On May 25th 2018 the General Data Protection Regulation (GDPR) (EU) 2016/679 will come into force. The GDPR is a regulation in EU law on data protection and privacy for all individuals within the European Union and is intended to unify the policies and strengthen the safety and security of all data held within an organisation. This legislation will replace the existing Data Protection Act (DPA). There is plenty of information about GDPR online. The Information Commissioner's Office (ICO) provides a good starting point with its Guide to the GDPR.
The new laws require both Data controllers (such as Schools) and Data processors (such as Assessinator.co.uk) to update their processes and technology to meet the specified requirements.
Schools are the data controllers of staff and pupil-related data. The data controller is the person or organisation who determines what data is extracted, what purpose it is used for and who is allowed to process the data. GDPR increases the responsibility schools have to inform students and parents about how their data is being used and by whom.
Assessinator.co.uk is the Data processor of the staff and pupil data. This is data we are trusted with but do not control.
Our website and database of data is hosted on servers in Cambridgeshire. We do not store data anywhere else other than occasional backups which are held on a single password-protected computer owned omega replica and managed within the Assessinator registered address in Cambridgeshire.
Only Dan Went, the sole owner and manager of Assessinator.co.uk
Staff and student personal data is obtained from the Data controller (the School). In the event of an error, school administrators can correct user data such as names and emails.
Staff can also change their personal details directly on the platform or contact Assessinator.co.uk for assistance.
If you wish to make a Subject Access Request and/or Right to be Forgotten request,replica watches where applicable, please contact ask@assessinator.co.uk