Features

    1. What Data We Collect

      1. When you use our on-site chatbot, we process any text you enter (for example, questions about programs, or general inquiries). We also collect limited technical data -such as your IP address, browser type, and timestamps -for security, performance monitoring, and to improve our chatbot experience.

      2. All AI-generated responses are for informational purposes and provide recommendations only. Final admission and enrolment decisions are made exclusively by human representatives of the University.

    2. Notice at Signup

      1. You'll be informed that any chat conversations may be reviewed by our support team. You will also be asked whether you want the AI to access your profile, saved programs, and applications to provide personalised recommendations - or you can decline and still use the chatbot.

    3. How We Use That Data

      1. Your input is sent to a third-party AI provider (e.g., OpenAI, Anthropic) to generate an immediate response.

      2. We store full chat transcripts so that our support team can review them for quality, troubleshooting, and service improvement and provide support. Anonymised logs may also be used for broader debugging and performance analysis.

    4. Third-Party AI Providers

      1. We use OpenAI to power our chatbot. That provider may process and temporarily cache your inputs for the purpose of generating an answer. Under our current agreement, OpenAI does not store or use these inputs for model training. Learn more at OpenAI's Data Controls page: https://platform.openai.com/account/data-controls .

    5. Your Choices & Controls

      1. You may choose to allow AI to access your profile, saved programs, and applications to provide personalised recommendations. You can turn off anytime from your account settings, and don't need to share access to use the AI.

    6. Disable Chatbot Entirely

      1. If you do not wish to use our chatbot, simply do not click the chat icon. No data is ever collected unless you initiate a conversation.

    7. Delete Chat History

      1. You may clear your chatbot history at any time by clicking. Account Settings → Chatbot History → Delete All.

    8. Security & Retention

      1. We encrypt all data in transit using TLS.

      2. Chat transcripts are stored for training purposes and may be accessed by our support agents to help you. You can delete your conversations at any time here.

      3. If you request data deletion, all personal identifiers linked to your chat inputs will be removed within 30 days.

  3. Transferring your personal data out of the UK

    1. As part of providing the Services, we may share your personal data with third parties based outside of the UK. These facilities are either operated by Global Admissions, or our third-party providers. By using the Service, you are consenting to have this data stored, transferred and processed according to this Privacy Policy. Personal Data collected will be primarily stored at hosting facilities located in the USA.

    2. Global Admissions is a global company. Subject to applicable laws, we may transfer your Personal Data to any GA affiliate worldwide when processing that data for the purposes described in this Privacy Policy. We may also transfer your Personal Data to our third party service providers, who may be located in a country or area outside the European Economic Area ("EEA").

Under UK data protection laws, we can only transfer your personal data to a country outside the UK where: the UK government has decided the particular country ensures an adequate level of protection of personal data (known as an ‘adequacy regulation’) further to Article 45 of the UK GDPR; there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for you; or a specific exception applies under relevant data protection law. Accordingly, if we were to start transferring your personal data from the UK to:

  • The EEA: we would rely on the adequacy finding granted by the UK to the EU under the Withdrawal Agreement to do; for any transfers from the EU to the UK, we would rely on the adequacy regulation granted to the UK under the Adequacy Decision.

  • Any country located outside the UK/EEA: we would rely on appropriate safeguards under the UK GDPR, such as by relying on an Adequacy Decision being in place for that country, or entering into an International Data Transfer Agreement.

In the event we choose not to continue to rely on either of those mechanisms at any time we would not transfer your personal data outside the UK unless we could do so on the basis of an alternative mechanism or exception provided by UK data protection law.

  1. Public Disclosure

    1. We will disclose your Personal Data to the public only under the following circumstances:

      1. you have explicitly authorised us to disclose your Personal Data;

      2. disclosing your Personal Data is in the interest of national security; public health, or another major public interest;

      3. your Personal Data is relevant to any criminal investigation, prosecution, judgment, or enforcement;

      4. disclosing your Personal Data is necessary to protect yours or another individual's life, property or other major lawful right;

      5. Personal Data is disclosed voluntarily by you to the public;

      6. Personal Data is collected from public channels, such as news reports or from public government documents.

    2. Pursuant to applicable laws, sharing and transfer of aggregated data which cannot be recovered by the recipient to re-identify individual Personal Data does not constitute sharing, transfer and disclosure of Personal Data, and therefore it may be stored and processed without notice to you and without your consent.

