Privacy Notice and Cookie Statement
Introduction
Skoolwork Ltd operates and manages Skoolmis (MIS). We are committed to protecting your personal data. This Privacy Notice sets out how we handle personal data that is provided to us or collected by us in relation to our website, MIS, general enquiries, and other contact with us.
If you have any questions about this Privacy Notice or how we handle personal data, contact gdpr-data-protection@skoolmis.com.
We may need to update this Privacy Notice from time to time so please check it regularly.
If you have any questions about this Privacy Notice or how we handle personal data, contact gdpr-data-protection@skoolmis.com.
We may need to update this Privacy Notice from time to time so please check it regularly.
Who we are and how to contact us
Skoolmis is a product of Skoolwork Ltd, a company in England registered with company number 11639333. We provide MIS software solutions to independent schools and educational establishments.
You can contact us via our registered office with the address: 960 Capability Green C/O Mmk Accountants Ltd, Luton, Bedfordshire, United Kingdom, LU1 3PE
Alternatively, you can email info@skoolmis.com
You can contact us via our registered office with the address: 960 Capability Green C/O Mmk Accountants Ltd, Luton, Bedfordshire, United Kingdom, LU1 3PE
Alternatively, you can email info@skoolmis.com
How we collect personal data
We collect and use personal data to provide you with relevant information and services.
1. Directly from you:
- When you submit an inquiry, register for a free trial, adjust your user account profile and preferences, or provide data to our MIS or website or mobile app.
- Through your interactions with us, including for purposes such as recruitment, entering competitions or surveys, submitting ideas, booking event tickets, or communicating with us via email, live chat, phone, or in person.
2. Automatically from Our Systems:
- Using technologies like cookies, we gather data from our website and MIS, including details such as IP address, browser type, session duration, location, traffic data, and the referring website.
3. From Trusted Partners:
- This includes data shared under data protection laws by group companies, subcontractors providing services like payment processing (we do not store or access card details), third parties that have informed you of their data sharing, and other subscribers to our services, such as educators or administrators at partner schools.
4. Publicly Available Sources:
- This encompasses information published by social media platforms, Get Information About Schools, local authorities, and government departments.
How we use personal data
The table below outlines in more detail how we use personal data. The lawful basis for processing your data may vary depending on your user type. For instance:
- If you are a school administrator or staff member and we are providing MIS services under contract, we process your data to fulfill our contractual obligations.
- For website users, the basis may differ, such as reliance on consent or legitimate interests.
In some cases, we may process personal data to comply with legal obligations or to safeguard our rights, interests, and those of others.
| Website operation and management (including mobile app) | ||
|---|---|---|
| Personal Data | Reason | Lawful basis (user dependant) |
| Website usage data (location and traffic data, length of visit, IP address etc.) | To operate, maintain and secure our website, including managing user traffic, displaying content from external platforms, and hosting and backend infrastructure. |
Our legitimate interest in operating, securing and improving our website.
User consent (where information is collected by non-essential cookies) |
| Communication, marketing and sales | ||
|---|---|---|
| Personal Data | Reason | Lawful basis (user dependant) |
|
Name Address Email address Phone number Role and organisation Publicly-available social media activity and profile contents Website and MIS usage data (location and traffic data, length of visit, IP address etc.) |
To send communications such as verifying user credentials, confirming instructions, issuing invoices, offering technical support, or providing renewal updates. To handle and respond to inquiries about our products and services. To evaluate and identify products or services that may align with your interests. To monitor communications for purposes like quality assurance, training, and preventing fraudulent activity. To invite your participation in activities such as market research, free trials or demonstrations, contests, and promotions. To notify you about products and services that might be of interest to you. |
To meet contractual obligations, including providing requested information, managing payments, and maintaining accurate records. To support our legitimate interests in communicating about our services and fostering the growth and enhancement of our business and offerings. To uphold our legitimate interests in fraud prevention. To process your data with your consent, where applicable. |
| Provision of our MIS software | ||
|---|---|---|
| Personal Data | Reason | Lawful basis (user dependant) |
|
Name School / academy / trust / organisation at which you are registered Communication preferences Academic record, including behaviour, attainment and attendance Medical needs and dietary requirements Special education needs Training records Career experience Other user-generated content Relationship to other individuals (e.g. parent/guardian) Other information received from the school or academy MIS usage data (location and traffic data, length of visit, IP address etc.) |
To grant you access to our MIS platform. To allow third-party service providers and schools to connect to our MIS through an API. To maintain the technical security and ensure the continuity of our systems. To operate and manage essential tools for product and technical support. To gain insights into your experience and enhance the quality of our offerings. |
To meet contractual obligations, including providing requested information, managing payments, and maintaining accurate records. To support our legitimate interests in communicating about our services and fostering the growth and enhancement of our business and offerings. To uphold our legitimate interests in fraud prevention. To process your data with your consent, where applicable. |
We do not engage in automated decision-making, including profiling, where decisions are made entirely by automated systems without human involvement, particularly when such decisions could have legal or significant impacts on you.
