draft contract for the tapestry online learning journal · draft contract for the tapestry online...
TRANSCRIPT
ThisisanautomaticallygeneratedmarkedupcopyofthedifferencesbetweentheTapestryOnlineLearningJournaldraftcontractof5January2018andtheseconddraftof12March2018.Itisn’tperfect(e.g.,changestonumberingappeartobetrackedinconsistently)forwhichwearesorry,butwehopeithelps.
Draft Contract for the Tapestry Online Learning journal
FoundationStageForumLtd
5January12March2018
A note on this draft ThisisanearlyanearfinaldraftofanewcontractbetweentheFoundationStageForumLtdandourcustomerswhouseTapestry.Ifyouhavereadapreviousdraft,youcanseealistofchangesattheendofthisdocument,oraWordversionwith“TrackChanges”athttps://tapestry.info/draft-contract.
Wearen’ttryingtochangeanythingfundamentalaboutourrelationshipandwhatwedoforyou.Butwearetryingto:
1. Improvetheclarityofthecontract.2.1. Makeitunambiguouslyclearhowweworktogethertoensurewearecompliantwith
theforthcomingchangestodataprotectionlawintheEU(knownastheGDPR).
Thisisnotthefinalcontract.Itisadraftandwewouldlikeyourfeedbackinordertomakeitbetterforallourcustomers.Pleasesendyourthoughtstocontract-feedback@[email protected].
ThegoalistoagreeanupdatedhaveafinalcontractbytheendofMarch2018andagreeitwithallourcustomersbytheendofMarch2017April2018.
Your contract with us for the use of Tapestry 1. WearetheFoundationStageForumLtd,acompanyregisteredinEnglandwith
companynumber05757213andaregisteredaddressof1,SouthdownAvenue,LewesBN71EL,UK.
2.1. Youareachildminder,educator,nursery,schoolorsimilareducationalorganisation.
What you get 3. Thiscontractisfora12monthsubscriptiontoTapestry,ouronlinelearningjournal,
togetherwith:– Ourtutorials– EmailsupportduringUKbusinesshours
– Accesstothehttps://eyfs.infohttps://eyfs.infodiscussionforum
What you do not get 4. Wedonotprovidetelephoneorfacetofacesupport.However,atourdiscretion,we
mayoffertocallyouifwewefeelaquerycouldbebetterresolvedoverthephone.Wealsodoofferbookabletelephonesupportsessionsforafee.
5.4. WedonotprovidedirectsupporttoanyrelativesthatyouaddtoTapestry.Iftheycontactus,wewillusuallydirectthembacktoyou.Wedothisbecauseitisdifficultforustoknowwhethertheirrequestsareauthorisedbyyou.
6.4. WedoourbesttoprovideTapestryatalltimes(seeourAnnexB:TapestrySecurity),butwecannotguaranteethis.
Tapestry, our online learning journal 7. YoumustbetheDataControlleroftheinformationthatyouenterintoTapestry(as
youareforyourpaperrecords),);wewillbetheDataProcessor.Ifyoudon’tknowwhatthosetermsmean,itisessentialthatyoufindout.Astartingpointforfindingoutishttps://ico.org.uk.https://ico.org.uk.
8.7. Youagreewithourapproachtodataprotection,privacyandsecurityandtodoyourpart.Wedescribeourapproachandwhatweexpectofyouintheselinkedannexes:– AnnexA:TapestryDataProtection– AnnexB:TapestrySecurity– AnnexC:TapestryPrivacy
9.7. Youagreetoourcurrentsub-processors:– AnnexD:TapestrySub-processors
7. WearecompliantwithUKdataprotectionlegislation(sometimesreferredtoasthe‘GDPR’).
8. ThiscontractcontainsthetermsrequiredforadataprocessingagreementunderUKdataprotectionlegislation.
10.9. WewillhelpyoutocomplywithyourdutiesunderUKdataprotectionlegislation.Inmostcasesyoucanusethetoolsweprovide.Ifyouaskusforextrahelpincomplyingwewillgiveittoyou,butwemaychargeyouourcostsinhelping.MoredetailisprovidedinAnnexA:TapestryDataProtection.
