menu-button

Safeguarding and General Data Protection Regulation (GDPR) Compliance

What data we store

  • For each student registered on the DFM Homework Platform, we store their name, email address, and encrypted password (the original of which is not retrievable by any individual, including administrators), year group (where specified), school name (where specified) and usage data, in terms of questions completed and summative accuracy data. No other personal information beyond name and email address are stored.
  • For each teacher, we store the above data (in addition to their title), but also what classes he/she administers. Who can access what data
  • Students can access only their own data after log in. Accounts must initially be verified via an activation email.
  • Teachers can access assessment data of any student within the school. They can also see what students at their school are logged in and what question they might currently be completing. Teachers can administer student accounts, for example changing their email address or changing their class(es). The email address is viewable only if the domain extension (i.e. after the '@') matches that set for the school; it is otherwise not displayed with an indication that a personal email address was used.
  • We not allow (nor have the functionality to accommodate) teachers being able to access the data of multiple schools. Individuals teaching at more than one school should register separately for each school.
  • Only administrators can view data from other schools to ensure the smooth running of the platform. Currently this is only myself (a full-time teacher) and Mr Dupont-Panon (also a full-time teacher). Both individuals naturally have full DBS clearance.
  • Students whose total 'points' puts them in the top few globally, will be automatically listed on the global leaderboard, with their name and school appearing. This is viewable to any registered user, but will not be published elsewhere. The same applies to the times table time trial leaderboard. If in the fortuitous circumstances that you are on this list but wish to remain anonymous, please contact me at jfrost@tiffin.kingston.sch.uk.

How teacher accounts are verified

  • Teacher accounts must be approved by myself (Dr Frost). It will only be approved if using a school email address associated with the school's domain name, and clearly where the email address is in a teacher format. In any cases of doubt I search online for staff lists or contact the registering user to provide additional evidence.
  • For the school 'Home Tutoring', only student registrations are accepted; teacher accounts will not be approved.

    Your right to delete stored data

    • Student accounts can be deleted by teachers at their respective school. Teachers may also delete other teachers. Any user may request to have their account deleted via an email to jfrost@tiffin.kingston.sch.uk. The email request must match the email address of the account being deleted, or of the teacher of a student.

    How your data is protected

    • The site server is located at a secure data centre.
    • All data accessed via user accounts have appropriate checks to ensure the account has the correct permissions to view the data.
    • In the unlikely event of any data breach, the nature of the breach, in addition to the resulting action to remedy such a breach, will be clearly communicated.

    If you have further questions about safeguarding or data protection

    Please contact jfrost@tiffin.kingston.sch.uk for any further queries.