We gather this information as ONEDOTALL LTD.
We do update this policy from time to time so please do review this policy regularly. This policy was last updated on 01 Oct 2019.
If you have any questions regarding this privacy statement, please direct your questions to our website administration team at [email protected]
As a visitor, you do not have to submit any personal data to use our website.
In running and maintaining our website we may collect and process the following data about you:
- Information about your use of our site including details of your visits such as pages viewed and the resources that you access. Such information includes traffic data, location data and other communication data, but does not include personal data
- Information provided voluntarily by you, for example, when you submit a ‘get involved’ form
- Information that you provide when you communicate with us by any means
When completing any of the activity in point 2 or 3 above, you have the choice to ask us to remove the data by emailing [email protected]
In providing our service to you we may collect and process the following data about you:
- Information about your use of our software including details of your visits such as pages viewed and the areas that you access. Such information includes traffic data, location data and other communication data, but does not include personal data
- Information provided voluntarily by you within the software. For example, when you register to the software, any data that you subsequently add to the software for your use within the software
- Student information provided by teachers/school administrators will include their first and last names, gender and class(es). It is imperative that teachers/school administrators gather the appropriate consent before using this information within the software. For more information on consent see the ‘Lawful basis for processing & consent’ section, below.
- Information that you provide when you communicate with us by any means, including the feedback form within the software
When completing any of the activity in points 2, 3 or 4 above, you have the choice to ask us to remove the data by emailing [email protected], or by requesting data deletion via the My Account area of the software: https://app.onedotall.com/Account/ManageData
Data Retention and Deletion
How long we keep information we collect about you depends on the type of information, as described in further detail below. After such time, we will either delete or anonymise your information. Data is retained for no longer than is necessary for its purpose, following which data is deleted securely.
Account information: We retain your account information for a period of 2 years from last log in date. Once this period has elapsed your account will become an ‘archived user’ and your personal data will be deleted. You will be alerted 6 months in advance of this happening.
Information you share on the Services: We retain your shared information for a period of 2 years from last log in date. Once this period has elapsed your shared information will be anonymised. You will be alerted 6 months in advance of this happening.
Personal data teachers provide about your students: We retain any personal information you share about your students for a period of 2 years from the point of data entry. Once this period has elapsed this information will be deleted. You will be alerted 6 months in advance of this happening.
Marketing information: If you have elected to receive marketing emails from us, we retain information about your marketing preferences unless you specifically ask us to delete such information, by contacting [email protected]
Lawful basis for processing & consent
Where applicable, consent is requested before processing information further via our opt-in tick boxes.
Information collected from the website and stored by us is for the purpose of responding to and acting upon the task for which it was provided.
Information collected within the software and stored is for the purpose of acting upon the task for which it was provided.
Within the software we provide information tooltips, at point of collection, to explain the purpose of collecting specific personal information. Should you have any questions relating to the lawful basis of collecting this information, please contact us by emailing [email protected]
Here is an overview of what information we collect, and why we collect it.
Account information (for school admins, teachers and industry users):
- First Name – So our support team know what to call you
- Last Name – So we can tell you apart from other users, and so our support team know what to call you
- Email – So we can contact you about your account with us
- Password – To keep your account and personal details secure (this is encrypted and not visible to other software users)
- Unique Identifier – To allow students to retain, or gain access to, their progress records within our software
- First Name – To allow teachers to easily identify their students within the software
- Last Name – To allow teachers to easily identify their students within the software
- Gender – To allow us to conduct research about gender and education
- Class(es) – To allow teachers to fully utilise the project and assessment features within the software
Consent for using student information within the software must be gathered in writing by the school, from the parent (if the child is under the age of 13 in England, or 12 in Scotland) or from the child themselves (if the child is over the age of 13 in England, or 12 in Scotland).
When providing student information within the software, teachers/school administrators will be asked to confirm you have the appropriate level of consent and, additionally, provide us with a written explanation of how this consent was gathered.
We do our utmost to ensure that all reasonable steps are taken to make sure that your data is treated and stored securely.
Whilst we hold it, your information is:
- Safely stored within the UK
- Securely held in the cloud
- Secured by encryption at rest
- Stored by an iso270001 certified provider
More information on our software team’s infrastructure and data security policy can be found here.
Access to information
To request access or removal of information we may hold, please use one of the following methods to contact our data protection officer:
Telephone: 01282 417333
Email: [email protected]
Post: ONEDOTALL, AMS Office Tower, Billington Road, Burnley. BB11 5UB
You can also make a request to access or remove information we may hold from within the ‘My Account’ area of the software: https://app.onedotall.com/Account/ManageData
All requests will be processed and resolved within 28 days.
What communications will I receive?
If you are registered to and using the OneDotAll software, you will receive notifications relating to actions taken by or affecting your account. You can manage your notification preferences by visiting the ‘My Account’ section of the software
Should you submit the ‘get involved’ form you will receive communications from the OneDotAll team replying to your enquiry.
If you are not happy for your data being used this way, please contact us at [email protected]
Your rights under the General Data Protection Regulation (GDPR) are:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling
Disclosure of information to third parties
- To allow our software team (Bad Dinosaur) to assist you with support queries relating to your software account – you can download their data security policy here
- Data sharing with Primary Engineer
- In the event that we sell any or all of our business to a buyer
- To further fraud protection and reduce the risk of fraud
Where appropriate, personal information may be disclosed to law enforcement, regulatory or other government agencies, or third parties, where necessary or desirable to comply with legal or regulatory obligations or requests or for the purposes identified above.
Third party links
Use of third party websites and services
We use user experience tracking with the software, provided by Hotjar, to allow us to analyse user behaviour. No identifiable personal user information is shared with Hotjar. Details of their GDPR compliance can be found here.
We use Google Analytics tracking within the software, to allow us to analyse user behaviour. No identifiable personal user information is shared with Google Analytics.
We will store this information only and ask for consent if the data is to be used for any other purpose.
Cookies provide information regarding the computer used by a visitor.
We may gather information about your general internet use by using the cookie. Where used, these cookies are downloaded to your computer and stored on the computer’s hard drive. Such information will not identify you personally. It is statistical data. This statistical data does not identify any personal details whatsoever
You can adjust the settings on your computer to decline any cookies if you wish. This can easily be done by activating the reject cookies setting on your computer.