11.7. IfyouwishtoauditusunderUKdataprotectionlegislation,youmaydoso,butwemaychargeyouourcostsinparticipatinginyouraudit.
Our tutorials 12.14. Youmaycopy,store,shareandadaptourtutorialsforthepurposeofmakingbetter
useofTapestry.
Our Billing and Support System 13.15. Ifyoucontactusbyemailorthroughourwebsitesthenwewillstoreandprocess
theinformationyouprovideinourbillingandsupportsystem.UnlikethedatayouenterintoTapestry,wearetheDataControllerforinformationinourbillingand
supportsystem.WedescribehowweusethatdatainAnnexE:Billingandsupportdata.
Our Discussion Forum 14.16. Youdonotneedtouseourdiscussionforum.Butifyouchooseto,thenyouagreeto
theconditionssetoutinAnnexF:Useofourdiscussionforum.
Fees 15.17. YoumustpayourfeeinfullbeforewewillstartyourTapestrysubscription16.17. Ourfee,assetoutonourwebsite,isbasedonthemaximumnumberofchildrenyou
wishtohaveinyourTapestryaccountduringthe12monthsubscription.17. Youcanaddorremoveindividualchildrenthroughouttheyearsolongasthe
maximumnumberofchildrenisnotexceededatanyonemoment.18.17. Ifyouhavenotpaidyourfeeinfullthen:• wemaynotprovideaccesstoTapestry.• after90days,wewilldeletethedatathatyouhaveenteredintoTapestry.19.21. Ifyouwishtoincreasethemaximumnumberofchildrenyoucanhaveinyour
Tapestryaccountduringthe12monthsubscriptionthenwewillchargeyouthedifferencebetweenwhatyouhavepaidandthecurrentfeeforanaccountwiththeincreasednumberofchildren.Thiswillnotextendyoursubscription.
20.21. YoumustpayusUKPoundsSterlingincludinganyapplicableVAT.Ifyouchoosetopaybybanktransferyoumustbearallcurrencyconversionandbanktransfercosts.
Termination 21.23. YoucanstopusingTapestryatanytimeandaskustoreturnand/ordeletethedata
youhaveenteredintoTapestry,butwewillnotrefundanyfeesthatyouhavepaidunless:– YouarewithinthefirstmonthofyourTapestrysubscription– Wemateriallychangethiscontracttoyourdetriment
22.23. Wemay,afterdiscussingthesituationwithyou,stopprovidingyouwithTapestryifyou:– misuseoursystemsor– createanunreasonableloadonoursystemsor– causeusunreasonablecostsor– abuseourstaffor– breachthiscontract.
Changes and disputes 23.25. Ifsomethinggoeswrong,unlessotherwiserequiredbylaw,ourtotalliabilityto
youeachotherislimitedtotheannualfeethatyouhavepaidusforTapestry.25. OneexampleofwherethelawrequiresdifferentliabilityisinbreachesofUKdata
protectionlaw.Wecanbothbeinvestigatedandfinedbytherelevantsupervisoryauthoritiesandwebothmaybeliabletopaycompensationfordamagescausedby
breachingthislaw.Ifitlaterturnsoutthatoneorotherofuswasn’tresponsibleforthebreach,thenwecanclaimbacktheshareofliabilityfromtheresponsibleparty.
24.26. OurcontractwithyouisunderEnglishlawandanydisputewillbesettledbyanEnglishcourt.
25. Thisdocument,togetherwithitsannexesareourentirecontractwithyou.Ifyouwanttovarythiscontract,oraddadditionalterms,thentherewillneedtobewrittenandexplicitagreementbetweenyouandoneofourcompanydirectors.Tokeepourcostsandpricesdown,werarelydothis.Inparticular,unlessexplicitlyagreedtobyoneofourcompanydirectors,wedonotacceptanystandardpurchasingtermsandconditionsthatyoumayusuallyapply.
