Squirrel Privacy Policy
v2 - Last updated: August 2021
About
We are Squirrel Learning Limited (We) a company registered in England and Wales (No. 11365884).
This policy tells you how we collect and process the personal data of users of our website, products and services including computer or mobiles apps (You). Personal data means information about an individual from which that person can be identified. This excludes anonymous or anonymised data.
We are the data controller responsible for your personal data. That includes schools, parents/guardians, and students. Data we process include the personal data of children (under 18 and even under 13 years of age) which we accordingly process only with the consent of the child’s school and/or parents.
Where we provide a website or other finished products like videography to a school, which contains personal data, that school becomes data controller and is responsible for deciding what happens to the data. We may be joint data controller with a school in certain circumstances.
This Privacy Policy supplements any other privacy or fair processing notices we may give you from time to time..
How we collect personal data
- We obtain information about schools, staff, and children directly from schools and organisations who have requested our services, to enable us to deliver our programmes.
- In some circumstances we may also collect information directly from adults.
- Paper registers may be used to collect person specific information from school. These are only used where the programmes require attendance data to be retained. Where this is the case, the registers are returned to the locked filing cabinet within our office immediately following the session. Schools will be notified in advance of any programmes when registers are required to be kept. All paper registers, together with any other personal data recorded on paper, will be securely destroyed as follows: at the end of the academic year, during which the activities took place.
- Direct interactions with you, e.g., by email, telephone or filling in forms.
- Automated technologies, e.g., through apps or website cookies.
- Publicly available sources like Ofsted
We are not responsible for the information that may be collected by third parties by clicking on links to third party websites, plug-ins, and applications.
What personal data we collect
Schools:
Names of school staff, display name, the school or organisation they work for, their position, email address, work contact details, information relating to accreditation and course attendance (where we are providing staff training), financial details of any persons paying personally for our services, photographs, and video footage of staff members
Pupils:
Name, school or organisation, year group and/or class, age, gender, photographs, audio, and video footage
Parents/Guardians:
Names and contact details of parents/guardians.
Everyone:
Details of interactions we have had with any of the above persons in relation to our products or services.
Users of our websites and apps*:
Technical data which includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website.
Data collected about website users:
Some or all of our sites use cookies to enable the site/application to function, to provide enhanced functionality or to enable a better understanding of how people use the website/application.
You can view the cookie policy and details on each website:
| Website | Cookie Policy Link |
|---|---|
| squirrellearning.co.uk | squirrellearning.co.uk/privacy-policy |
| go-read.co.uk | go-read.co.uk/cookies |
| go-write.co.uk | go-write.co.uk/cookies |
| goapps.app/cookies |
Profile data which includes your username and password, purchases or orders made by you, your interests, preferences, feedback, and survey responses.
How a user’s device has interacted with our website(s), including the pages accessed and links clicked, download errors, length of visits to certain pages, page interaction information, and methods used to browse away from any page.
For the GoRead app: information related to the books read by pupils including frequency of reading; comments entered by teacher, parents and pupils; pupil ratings; audio of pupil reading.
For the GoWrite app: the writing provided by users and the results and activity of the voting process.
* This includes squirrellearning.co.uk, go-read.co.uk, go-write.co.uk, goapps.app, gpread.app and gowrite.app. Our apps are web-based.
We do not collect any Special Categories of personal data about you (e.g., ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, health, or biometric data). Nor do we collect any information about criminal convictions and offences.
We do collect, use and share (including in exchange for payment) aggregated data like statistical or demographic data (e.g., user habits of apps) for any purpose. This is not personal data as the person the data relates to can no longer be identified.
How we use your personal data
- Where it is necessary for Squirrel Learning Limited to complete our programmes and activities effectively, for example to contact you about something you have indicated an interest in, for processing payment information, administering apps, creating personalised awards or certificates.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests, for example data analytics, or entering users (with or without consent) into prize draws, promotions, and competitions.
- To comply with a legal obligation, such as health and safety obligations surrounding delivery of a programme.
We may process your personal data for more than one lawful ground. Please contact us if you need details about the specific ground based on which we are processing your personal data in a particular instance.
Change of purpose
We will use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason which is compatible with the original purpose, as permitted by law.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
How We Store Your Personal Data
We have put in place reasonable measures to keep your personal data safe, as required by law.
Hard copy records containing personal data, such as order forms and registers, are stored in locked cabinets in our registered office and are not removed off-site. Such documents, or relevant personal data on such documents, will be securely destroyed at the end of the academic year, during which the activities took place, or (if sooner) when to our knowledge the member of staff or child to whom the data pertains leaves the school or (in the case of staff members) is no longer a contact or participant in training.
Electronically held personal data are held in [password-protected] cloud storage, not locally on any staff laptops, which are in any event password protected and encrypted. We do not permit the use of external hard-drives, memory sticks or other devices for storing personal data. Such data is retained during the period which the activities took place and deleted at the end of the academic year.
Sharing Personal Data
We do not routinely share any personal data we collect except as follows:
- With our approved subcontractors for the purpose of data processing (list below).
- Where you have consented, for example the data collected by apps is shared amongst schools and parents/guardians).
- If your communication highlighted a child protection issue, or other issue that may result in police action. In such circumstances, we may be legally obliged to act.
- Where necessary for us to seek professional advice such as from lawyers or insurance professionals, based in the United Kingdom.
- Government or regulatory bodies where required by law.
- Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy policy.
Our subcontractors
| Name | Processing | Weblink |
|---|---|---|
| Adobe Creative Cloud * | Third party software for storing and editing photos of events. | www.adobe.com/uk/creativecloud |
| Amazon Web Services * | Electronic data storage, cloud server and transmission service. Personal data is stored in EU based data centers. | aws.amazon.com |
| Axe Edge Limited | Contracted developers who develop and enhance the Site and Apps | axeedge.design |
| G-Suite * | Cloud Provider | gsuite.google.com |
| Heroku * | Hosting, Electronic data storage, cloud server and transmission service. Hosting is in EU based data centers. | www.heroku.com/ |
| Printondemand-worldwide | Print and fulfillment services | www.printondemand-worldwide.com/ |
| Stripe * | Third Party Payment Provider for Credit Card Transactions | stripe.com |
| Squarespace * | Hosting, Electronic data storage, cloud server and transmission service | www.squarespace.com |
The subcontractors marked with an asterisk “*” in the above table are located outside of the UK and so their processing of your personal data will involve a transfer of data outside the UK. Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the UK.
Requesting Access to Your Personal Data
You have various legal rights including the right to access personal data held about you, correct it or request that it be deleted at any time. Please see the U.K. Information Commissioner’s Office (ICO) website for more details.
Contact
It is important that the personal data we hold about you remains accurate, please inform us of any changes to your personal data.
To discuss anything in this Privacy Policy or to request access to your personal data, please contact us:
privacy@goapps.appSquirrel Learning Limited,
Technology Centre, Wolverhampton Science Park, Wolverhampton, West Midlands, England, WV10 9RU