Safeguarding and General Data Protection Regulation (GDPR) Compliance
What data we store
- For each student registered on the DFM Homework Platform, we store their name, email address, and encrypted password (the original of which is not retrievable by any individual, including administrators), year group (where specified), school name (where specified) and usage data, in terms of questions completed and summative accuracy data. No other personal information beyond name and email address are stored.
- For each teacher, we store the above data (in addition to their title), but also what classes he/she administers.
Who can access what data
- Students can access only their own data after log in. Accounts must initially be verified via an activation email.
- Teachers can access assessment data of any student within the school. They can also see what students at their school are logged in and what question they might currently be completing. Teachers can administer student accounts, for example changing their email address or changing their class(es). The email address is viewable only if the domain extension (i.e. after the '@') matches that set for the school; it is otherwise not displayed with an indication that a personal email address was used.
- Special 'multi-academy trust administrator' accounts can access data across schools within a trust and set assessments/homeworks to students in these schools. Approval for such accounts will only be granted with appropriate evidence of the individual's responsibilities within the trust.
- We not allow (nor have the functionality to accommodate) teachers being able to access the data of multiple schools (other than in the capacity above). Individuals teaching at more than one school should register separately for each school.
- Only administrators can view data from other schools to ensure the smooth running of the platform. Currently this is only myself (a full-time teacher) and Mr Dupont-Panon (also a full-time teacher). Both individuals naturally have full DBS clearance.
- Students whose total 'points' puts them in the top few globally, will be automatically listed on the global leaderboard, with their name and school appearing. However it should be noted that (a) full names are not given, with only the first name and surname initial given and (b) schools can opt out of the global leaderboard by contacting me at firstname.lastname@example.org. This is viewable to any registered user, but will not be published elsewhere. The same applies to the times table time trial leaderboard. 'Trust' leaderboards are viewable to other leaderboards within the same Multi-Academy Trusts, again with the full name not given. All other leaderboards are internal to schools.
How teacher accounts are verified
Teacher accounts must be approved by myself (Dr Frost). It will only be approved if using a school email address associated with the school's domain name, and clearly where the email address is in a teacher format. In any cases of doubt I search online for staff lists or contact the registering user to provide additional evidence.
For the school 'Home Tutoring', only student registrations are accepted; teacher accounts will not be approved.
Your right to delete stored data and account deletion
- Student accounts can be deleted by teachers at their respective school. Teachers may also delete other teachers. Any user may request to have their account deleted via an email to email@example.com. The email request must match the email address of the account being deleted, or of the teacher of a student.
- DFM will automatically purge inactive accounts where the user has not logged in over 2 years. It is the school's responsibility to delete the accounts of students who have left the school (via the Manage Classes interface) if they want to delete accounts before this time.
How your data is protected
- The site server is located at a secure data centre in Maidenhead, operated by RapidSwitch (see https://www.rapidswitch.com/dedicated-servers).
- All data accessed via user accounts have appropriate checks to ensure the account has the correct permissions to view the data.
- In the unlikely event of any data breach, the nature of the breach, in addition to the resulting action to remedy such a breach, will be clearly communicated.
- The server has an SSL certificate (in layman's terms, the 'padlock' symbol that appears in your browser), meaning that data is transmitted securely.
- No data is shared with Third Parties.
- I (Dr Frost) am the Data Protection Officer for the site.
Disaster Recovery Plan
In complaince with EU legislation:
- "(a) the pseudonymisation and encryption of personal data;"
As per "What data we store", the only personal data stored is email address and name, along with assessment data purely based on usage of the platform. Passwords are encrypted and cannot be unencrypted.
- (b) the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
Any code which accesses the database ensures appropriate permissions to view/modify/delete the data, as per "Who can access what data". The server is managed at a secure data centre by RapidSwitch, which has a "100% uptime guarantee".
- (c) the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;
Backups are made daily by the server administrator, which can be restored as necessary.
- (d) a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.”
I review code as per (b) to ensure access to data is appropriate restricted as described. With regards to the effectiveness of the server, this is as per the host provider's RapidSwitch's own GDPR compliance.
If you have further questions about safeguarding or data protection
Please contact firstname.lastname@example.org for any further queries.