26.25. Wemaychangethiscontract,butwillgiveyoureasonablewarning.
Annex A: Tapestry Data Protection WearetheFoundationStageForumLtd,acompanyregisteredinEnglandwithcompanynumber05757213andaregisteredaddressof1,SouthdownAvenue,LewesBN71EL,UK.
Youareachildminder,educator,nursery,schoolorsimilareducationalorganisation.
ThisAnnexrelatestotheuseofTapestry,ouronlinelearningjournal.AnnexErelatestodatainourbillingandsupportsystem.AnnexFrelatestodatainourdiscussionforum.
WeneedtoworktogethertoensurewearecompliantwithdataprotectionregulationswhenusingTapestry.
Thisannexshouldbereadinconjunctionwithouroverallcontractand,inparticular,AnnexBwhichexplainingourapproachtosecurityandAnnexDwhichlistsoursubprocessors.
Our jurisdiction WeareheadquarteredintheUK.ThiscontractisunderUKlaw.
OurleadsupervisoryauthorityfordataprotectionistheUKInformationCommissioner’sOffice(https://ico.org.uk).(https://ico.org.uk).
Where is data stored? OurprocessingandstorageofyourdatahappenswithintheEU.
TheprimaryprocessingandstoragelocationisinIreland.
OuroffsitebackupsarestoredinGermany.
OurofficeisintheUK.
Fortheavoidanceofdoubt:Thestoragelocationispartofyourcontractwithus.Ifwewishedtochangewhereyourdataisstored,wewouldneedtochangethiscontract,andcontractchangesalwaysrequireagreementfrombothyouandus.
Toprovidealittlemoredetail:
• AlmostallstorageandprocessingiscarriedoutoncomputersandnetworksprovidedbyAmazonWebServices(AWS)asub-processorwhowelistinAnnexD.WeinstructthemtoonlystoredataoncomputersintheirdatacentreslocatedinIreland(fortheprimarysystem)andGermany(forthebackupsystem).Theyarecontractuallyboundnottomovedataelsewherewithoutourpermission.
• Theexceptionsare:– Onveryrareoccasions,andsubjecttostrictsafeguards,wemaystoreand
processsomedatalocallyinourofficesinordertodiagnoseorfixabug.OntheseoccasionsdatawillbestoredandprocessedinLewesintheUK.Someofthesafeguardsare:weonlydoitwhenwehaveto–itisneverroutine;westoretheminimumpossibleamountofdatalocally;weonlystoreitonencryptedsecuremachines;wedeleteitassoonaspossible.
– ViewingyourTapestryaccountinawebbrowsermay,technically,countasdataprocessing.ThereforeifoneofthepeopleyougiveaccesstoyourTapestryaccountlogsinfromanothercountrythatmay,technically,countasdataprocessinginthatcountry.
What data is placed into Tapestry? YouareincontrolofthedatayouputintoTapestry.Youchoosewhattoadd,youchoosewhatisdonewithitandwhoitissharedwith.Youcanalwaysaccess,correctanddeletethedata.
WhenyouuseTapestry:
1. Youenterdataaboutthechildreninyourcare,theirprogressandtheirwelfare.Youchoosewhichchildrenandwhatdata.
2.1. Youcan,optionally,analyseandmonitorthechildren’sprogressandwelfare.3.1. Youcan,optionally,sharethedataaboutthechildrenwithothersthatyouchoose,
suchasachild’srelatives.4.1. Youcanaddtextand,optionally,picturesandvideos.5.1. Youcanchoosewhenandwhatdatatodelete.6.1. Youcancorrectanydatathatyouenter.
ThisisdescribedinmoredetailinAnnexC:TapestryPrivacy.
Who is responsible for what? Thefirstthingtoagreeisthat:
1. Youarethedatacontrollerfordatayou,orthepeopleyougiveaccess,addtoTapestry.
2.1. Wearethedataprocessor.
Ifyoudon’tknowwhatthosetermsmean,itisessentialthatyoufindout.Astartingpointforfindingoutishttps://ico.org.uk.https://ico.org.uk.
