We implement and maintain procedures and technology which are designed to protect personal data from being accidentally lost or used without permission. We ensure that the contracts with our Sub-processors impose reasonable technical and organisational measures to safeguard personal data.

Where our or our Sub-processors’ processing of personal data involves a cross-border data transfer, we rely on a combination of data transfer mechanisms, including the ICO International Data Transfer Agreement, ICO International Data Transfer Addendum to the EU Standard Contractual Clauses, and/or the EU Standard Contractual Clauses.

Sometimes we engage other companies to provide services to us which help us to deliver the services to you. These may be secure payment providers such as Stripe, or email platforms such as Sendgrid. These are our Sub-processors. The current list of Sub-processors is available here: https://www.discoveryeducation.co.uk/subprocessor/