(updated 11th Sep 2020)
The privacy and security of user data is taken very seriously. Only information that is required for the website to function is collected and stored. This website is fully compliant with the General Data Protection Regulation, also known as the GDPR, a European Union regulation, also adopted by the UK.
The privacy statement below concerns the use of this website. If you have any queries about this policy, please send an email to firstname.lastname@example.org.
What Information is uploaded about Students?
To ensure that personal data is kept secure, student names are not used anywhere on the website. Each student is assigned an alias (a false name) to hide their true identity. The alias is stored alongside the student's real name in an encrypted spreadsheet on the teachers own computer. Only teachers who have access to this spreadsheet (and know the password) are therefore able to obtain the true identity of the student. This approach ensures that student data is kept extremely secure and adds an extra level of security against hackers since the spreadsheet is not publically accessible through the internet.
The table below summarises what information is uploaded about student users and what it is used for:
|Alias Name||Allows the teacher to indirectly identify the student when analysing data (e.g. quiz results) whilst keeping their true identity hidden from everyone else|
|Student ID||A unique id that is used to link data to each student across the website|
|Subject, Year Group and Class Code||Allows the teacher to analyse data relating to quizzes and similar activities by selecting certain students only|
|Institution Code||If teachers from other institutions start to use this website in the future, this code will prevent teachers from being able to view data for students that are not in their institution|
No other personally identifiable information (e.g. email addresses) is stored about students.
Students will also be assigned a username and password to allow them to login to certain activities. When they first login to the website they will be required to set a new password. This password is encrypted and therefore not viewable by anyone (including myself as the administrator).
How is this information uploaded to the website?
Information is uploaded to the website by me as the administrator.
All data is securely transmitted using SSL/TLS encryption.
Who has access to the data?
Students will be able to view their own performance in quizzes. They will not be able to view any information about other users of the website (student or teacher).
The teacher can see the responses that the students have made to any quizzes or related activities alongside their alias. They are also able to view a students unique id code, username, class code, year group, and subject. The teacher can change a student’s password but not view any passwords (current or used in the past) as all passwords are encrypted.
No information about users is shared with any 3rd Parties (e.g. for advertising purposes).
How is this information stored?
The information is stored in secure databases and files on servers within Europe.
Do you share information about students or teachers with any third-party organisations?
No, unless required to do so by law (e.g. in cooperation with law enforcement authorities).
How long will the information be kept?
All information about students is kept until the summer holidays after they leave the school unless a request is made to delete it sooner.
How will the information be destroyed?
Information will be deleted from the databases or further anonymised by replacing any information that could be used to identify a student (e.g. alias, class codes etc.) with random words. This would allow the teacher to make comparisons between different cohorts when analysing assessment data.
User data can be completely deleted from the servers if requested by emailing email@example.com.
What other information is collected about users?
Information is gathered about user activity on the website. For example, when students do a quiz, the times and dates when they accessed the quiz are recorded in a database along with the responses they gave.
What is your policy for data breaches?
Should a serious incident occur, any affected individuals will be notified as soon as reasonably possible with any known details about the breach.
What are cookies and how do you use them?
Cookies are small text files, which are set by a website so that your browser or device may be recognised. This website primarily uses session cookies which allow for information to be remembered when navigating from one page to another within the website. These cookies are destroyed when you close the web browser.
How do you delete student data when they leave the school?
Data will be deleted or anonymised (as described above) in the summer holidays after they leave the school. Student accounts may be deleted before this time by myself as the administrator. This will also cause the data to be deleted or anonymised.
How do I get access to my data?
On request, all data held about you can be sent in a spreadsheet, within 7 days. Please submit your request by email to firstname.lastname@example.org.