GDPR Information

Do you have a Data Retention policy?

< All Topics

We have Data Retention Policies that cover the data we are controllers for and data we are Processors for. For the data for which schools are the Controllers, we have provided the following information to all schools which we have a current active contract with as part of our update:

The School’s data will be retained for 30 days after contract end. To keep a balance between security/privacy and accessibility, the Contractors approach is:

  1. School informs Contractor no less than 30 days prior to expiration they wish to cancel
  2. Contractor extends the licence to 30 days past the original expiration
  3. School can now use this time to use the systems in-built functionality to export and download a copy of their data
  4. Unless otherwise notified that the data has been successfully retrieved, once the new expiration passes, we retain the data for another 30 days
  5. After this 30 days passes, the data is then deleted from our servers

The Contractor runs a rolling contract that renews automatically and invoices the School for the additional sum for the years hosting. If the School fails to notify the Contractor they wish to cancel in the pre-agreed timescale, access to the system is stopped until payment has been received.

Was this article helpful?
0 out Of 5 Stars
5 Stars 0%
4 Stars 0%
3 Stars 0%
2 Stars 0%
1 Stars 0%
How can we improve this article?
Please submit the reason for your vote so that we can improve the article.
Previous Are security audits performed routinely?
Next Do you have a documented Destruction of Media policy?

Recent Articles