- Some useful facts
- [SCHOOL NAME] is owned and operated by [COMPANY NAME] a company registered in England and Wales
- Company number is [ ]
- Our registered office address is [ADDRESS]
- Our Data Protection Office (DPO) is [name of employee], who you can contact on [DPO’s email address]
- Personal information that we collect and process
3.1 What information do we collect?
We collect the following personal information from our clients:
- Email address
- Contact number
- Country (optional)
3.2 Why do we collect this information?
3.2.1 We use this information to provide you with our services as per our ‘Terms of service’.
3.2.2 We may use this information for internal research and analytics purposes to improve our services and understand the needs of clients.
3.3 When do we collect this information?
We collect this personal information when you sign up to our services, when you access our services or provided to us at request.
3.4 When and why do we share your information with third parties?
3.4.1 We use a number of third party software providers to ensure that we provide you with the highest level of service. The third-party software providers act as our ‘Data Processors’ as they process your data on our behalf. We carry out robust checks of all third-party providers to ensure that they are GDPR compliant.
3.4.2 We may also share your information to prevent, investigate, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service or any other agreement related to our services or otherwise required by law.
3.4.3 We may also share your information to conform to legal requirements, or to respond to lawful court orders, subpoenas, warrants, or other requests by public authorities.
3.4.4 Some or all of your personal data may be stored or transferred outside of the European Economic Area (the EEA) for any reason, including for example, if our email server is located in a country outside the EEA or if any of our service providers are based outside of the EEA. You are deemed to accept and agree to this by using the system and submitting information to us. If we do store or transfer your personal data outside the EEA, we will take all reasonable steps to ensure that your data is treated as safely and securely as it would be within the EEA and under the Data Protection Act 1998 as amended.
3.5 Your rights
You have the right to obtain from us a copy of the personal information that we hold for you, and to require us to correct errors in the personal information that we process for you if it is inaccurate or incomplete. You also have the right at any time to require that we delete your personal information. To exercise these rights, or any other rights you may have under applicable laws, please contact us at [DPO’s or other email address].
We take appropriate security measures (including physical, electronic and procedural measures) to help safeguard your personal data from unauthorised access and disclosure. The technology that we use and the security policies which we have implemented are intended to safeguard your information from unauthorised access and improper use. However, no system can be completely secure. Therefore, although we take steps to secure your information, we do not promise that your personal data or other content that you upload to the system will always remain secure.