We use cookies on all our websites to gather anonymous information about your visit that helps us to make improvements and increase performance. By continuing you are consenting to these cookies.

If you would like more information or would like to change your cookie preferences, please visit our cookies page.


Data Protection, Privacy & Cookies policy

Your personal information

The London Institute of Banking & Finance is committed to following good practice for handling personal information in accordance with the principles of the Data Protection Act 1998. The eight principles ensure your personal data is:

  1. Processed fairly and lawfully
  2. Processed only for specified and lawful purposes
  3. Adequate, relevant and not excessive in relation to the purpose(s) for which it is processed
  4. Accurate and up to date
  5. Not kept for longer than is necessary
  6. Processed in line with your rights as the data subject
  7. Secure
  8. Not transferred outside the European Economic Area unless the country has an adequate level of protection for your rights as the data subject

The data controller for your personal data is The London Institute of Banking & Finance.

When you first contact us we create a record in your name and allocate you a unique ID number. Any information that you give us, or we generate, from then on is added to your record. We endeavour to ensure the accuracy of all records, but we rely on you to keep your personal data up to date, either online via myLIBF or by informing our Customer and Student Services team of any changes. You can contact them by email or by calling on +44 (0)12 2781 8609.

Your rights as the data subject

This is the sixth data protection principle and the rights that it refers to include:

  • a right to have access to a copy of your personal data
  • a right to be able to opt out of receiving direct marketing
  • a right to object to processing that is likely to cause or is causing damage or distress
  • a right, in certain circumstances, to have inaccurate personal data rectified, blocked, erased or destroyed

Use of your personal information

Your personal information is used in the following ways:

  • To process your application for the study of modules and qualifications. This may also require your personal information to be passed to a third party for the delivery of study materials, or the provision of teaching or examination facilities. We may also contact other institutions to confirm your qualifications
  • To process your application for a Statement of Professional Standing (SPS) or Certificate of Professional Achievement (CPA)
  • To process any application you make for membership and to maintain that membership
  • To process any application for additional services, such as CPD, seminars or conferences. If your application is for an event that is sponsored, your contact details will be passed to the sponsor of the event. You will be informed if your details are to be passed to the sponsor when you apply to attend
  • To provide information about additional services and products that may be of interest to you
  • To undertake research in order to help us plan and improve our services
  • To provide information to government bodies, such as Ofqual, the FCA, the Student Loans Company (SLC) and Higher Education Statistics Agency (HESA), in accordance with statutory and government requirements

The HESA Student Collection Notice

Your course results may be:

  • disclosed to your employer if your application included details of your employer
  • disclosed to your provider of tuition
  • published when you have completed the qualification. The information published may include your name, the name of your employer and details of your qualification.

Transferring information overseas

We have students and members throughout the world and the personal information of those students and members is necessarily transferred overseas when fulfilling their applications for study, membership or other services

Information collected automatically

When you visit our website we automatically collect some technical information about your visit, eg your IP address, the type of browser used, the duration of your visit and the pages visited. We use this information to improve the navigation and accessibility of our website.

If you access one of the password-protected sites we do record some details of your visit and we use this information to help us support you if you have any queries regarding your use of these sites and to look for ways to improve the service we offer you.

Cookie use

If you use the Internet to carry out certain transactions with us, your computer will store small pieces of information, known as cookies. A cookie is a small text file that is stored temporarily by your browser and is used by the website you are visiting to remember you throughout your visit to that website.

We use session (non-persistent) cookies to identify you when you log into a password-protected site. This avoids the need for you to repeatedly enter your password as you navigate around the password-protected site. The cookies are deleted as soon as your session is ended.

We also use persistent cookies to store non-personal details when you visit our website. This enables us to find out whether your computer has visited our website before by checking to see, and finding, the cookie left there on the last visit.

Using these cookies we are able to examine and analyse, in an anonymous and aggregate way, how our websites are used in order that we can improve the layout, navigation and accessibility of the websites.

We also link to external websites such as YouTube and Vimeo, to show videos and display image galleries. These websites may also use cookies, over which we have no control. Please check those websites for more information about their use of cookies.

