Who We Are
The International Computer Studies Academy ("ICSA", "we", "us", or "our") is an educational institute based in Kuwait, operating branches in Mahboula and Kuwait City. We provide professional IT training, language preparation, and internationally accredited diploma programs.
ICSA is the data controller responsible for the personal information you provide to us. We are committed to handling your data with care, transparency, and in accordance with applicable privacy laws in Kuwait.
By enrolling in an ICSA course, using our websites, or contacting us through any channel, you acknowledge that you have read and understood this Privacy Policy and consent to the data practices described herein.
Data We Collect
We collect personal information that is necessary for the administration, delivery, and improvement of our educational services. The categories of data we may collect include:
| Category | Examples | Purpose |
|---|---|---|
| Identity Data | Full name, date of birth, Civil ID / passport number | Enrolment, certification, identity verification |
| Contact Data | Phone number, email address, home address | Communication, scheduling, course updates |
| Academic Data | Course enrollments, attendance records, assessment results | Progress tracking, certificate issuance |
| Financial Data | Payment records, fee balances (no card details stored) | Billing, receipts, outstanding fee management |
| Usage Data | Website visits, page interactions, browser type | Site analytics, user experience improvements |
| Communications Data | Enquiry messages, support requests, feedback forms | Responding to queries, service improvement |
We do not intentionally collect sensitive personal data such as biometric data, health information, or religious beliefs unless specifically required for a particular program and with your explicit consent.
How We Collect Your Data
We collect personal information through a variety of channels in the course of providing our services:
- Enrolment forms — when you register for a course, program, or examination in person or online.
- Our websites — when you submit a contact form, make an enquiry, or interact with features on icsa.us or icsakuwait.com.
- Direct communication — when you contact us by phone, email, WhatsApp, or social media.
- Student portal — when you access or use the ICSA student management system at icsakuwait.com.
- Third-party sources — where applicable, from awarding bodies such as QUALIFI (UK) during certification processes.
- Cookies and analytics tools — automatically collected data about how visitors interact with our websites (see Section 06).
How We Use Your Data
We use your personal information only for legitimate, clearly defined purposes related to the delivery of education and management of our institute. Specifically, we use your data to:
- Process your course enrolment and confirm your registration with ICSA.
- Communicate important information regarding timetables, class changes, examination dates, and results.
- Issue course completion certificates, UK qualifications, and other academic credentials.
- Manage attendance records and track student progress throughout a program.
- Process payments, send invoices, and manage outstanding balances.
- Respond to enquiries, complaints, or requests made through any of our channels.
- Send informational updates about new courses, promotions, or institute news — only where you have consented.
- Improve our website, systems, and teaching services through aggregate analysis.
- Comply with our legal and regulatory obligations under Kuwaiti law.
We will never sell your personal data to third parties for commercial purposes, nor use it for any purpose that is incompatible with the educational services you enrolled in.
Data Sharing
ICSA does not sell, rent, or trade your personal data. We may share your information in limited and specific circumstances only:
- Awarding bodies — such as QUALIFI (UK) or other accreditation organisations, to register you for qualifications and process your certification. Only the data required for registration is shared.
- Government and regulatory authorities — where required by Kuwaiti law or a lawful government request (e.g. Ministry of Education, immigration authorities where applicable).
- Service providers — trusted third-party suppliers who assist in operating our systems (e.g. hosting providers, payment processors), bound by strict confidentiality obligations.
- Emergency contacts — in cases of a medical emergency or safeguarding concern involving a student, we may contact an emergency contact you have provided.
Any third party with whom we share data is required to maintain its confidentiality and security, and is prohibited from using it for any purpose other than that which we specify.
Cookies & Tracking
Our websites (icsa.us and icsakuwait.com) use cookies and similar tracking technologies to enhance your browsing experience and collect anonymous usage statistics.
| Cookie Type | Description | Can Be Disabled? |
|---|---|---|
| Essential | Required for the site to function (login sessions, navigation) | No — site will not function without these |
| Analytics | Anonymous data on page visits and user behaviour (e.g. Google Analytics) | Yes — via browser settings or cookie banner |
| Functional | Remember your preferences (language, settings) | Yes — disabling may affect user experience |
| Marketing | Used only if you follow ICSA on social media platforms | Yes — via social platform settings |
You can control and manage cookies through your browser settings at any time. Disabling non-essential cookies will not prevent you from using our core services or student portal.
Data Retention
We retain your personal data only for as long as necessary to fulfil the purpose for which it was collected, or as required by law. Our general retention guidelines are as follows:
| Data Type | Retention Period |
|---|---|
| Student enrolment and academic records | 7 years from the date of last enrolment |
| Certificate and qualification records | Indefinitely — for verification purposes |
| Financial and payment records | 7 years from the date of transaction |
| Website enquiry and contact form data | 2 years from date of submission |
| Marketing consent records | Until consent is withdrawn |
| Cookies and analytics data | Up to 24 months (anonymised) |
When data is no longer required, it is securely deleted or anonymised so that it can no longer be linked to any individual.
Your Rights
As an individual whose data we hold, you have a number of rights with respect to your personal information. You may exercise any of the following rights by contacting us at [email protected]:
- Right of Access — you may request a copy of the personal data we hold about you at any time.
- Right to Rectification — if your data is inaccurate or out of date, you may ask us to correct it.
- Right to Erasure — in certain circumstances, you may request that we delete your personal data, subject to legal retention obligations.
- Right to Restrict Processing — you may ask us to limit how we use your data while a query or complaint is being resolved.
- Right to Object — you may object to us using your data for direct marketing at any time, and we will stop immediately.
- Right to Withdraw Consent — where processing is based on your consent (e.g. marketing emails), you may withdraw that consent at any time without affecting any prior lawful processing.
We will respond to all data rights requests within a reasonable time and at no cost. We may need to verify your identity before processing a request.
Data Security
ICSA takes the security of your personal data seriously. We have implemented a range of technical and administrative measures to protect your information against unauthorised access, loss, misuse, alteration, or disclosure.
- Student portal data is stored on a secured, self-hosted server with access restricted to authorised ICSA personnel only.
- Passwords and sensitive credentials are stored using industry-standard encryption (bcrypt hashing) and are never stored in plain text.
- Access to student records and administrative systems is role-based, ensuring staff only access data relevant to their function.
- Physical documents containing personal data (enrolment forms, ID copies) are stored in locked premises at our branch offices.
- We conduct regular reviews of our data handling practices to identify and address potential vulnerabilities.
While we take all reasonable precautions, no method of electronic storage or internet transmission is 100% secure. In the unlikely event of a data breach that affects your rights, we will notify you promptly in accordance with our legal obligations.
Contact & Policy Updates
If you have any questions, concerns, or requests relating to this Privacy Policy or the data we hold about you, please contact us using the details below:
- Email: [email protected]
- Mahboula Branch: +965 9092 1623
- Kuwait City Branch: +965 9930 2850
We reserve the right to update or amend this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operating procedures. When we make significant changes, we will post a notice on our website and update the "Last Updated" date at the top of this page.
We encourage you to review this policy periodically. Continued use of ICSA services after any update constitutes acceptance of the revised policy. If you do not agree with changes, you may contact us to exercise your data rights.
Our team is happy to clarify how we handle your personal data, or to assist with any data rights request. Reach out to us directly — we aim to respond within 3 business days.