• 01392 690500 (sales only)

Focus on Sound Privacy and Data Protection Policy

GDPR

Focus on Sound is fully compliant with the GDPR law for the UK/EU from 25th May 2018

Administrator(s)

We keep securely the name and email address of the person or persons allocated by the school as the administrator(s) of the software for the school.

We supply a temporary password and username, which the administrator can then alter. All passwords are encrypted and as soon as the administrator changes it, only the administrator knows what it is.

It is the responsibility of the administrator to ensure no student or any other unauthorised person has access to these logon credentials.

The administrator can add the names, usernames and classes of students to the system. He/she can also add teacher details: names, usernames, email addresses and encrypted passwords.

The administrator can also attach teachers to classes so that the teacher can see a list of students in that class, with names and usernames. Passwords are hidden.

The administrator can also in certain circumstances ask Focus on Sound to undertake some of these tasks, in which case the operation will be carried out by a member of Focus on Sound staff trained in data protection.

Teachers

Teachers have access to the names and usernames of the students in the classes to which they have been attached by the administrator. They can change their own details and those of the students in those classes. They do not have access to any secret student passwords but may change them, for instance if a student has forgotten theirs.

Students

Each student has access to his/her name and username. The password is hidden but may be changed by the student if he/she knows the original. Students have no access to anybody else's details unless they become aware of another person's username and password. It is the administrator's responsibility to ensure these are kept secret from students.

Deletion

The administrator can immediately delete any student, teacher or groups of students from the list, or delete all students and all teachers. This will permanently delete all those people from our database. On request by the school a member of Focus on Sound staff trained in GDPR can carry out the task for the school.

The administrator may in an emergency ask Focus on Sound to suspend the software. This will be done by changing the access URL (web address) to a new secret version. This will have the effect of stopping any user making use of the software.

Schools that stop using the software will have all data deleted one year after the end of the subscription - or earlier if requested by the school.

Servers

Focus on Sound uses three servers:

  • Server 1 (and global variants) stores user details as described above. UK users have a UK based server. US data is stored in the US.
  • Server 2 in the UK stores the Focus on Sound software, media and UK test results.
  • Server 3 in Sydney, Australia, stores the Focus on Sound software, media and Australian and New Zealand test results.

Contacts

Focus on Sound will keep securely names, addresses and email addresses of teachers who ask for trial versions or otherwise ask for more information. This information will be used in the following ways:

  • To tell trial users their logon credentials and to remind them.
  • To send further details including prices
  • To warn users of the ending of trials

Administrators will also be contacted from time to time with newsletters and information about the expiry of their subscription.

All contacts will have the right to have their details deleted from the database.

Privacy impact assessment

Focus on Sound has a number of strategies in place to secure data, with strict limits on the number of people who have access. Only the school administrators have access to the full data, i.e. the list of students the administrator has assigned to Focus on Sound. Class teachers only have access to data for individual classes to which they have been assigned. The manager of Focus on Sound is the only Focus on Sound employee to have access to the data. All data is protected by secret usernames and passwords. Passwords are hidden and encrypted.

In the extremely unlikely event of data being stolen, the impact will be limited to student names, usernames and classes. No student email addresses, phone numbers, gender information, age, date of birth or address are stored.

The only other data stored consists of the teacher's names, school email addresses and school address.

Data breach

If we become aware of a data breach we will immediately inform the school(s) affected

GDPR training

The managing director of Focus on Sound has been trained in GDPR and has attended the relevant course.