List of cookies

Cookie Purpose Expires
ASP.NET_SessionId This cookie helps keep your browsing session private. When you close your browser
These cookies allow you to move between our different secure websites without having to log in separately on each site. When you close your browser When you close your browser
ifslearningSUB This cookie allows you to visit external resources from some of our secure websites. When you close your browser
.ASPXANONYMOUS This cookie helps maintain your visit to our website anonymously (before you may log in to a secure area). 69 days
.ASPXROLES This cookie helps us manage the services and information you are eligible to access. When you close your browser
.ASPXAUTH This cookie helps keep your my ifslearning session secure. When you close your browser
MoodleSession This cookie keeps you logged in as you move around your course website. When you close your browser When you close your browser
AlternateID Allows switching between your myLIBF accounts if you have multiple logins. When you close your browser
style related by Moodle (the course website system). It stores the user's preference on how the website looks, but we lock down this feature so this cookie contains no data. 1 year
UserCookiePref This cookie stores your choice of enabling/disabling performance cookies on our websites. 1 year
.SFROLES-FinancialWorld This cookie helps us manage the services and information you are eligible to access for the Financial World website.  30 minutes

Cookies for performance

The following list of cookies are used for site performance, which can be enabled/disabled. Please note that changing this setting will impact all of the websites listed below:

  • The London Institute of Banking & Finance
  • myLIBF
  • KnowledgeBank
  • ProShare
  • Certified Documentary Credit Specialist (CDCS)
  • Financial World
  • FWSP
  • Financial Innovation Awards
  • ProShare Annual Awards
  • Secure Online System
Cookie Expires Purpose
__utma 2 years These are Google Analytics cookies and they keep an anonymous record of how visitors use our websites. They store information such as the time the current visit occurred, whether the visitor has been to the site before, and what site referred the visitor to the web page.

For more information, visit Google's website.
__utmb 30 minutes
__utmc When you close your browser
__utmt 10 minutes
__utmv 2 years
__utmx 2 years
__utmz 6 months
_ga 2 years
_gat 10 minutes
_pk_id  2 years  Used by Piwik to avoid counting a person twice when counting how many people visit the website.
_pk_ses  30 minutes  Used by Piwik to track a session, i.e., how long you are on our website. 
_pk_ref  6 months  Used by Piwik to identify the page from which visitors have come to the web site to enable us to identify which websites generates the most traffic. 


When you close your browser This session cookie is set to let Hotjar know whether that visitor is included in the sample which is used to generate funnels.

Third party websites

Our websites contain links to other websites and this data protection statement does not apply to those websites. If you transfer to another website you should read their data protection statement for their policy on the use of personal information.

We also link to external websites such as YouTube and Vimeo, to show videos and display image galleries. These websites may also use cookies, over which we have no control. Please check those websites for more information about their use of cookies.

General Data Protection Regulation (GDPR)

We have always attached great importance to the protection of the personal data we gather from our students and customers.  As such, we welcome the introduction of the new General Data Protection Regulation (GDPR) effective from 25 May 2018 which further strengthens the accountability required by organisations and the rights that individuals have over how their personal data is used.

The below summary provides an outline of the activities we are undertaking to meet the requirements of GDPR.  If you have any concerns regarding our preparations for GDPR or how your personal data is used please email gdpr@libf.ac.uk.



Governance and accountability

We have established a GDPR Working Group to oversee preparations for GDPR and ensure our Board of Governors, Leadership Group and Audit Committee are aware of the requirements under GDPR. The GDPR Working Group will establish ongoing reporting requirements within the governance structure.

Mapping the personal data we process

We have developed an ‘Information Lifecycle Register’ to map where we capture personal data, how we process it and how long we retain it.

Communicating privacy information

We are reviewing all privacy notices currently in use to ensure they clearly communicate how we process personal data in line with the ICO’s guidance on GDPR requirements for the right to be informed and the ICO’s Privacy Notices Code of Practice. Where necessary we will circulate revised privacy notices to existing customers.

Managing consent

We are reviewing how we use consent to ensure it requires a positive action to opt-in and provides an appropriate granular level of choice where needed. Our systems will record when consent was provided, for what processing and enable individuals to update their preferences at any time.

Complying with individual rights

We are reviewing our arrangements to ensure we can effectively handle individual rights requests including Subject Access Requests, portability and right to erasure.

Managing Data Protection by Design and Impact Assessments

We have reviewed the ICO guidance and established our requirements for considering data protection by design and how and when we would conduct a Privacy Impact Assessment (PIA)

Management of data breaches

We have in place technical and organisational measures to protect against breaches of personal data and processes in place to manage any such occurrence.

Reviewing sharing of data with third parties

We are reviewing all arrangements where we share data with third parties to ensure they are underpinned by an appropriate agreement and ensure we can meet our responsibilities under GDPR.

Managing staff training and awareness

We have raised awareness of GDPR across the organisation including manager briefings, committee updates and regular blog entries. Ongoing, all staff will receive data protection training as part of induction and an annual refresher, along with more role specific training where required.



If you have any comments or questions regarding this statement, please contact the Data Protection Coordinator at:

Data Protection Coordinator
The London Institute of Banking & Finance
4 - 9 Burgate Lane