  2. Other Websites

    1. The website may contain links that make it easy for you to visit other websites. Global Admissions does not have any control over these websites. Therefore, if you use these links to leave Global Admissions and visit websites operated by third parties, Global Admissions cannot be responsible for the protection and privacy of any information that you provide whilst visiting these websites.

  3. Minors

    1. We do not knowingly collect or solicit personal information from anyone under the age of 16. If you are under 16, please do not attempt to register for the Service or send any personal information about yourself to us. If we learn that we have collected personal information from a child under 16, we will delete that information as quickly as possible. If you believe that a child under 16 may have provided us with personal information, please contact us on our support center .

  4. Requesting or Amending Information

    1. You may request for us to provide you with details of personal information that we hold about you by contacting us.

    2. To the extent you have authorised us to collect and process your Personal Data, you may withdraw that authorization by deleting information, turning off device functions, or changing privacy settings on our website or in our software. You may also stop using the Service so that we cannot continue collecting your Personal Data. Please note that some parts of the Service may not function properly if you remove our authorization to collect your Personal Data. For any Personal Data that you have authorised the Organisers directly, you should contact the Organisers to withdraw such authorization.

    3. If you request us to do so we will make changes or remove the information that we hold about you. We will change certain limited information that we hold about you where you tell us it is incorrect.

  5. Your rights

You generally have the following rights, which you can usually exercise free of charge. For more information regarding these rights, please visit the ICO website here.

Access to a copy of your personal data

The right to be provided with a copy of your personal data.

Correction (also known as rectification)

The right to require us to correct any mistakes in your personal data.

Erasure (also known as the right to be forgotten)

The right to require us to delete your personal data—in certain situations.

Restriction of use

The right to require us to restrict use of your personal data in certain circumstances, e.g. if you contest the accuracy of the data.

Data portability

The right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations.

To object to use

The right to object:

  • at any time to your personal data being used for direct marketing (including profiling)

  • in certain other situations to our continued use of your personal data, e.g. where we use you personal data for our legitimate interests.

Not to be subject to decisions without human involvement

The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you

We do not make any such decisions based on data collected by the Website.

For further information on each of those rights, including the circumstances in which they do and do not apply, please contact us (see ‘How to contact us’ below). You may also find it helpful to refer to the guidance from the UK’s Information Commissioner on your rights under the UK GDPR.

If you would like to exercise any of those rights, please contact us—see below: ‘How to contact us’. When contacting us please:

  1. provide enough information to identify yourself (e.g., your full name and username) and any additional identity information we may reasonably request from you, and

  2. let us know which right(s) you want to exercise and the information to which your request relates

  1. Keeping your personal data secure

We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.

  1. How to complain

Please contact us if you have any queries or concerns about our use of your information (see below ‘How to contact us’). We hope we will be able to resolve any issues you may have.

You also have the right to lodge a complaint with the Information Commissioner.

The Information Commissioner can be contacted at https://ico.org.uk/make-a-complaint or telephone: 0303 123 1113.

  1. Changes to this Privacy Policy

    1. We may change this privacy policy from time to time. When we make significant changes we will take steps to inform you, for example via the Services or by other means, such as email.

    2. If we intend to use any Personal Data in any manner that is not consistent with this Privacy Policy, you will be informed of such anticipated use prior to or at the time the Personal Data is collected, and we will obtain your consent for any such use. You can also disable the consent by contacting us on our support center or from your settings.

  2. Contacting Us

    1. If you have any questions or concerns regarding our privacy policies, please send us a detailed message through our support center .

    2. If you have questions, concerns, or complaints about how your personal data is handled, or if you would like to exercise your privacy rights, you may contact our Data Protection Officer (DPO) or designated privacy representative:

    3. Email: [email protected]