Free sign up
ask@assessinator.co.uk

Data Protection

Introduction  |   Privacy Policy  |   Terms and Conditions

Introduction


What is GDPR?

On May 25th 2018 the General Data Protection Regulation (GDPR) (EU) 2016/679 will come into force. The GDPR is a regulation in EU law on data protection and privacy for all individuals within the European Union and is intended to unify the policies and strengthen the safety and security of all data held within an organisation. This legislation will replace the existing Data Protection Act (DPA). There is plenty of information about GDPR online. The Information Commissioner's Office (ICO) provides a good starting point with its Guide to the GDPR.

What is Assessinator.co.uk doing to comply with GDPR:

Data controllers and Data processors

The new laws require both Data controllers (such as Schools) and Data processors (such as Assessinator.co.uk) to update their processes and technology to meet the specified requirements.

Schools are the data controllers of staff and pupil-related data. The data controller is the person or organisation who determines what data is extracted, what purpose it is used for and who is allowed to process the data. GDPR increases the responsibility schools have to inform students and parents about how their data is being used and by whom.

Assessinator.co.uk is the Data processor of the staff and pupil data. This is data we are trusted with but do not control.

Where is Assessinator.co.uk data processed?

Our website and database of data is hosted on servers in Cambridgeshire. We do not store data anywhere else other than occasional backups which are held on a single password-protected computer owned and managed within the Assessinator registered address in Cambridgeshire.

Who can access personal data?

Only Dan Went, the sole owner and manager of Assessinator.co.uk

How are errors in data corrected?

Staff and student personal data is obtained from the Data controller (the School). In the event of an error, school administrators can correct user data such as names and emails.

Staff can also change their personal details directly on the platform or contact Assessinator.co.uk for assistance.

How do I make a Subject Access Request or implement the Right to be Forgotten?

If you wish to make a Subject Access Request and/or Right to be Forgotten request, where applicable, please contact ask@assessinator.co.uk