Introduction Core Privacy Posture
The Executive Summary: The House of Admissions operates on a Zero-Trust data model. We collect only what is strictly mandated for your university placement and UKVI compliance. We never sell, monetize, or trade your personal or financial information. You retain absolute sovereign rights over your data.
This Enterprise Privacy & e-Visa Policy dictates how the House of Admissions and Education Services ("HOA", "we", "us") secures, processes, and transmits your personal information during your engagement with our 100% free UK study abroad services.
Section 01 The Data Controller
The principal data controller legally responsible for the security of your information is:
Corporate Data Operations
Section 02 Data Categories Collected
To execute our high-level admissions processing, we classify and collect the following data points:
| Data Classification | Information Scope | Collection Method |
|---|---|---|
| Identity & e-Visa | Full legal name, DOB, passport biometrics, UKVI Share Codes, BRP history. | Direct submission, strict UKVI portal guidance. |
| Contact Vector | Encrypted email, registered WhatsApp, verified residential address. | Initial consultation & corporate forms. |
| Academic Archive | Official transcripts, IELTS/PTE certifications, proprietary SOP drafts. | Secure file transfer during processing. |
| Financial Mandate | 28-day bank statements, scholarship awards, maintenance fund proofs. | Required strictly for CAS & Visa compliance. |
| Technical Analytics | IP routing, OS environments, session interactions. | Automated via secure server logging. |
Sensitive Data Firewall: We do not actively mine special category data (e.g., medical TB test results). When you provide this explicitly to fulfill UKVI health mandates, it is firewall-protected and transmitted exclusively to the Home Office.
Section 03 Processing & Usage Directives
Your data is weaponized purely for your success. We leverage it exclusively to navigate the UK university admission and immigration labyrinth:
- Elite University Placement: Securing conditional and unconditional offers from top-tier institutions across England, Scotland, and Wales.
- UKVI Digital Compliance: Managing the 2026 digital e-Visa transition, generating secure share codes without retaining permanent access to your UKVI portal.
- Financial Vetting: Cross-referencing your documentation against the £1,529/£1,171 maintenance thresholds to protect partner universities from UKVI RAG penalties.
- Scholarship Procurement: Executing high-value scholarship applications (e.g., Chevening, GREAT).
The Ultimate Guarantee: We explicitly prohibit the sale, monetization, or third-party marketing distribution of your academic and financial records. Period.
Section 04 Legal Justification for Processing
Our operations align with robust international privacy frameworks, including GDPR principles:
| Legal Basis | Operational Application |
|---|---|
| Contractual Execution | Processing required to deliver the 100% free consultancy and SOP generation services you initiated. |
| Legitimate Interest | Maintaining cybersecurity, preventing document fraud, and protecting our UK university partners' compliance ratings. |
| Legal Obligation | Complying with binding UKVI immigration checks or legitimate regulatory audits by Nepali/UK authorities. |
| Explicit Consent | Deploying marketing analytics or promotional communications (which you may revoke instantly). |
Section 05 Strict Data Sharing Protocols
Data transmission is strictly compartmentalized. We route your sensitive information only to essential, authorized entities:
- UK Higher Education Institutions (HEIs): Application packets are sent directly to the admissions departments of your chosen universities.
- UK Home Office / UKVI: Financial and biographic data is submitted exclusively via secure UK government portals to secure your CAS and Student Visa.
- VFS Global: Identity data used strictly for scheduling mandatory biometric appointments in Nepal.
- UCAS: For centralized undergraduate processing.
All IT infrastructure providers (cloud hosting, encrypted email) are bound by severe non-disclosure and data processing agreements.
Section 06 Cookie & Tracking Governance
We respect your digital autonomy. You retain full control over non-essential tracking mechanisms. For an exhaustive inventory, refer to our Enterprise Cookie Policy.
| Protocol | Function | Override Status |
|---|---|---|
| Essential Core | Security, CSRF protection, active session states. | Locked (Mandatory) |
| Performance Analytics | Anonymized traffic metrics to optimize server loads. | User-Controlled |
| Marketing Vectors | Conversion tracking for Meta/Google lead generation. | Strict Opt-In Required |
Section 07 Retention & Destruction Protocols
We do not hoard data. Information is retained only as long as statistically necessary to ensure legal and immigration compliance:
- Application & Academic Records: Retained for 5 years post-application to satisfy university audit requirements.
- Financial & Maintenance History: 28-day banking records are wiped 1 year after successful visa issuance, minimizing risk exposure.
- General Inquiries: Purged 24 months from the last point of contact.
Upon expiration, digital footprints are cryptographically shredded, and physical copies are securely destroyed.
Section 08 Enterprise Security Measures
The House of Admissions deploys rigorous defense mechanisms to protect your documentation:
- In-Transit Encryption: Absolute enforcement of HTTPS (TLS 1.2+) across all digital interactions.
- Role-Based Access Control (RBAC): UK regional officers and Nepal counselors access only the specific data segments required for their active caseloads.
- Physical Perimeter Security: Hard-copy files in our Putalisadak and Pokhara offices are secured in biometric/key-locked archives.
- Rapid Incident Response: Immediate containment and 72-hour notification protocols in the highly unlikely event of a structural data breach.
Section 09 Your 8 Sovereign Data Rights
We guarantee your absolute control over your personal footprint. Submit requests to info@houseofadmissions.com. We execute all valid directives within 14 to 30 days, entirely free of charge.
Right of Access
Command a comprehensive export of all personal data currently held on our servers.
Right to Rectification
Mandate immediate corrections to any inaccurate academic or biographic records.
Right to Erasure
Execute the "right to be forgotten" and permanently purge your records (unless legally bound).
Right to Object
Instantly block data processing for marketing or specific profiling purposes.
Right to Restrict
Freeze all processing of your data while a dispute or accuracy check is finalized.
Right to Portability
Extract your data in a clean, machine-readable format (JSON/CSV) for transfer elsewhere.
Consent Revocation
Withdraw any prior consent seamlessly, without retroactive penalty to active processing.
Right to Complain
Escalate grievances to relevant national data protection or telecommunications authorities.
Section 10 International Data Transfers
To successfully execute a UK university application, data must structurally cross borders. The UK possesses an internationally recognized "Adequacy Decision" regarding data protection (UK GDPR & DPA 2018). When transmitting your file from Nepal to UK universities or UKVI servers, your data is instantly protected under the stringent legal shield of British law.
Section 11 External Web Portals
Our platform directs you to authoritative third parties (e.g., gov.uk, UCAS, Russell Group websites). The House of Admissions holds no jurisdiction over the privacy architectures of these external networks. You navigate them under their respective corporate policies.
Section 12 Safeguarding Minors
We enforce strict safeguarding policies. We do not knowingly harvest data from individuals under 16 without explicit, verified parental authorization. For applicants under the age of 18, a legal guardian must physically or digitally co-sign all processing consents prior to application launch.
Section 13 Policy Amendments
To remain compliant with shifting UKVI and international privacy legislations, Executive Management frequently reviews this framework. Critical updates will trigger direct notifications to active clients, ensuring total transparency regarding your digital footprint.
Section 14 Executive Contact
For DSR (Data Subject Rights) requests, UKVI compliance queries, or urgent security escalations:
Data Protection Officer (DPO)
Elite Placement. Uncompromising Security.
Manchester, Edinburgh, Queen's Belfast & 100+ universities. Experience a 100% free consultancy where your data privacy is fiercely defended.