Safeguarding and General Data Protection Regulation (GDPR) Compliance
What data we store
For each student registered on the DFM Homework Platform, we store their name, email address, and encrypted password (the original of which is not retrievable by any individual, including administrators), year group (where specified), school name (where specified) and usage data, in terms of questions completed and summative accuracy data. No other personal information beyond name and email address are stored.
For each teacher, we store the above data (in addition to their title), but also what classes he/she administers.
Who can access what data
Students can access only their own data after log in. Accounts must initially be verified via an activation email.
Teachers can access assessment data of any student within the school. They can also see what students at their school are logged in and what question they might currently be completing. Teachers can administer student accounts, for example changing their email address or changing their class(es). The email address is viewable only if the domain extension (i.e. after the '@') matches that set for the school; it is otherwise not displayed with an indication that a personal email address was used.
We not allow (nor have the functionality to accommodate) teachers being able to access the data of multiple schools. Individuals teaching at more than one school should register separately for each school.
Only administrators can view data from other schools to ensure the smooth running of the platform. Currently this is only myself (a full-time teacher) and Mr Dupont-Panon (also a full-time teacher). Both individuals naturally have full DBS clearance.
Students whose total 'points' puts them in the top few globally, will be automatically listed on the global leaderboard, with their name and school appearing. This is viewable to any registered user, but will not be published elsewhere. The same applies to the times table time trial leaderboard. If in the fortuitous circumstances that you are on this list but wish to remain anonymous, please contact me at email@example.com.
How teacher accounts are verified
Teacher accounts must be approved by myself (Dr Frost). It will only be approved if using a school email address associated with the school's domain name, and clearly where the email address is in a teacher format. In any cases of doubt I search online for staff lists or contact the registering user to provide additional evidence.
For the school 'Home Tutoring', only student registrations are accepted; teacher accounts will not be approved.
Your right to delete stored data and account deletion
Student accounts can be deleted by teachers at their respective school. Teachers may also delete other teachers. Any user may request to have their account deleted via an email to firstname.lastname@example.org. The email request must match the email address of the account being deleted, or of the teacher of a student.
DFM will automatically purge inactive accounts where the user has not logged in over 2 years.
All data accessed via user accounts have appropriate checks to ensure the account has the correct permissions to view the data.
In the unlikely event of any data breach, the nature of the breach, in addition to the resulting action to remedy such a breach, will be clearly communicated.
The server has an SSL certificate (in layman's terms, the 'padlock' symbol that appears in your browser), meaning that data is transmitted securely.
Disaster Recovery Plan
In complaince with EU legislation:
"(a) the pseudonymisation and encryption of personal data;"
As per "What data we store", the only personal data stored is email address and name, along with assessment data purely based on usage of the platform. Passwords are encrypted and cannot be unencrypted.
(b) the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
Any code which accesses the database ensures appropriate permissions to view/modify/delete the data, as per "Who can access what data". The server is managed at a secure data centre by RapidSwitch, which has a "100% uptime guarantee".
(c) the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;
Backups are made daily by the server administrator, which can be restored as necessary.
(d) a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.”
I review code as per (b) to ensure access to data is appropriate restricted as described. With regards to the effectiveness of the server, this is as per the host provider's RapidSwitch's own GDPR compliance.
If you have further questions about safeguarding or data protection