GDPR Compliance Statement

Who are we?
We (“EdPlace” and/or “us” or “we”) ) are an online educational content provider (the “ Services”) to parents, teachers and tutors (“you”) to assist the learning of children and students of school age. We are a company registered in England and Wales whose registered office is at at Telford Associates Limited, The Mount, Barrow Hill, Sellindge, TN25 6JQ, United Kingdom with company number 7448614.

What are our legal documents?
Terms and Conditions - These contain the legal terms and conditions on which we provide our Services to registered users or the service (“Members”).
GDPR Compliance Statement - For all of our Members based in the EEA. It explains how we process the personal data that you hold that you share with us.
Privacy Policy - For everyone who visits our site. It explains how we control and protect your personal data.
 
You are currently reading our GDPR Compliance Statement

Who should read this GDPR Compliance Statement?
This Statement should be read by all of our Members based in the EEA. It explains how we process the personal data that you hold that you share with us.
 
 GDPR Compliance Statement
 
Introduction
In order to carry out our Services for our Members, we need certain limited personal data about Members. This includes parents, tutors, teachers and students and as a result is a Data Processor for the purposes of Data Protection Law. 
 
EdPlace’s Data Privacy Manager
EdPlace has appointed a Data Privacy Manager who will deal with all requests and enquiries concerning EdPlace’s uses of personal data and endeavour to make sure that all personal data is processed in compliance with EdPlace`s Privacy Policy and with GDPR.
 
Requests and enquiries should be sent for the attention of:
The Data Privacy Manager
Email address: [email protected]
Postal address: 1 Long Lane, London, SE1 4PG
 
How we handle personal data
The GDPR sets out specific principles around the handling of personal data with which EdPlace complies:
  • We only process personal data for the specific purpose of providing the services to our clients.
  • We only process the absolute minimum of personal data to provide the services.
  • As much as possible we keep personal data accurate and up-to-date.
  • We only keep personal data for as long as is necessary to perform the services of the contract.
  • We make absolutely sure that all personal data collected and held is kept as secure as possible against any data breach.
  • Where we use third parties to process data we ensure they are GDPR compliant.
  • We regularly review our GDPR compliance and data protection best practices.

Types of Personal Data we process
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
 
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
  • Identity Data includes first name, last name, email address, username or similar identifier, student year group.
  • Contact Data includes billing address, email address and telephone numbers
  • Transaction Data includes details of services you have purchased from us.
  • Financial Data includes last 4 digits, expiry date, type and postal code of credit/debit card used to purchase the service and transaction history, including successful and unsuccessful payments (including the amount of each payment) made to EdPlace.
  • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website or our app(s).
  • Profile Data includes purchases or requests made by you, your interests, preferences, feedback and survey responses.
  • Student Learning Data includes student responses to activity questions, aggregate scores across subject and/or topic area and progress made over time.
  • Usage Data includes information about how you use our website, app(s) and services.
  • Marketing Data includes your preferences in receiving marketing from us and your engagement with our marketing activities.
  • Communications Data includes your communication preferences and email, voicemail and telephone records to customer support. 
Where Personal Data is kept
Our website is hosted in the EEA and as such personal data is not normally transferred outside of the EEA. However, some of our third-party software and development services  are hosted outside the EEA. Where personal data is transferred outside the EEA we ensure compliance with GDPR.
 
Protecting your data
We take the protection of data extremely seriously. In particular we have taken appropriate technical and organisational steps to ensure the security of personal data. All EdPlace employees have our data protection policy are aware of their duties under GDPR and have received relevant training.
 
Data breaches
All Personal Data breaches must be reported immediately to EdPlace’s Data Privacy Manager. If a Personal Data breach occurs that is likely to result in a risk to the rights and freedoms of our Members, the Data Privacy Manager will inform the Information Commissioner’s Office of the breach without delay and, in any event, within 72 hours after having become aware of it. 
 
Our organisation
We are a small company and all of our employees are appropriately trained up in data protection. EdPlace is committed not only to the letter of the law, but also to the spirit of the law and places high importance on the correct, lawful and fair handling of all personal data, respecting the legal rights, privacy and trust of individuals with whom we deal. 
 
Implementation policy
This Policy shall be deemed effective as of 16 May 2018. No part of this Policy shall have retroactive effect and shall thus apply only to matters occurring on or after this date.