School Web Design

Privacy Policy

School Web Design

 

Last updated: 25 May 2018

This privacy notice describes how School Web Design Limited (‘we’, ‘us’, ‘OUR’) may collect, handle and process personal information in relation to your access to or use of the services.

This privacy notice applies to all of the services, websites and apps offered by School Web Design Limited (collectively, the “Services“).

 

Contact Details

If you have any questions about this privacy notice and how we handle personal information, please contact Gerard Corr via the details below.

 

School Web Design

Markethill Business Centre

6 Fairgreen Road

Markethill

Co. Armagh

BT60 1PW

 

Phone: 028 37 997 456 / 042 9417 893

gerard@schoolwebdesign.net

 

 

What personal information do we collect, store and use?

  • School information (name, address, phone number, education level e.g. primary)
  • Personal information (name, position, email, phone, mobile if provided as preferred contact method)
  • Project Updates – we store project notes, so staff members can keep up with progress of projects and what need actioned
  • Website domain – we may store the current register information if the domain needs to be transferred.
  • Financial details related to invoicing clients.

 

What non-personal information collect, store and use?

When you visit our website, certain non-personal data is available to us through our internet service provider. This non-personal data is collected on a statistical, aggregate, non-individual basis.

This information may include the IP address from which you access our website, the type of browser used to access our website (Internet Explorer, Firefox, etc.), the type of operating system used to access our website (Windows, Macintosh, etc.), the "top-level" domain name used (ie, .com, .org, etc.), the date and time of your visit to our website and the number of pages you visited on our website.

 

 

Why do we collect, store and use this information?

Personal Information:

  • We will use your contact details so that we can communicate with you directly via phone, SMS messaging, or email about queries, issues, problems we have detected or concerns you or other users have. 
  • Providing you with the services, products or information you asked for.
  • Processing orders that you have submitted.
  • Carrying out our obligations under any contracts entered into between you and us.
  • Performing system administrations and updates.
  • Keeping a record of your relationship with us.
  • Seeking your views or comments on the services we provide.
  • Notifying you of changes to our services.
  • Communicate with you regarding your account or changes to our policies, terms and conditions.
  • Payment and transaction information: we will use payment and transaction information you provide to process payment for any product or service you purchase from us.

 

Non-personal information:

Currently we don’t use this information, but our servers hold this information for security reasons. We could use this information in the future to analyse our site analytics and help us form marketing strategies based on how users generally use the website.

 

How do we collect and hold information?

We may collect schools/personal information from:

  • Data you give to us via face to face meetings
  • When you talk to us on the phone
  • In email communication and letters
  • In online forms.

 

Consent

We only store information that is provided to us or is publicly available via your school website.

We process your personal data:

  • with your consent
  • when we need to do this to fulfil a contract with you (for example, the contract of sale),
  • where we are required to do this by law (for example, where it is necessary to retain it in connection with potential litigation)
  • when it is in our legitimate interests to do this and when these interests are not overridden by your data protection rights. 

 

How long is data stored for?

We will only keep personal information for as long as necessary to fulfil the purposes we collected it and including for the purposes of satisfying any legal, accounting, or reporting requirements.

For customers we will hold information long term, so we can properly deal with requests.

For schools that contact us and let us know they will not be using our services we will remove their information from our system.

In determining the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

 

Data Security

We have put in place appropriate security measures to prevent personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a need to know. They will only process personal information on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator (currently the Information Commissioner’s Office) of a suspected breach where we are legally required to do so.

 

Who we share information with and why

We only share information when it is necessary to complete a task that you have requested.

  • We share your email and name with the company who operate and provide our email messaging services. For example, sending an email to users who have subscribed to the website.
  • We use Third Party Apps to manage invoicing, productivity and workflow within our team, we only use services with a strong GDPR policy. These are:

Trello - https://trello.com/privacy-updated

Helpscout -  https://www.helpscout.net/company/legal/gdpr/

Xero - https://www.xero.com/uk/campaigns/xero-and-gdpr/

 

  • Law enforcement agency, court, regulator, government or quasi-governmental authority or other third party. We may share your personal information with these parties where we believe this is necessary to comply with a legal or regulatory obligation, to enforce or apply any agreements between us and you, to resolve any disputes, or otherwise to protect our rights or the rights of any third party.

 

Transferring data outside the EU

We will not transfer the personal information we collect about you to any country outside the EU without telling you in advance that we intend to do so and what steps we have taken to ensure adequate protection for your personal information in those circumstances.

 

Your right of access, correction, erasure and restriction

Under GDPR you have the right to request access to information we hold about you. To make a request for your personal information please contact Gerard Corr using the details set out earlier in this notice.

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

  • Request access to personal information (commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it. You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold corrected.
  • Request erasure of personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
  • Object to processing of personal information where we are relying on a legitimate interest (or that of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing you and your child’s personal information for direct marketing purposes.
 

© School Web Design | Privacy Policy

N.Ireland / UK Schools