If our website or mobile app contains links to third-party websites, we encourage you to review their privacy policies to understand how they handle your personal data.
Our role as data processor and data controller
We act as a data controller when we determine the purposes and methods for processing personal data. This includes activities such as registering you for our services, conducting marketing and invoicing, generating benchmarks and analytics from aggregated customer data, and providing customer support.
When processing personal data on behalf of a school, organisation, academy, or trust registered with us for our MIS services, we operate as a data processor. In such cases, the respective school, organisation, academy, or trust serves as the data controller. For details on how personal data is handled in these instances, please refer to the privacy policy of the relevant school, organisation, academy, or trust.
When processing personal data on behalf of a school, organisation, academy, or trust registered with us for our MIS services, we operate as a data processor. In such cases, the respective school, organisation, academy, or trust serves as the data controller. For details on how personal data is handled in these instances, please refer to the privacy policy of the relevant school, organisation, academy, or trust.
How we share your data and with whom
We may share personal data in the following circumstances:
- Within our company group to facilitate internal shared support services where necessary.
- With our service providers for services such as email delivery, cloud storage, technical data analysis, sales fulfillment, customer support, accounting and billing, surveys and messaging, business intelligence, and other operational needs.
- With your consent when you have explicitly agreed to data sharing.
- For legal and protective purposes where required or permitted by law to meet legal, regulatory, financial, or professional obligations; to enforce our User Terms; to safeguard our rights, property, or safety, as well as that of others; or for other necessary reasons.
- In the event of business changes if we or our assets are acquired or merged with a third party, personal data may be included as part of the transferred assets.
Certain personal data of MIS users may be accessible to authorised individuals representing their school, academy, or trust. Specific access permissions can be reviewed within your account profile on our MIS.
Administrators at schools, organisations, academies, or trusts using our MIS can view organisational information, including the list of permitted MIS users and their roles.
We may also share data with administrators or organisations to verify eligibility for MIS registration.
How we store and transfer your data
We retain personal data only for as long as it is necessary to fulfill the purposes for which it was collected, subject to legal and regulatory obligations (including those related to public contract procurement). If we have obtained your consent, we may retain your data for a longer period. For users of our MIS, personal data is retained for the duration of the subscription term and a limited time thereafter, in accordance with our data retention policy.
Some of our service providers operate outside the UK and EEA, including in regions with data protection laws that differ from those in the UK. In such cases, we implement safeguards to ensure that personal data is handled securely and in compliance with UK data protection standards. For further details on these safeguards, please feel free to contact us.
Some of our service providers operate outside the UK and EEA, including in regions with data protection laws that differ from those in the UK. In such cases, we implement safeguards to ensure that personal data is handled securely and in compliance with UK data protection standards. For further details on these safeguards, please feel free to contact us.
Cookies
We use cookies and similar technologies to ensure our website functions properly, to gain insights into how it is used, and to optimize advertising efforts. Some cookies are essential for the website’s core functionality. Additionally, we use non-essential cookies, such as those from Google Analytics, to analyze how users navigate to and interact with our website. You can manage or disable cookies through your web browser settings or directly on our website, though doing so may affect its functionality.
Your rights
Under UK GDPR, you have the following rights relating to your personal data:
- Right to Access: You can request access to your personal data and obtain a copy of it.
- Right to Rectification: You can request that inaccurate or incomplete data be corrected.
- Right to Erasure: You can ask us to delete your personal data in certain circumstances.
- Right to Restrict Processing: You can request that we restrict the processing of your personal data.
- Right to Data Portability: You can request to receive your personal data in a structured, commonly used format for transfer to another organisation.
- Right to Object: You can object to processing based on legitimate interests or direct marketing.
- Right to Withdraw Consent: If we rely on your consent to process your personal data, you can withdraw that consent at any time.
To exercise any of these rights, please contact us using the contact details provided on the Contact Us section.
Last updated: November 2024