Youmust:
• HavealawfulbasisforenteringdataintoTapestry.• UseTapestryinawaythatiscompliantwithdataprotectionlaw.• Respondtodataprotectionrequests.• KeepyourcontactdetailsonTapestryuptodate.
Wemust:
• Onlyprocessdataonyourinstructions.• Ensurethatpeopleweusetoprocessyourdataaresubjecttoadutyofconfidence.• Takeappropriatemeasurestoensurethesecurityofourprocessing.• Onlyengagesub-processorswithyourpriorconsent.writtenconsent(seeAnnexD).• Assistyouinprovidingsubjectaccessandallowingdatasubjectstoexercisetheir
rightsunderdataprotectionlaw.• Assistyouinmeetingyourlegaldataprotectionobligationsinrelationto:
– thesecurityofprocessing.– thenotificationofpersonaldatabreaches.– anddataprotectionimpactassessments.
• Deleteorreturnallpersonaldatatoyouasrequestedattheendofthecontract.• Submittoyourauditsandinspections.• Provideyouwiththeinformationtomeetyourlegalobligations.• Tellyouifwebecomeawareofadatabreach• Tellyouimmediatelyifweareaskedtodosomethinginfringingdataprotectionlaw.
What we expect of you
You must have a lawful basis for putting data into Tapestry
WerelyonyoutoensureyouhavealawfulbasisforputtingdataintoTapestry.Ifyouhaven’tworkedoutwhatyourlawfulbasisis,pleasedosoimmediately.Onceagain,theUKInformationCommissionersOffice,https://ico.org.uk,https://ico.org.uk,isagoodstartingpoint.
Pleasedon’tleaptoassumingconsentistheonlylawfulbasisforyou,butcarefullyconsiderthesixpossiblebasesdescribedinlawandworkoutwhichisright,givenwhatyouintendtostoreinTapestryandhowyouintendtouseandshareit.
Ifyouarerelyingonconsentasyourlawfulbasis,thenwerelyonyoutohavegainedtheconsentforwhateverdatayouintendtoputonTapestryandtoremovedataifconsentislaterwithdrawn.
You must use Tapestry in a way that is compliant with data protection law
AsthecontrollerofthedatayouputinTapestry,youmustcomplywithdataprotectionlaw.Thisincludesensuringthatthedatais:
1. Processedlawfully,fairlyandinatransparentmannerinrelationtoindividuals.2.1. Collectedforspecified,explicitandlegitimatepurposesandnotfurtherprocessedina
mannerthatisincompatiblewiththosepurposes;furtherprocessingforarchivingpurposesinthepublicinterest,scientificorhistoricalresearchpurposesorstatisticalpurposesshallnotbeconsideredtobeincompatiblewiththeinitialpurposes.
3.1. Adequate,relevantandlimitedtowhatisnecessaryinrelationtothepurposesforwhichtheyareprocessed.
4.1. Accurateand,wherenecessary,keptuptodate;everyreasonablestepmustbetakentoensurethatpersonaldatathatareinaccurate,havingregardtothepurposesforwhichtheyareprocessed,areerasedorrectifiedwithoutdelay.
5.1. Keptinaformwhichpermitsidentificationofdatasubjectsfornolongerthanisnecessaryforthepurposesforwhichthepersonaldataareprocessed;personaldatamaybestoredforlongerperiodsinsofarasthepersonaldatawillbeprocessedsolelyforarchivingpurposesinthepublicinterest,scientificorhistoricalresearchpurposesorstatisticalpurposessubjecttoimplementationoftheappropriatetechnicalandorganisationalmeasuresrequiredbytheGDPRinordertosafeguardtherightsandfreedomsofindividuals.
6.1. Processedinamannerthatensuresappropriatesecurityofthepersonaldata,includingprotectionagainstunauthorisedorunlawfulprocessingandagainstaccidentalloss,destructionordamage,usingappropriatetechnicalororganisationalmeasures.
Source:https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/principles/
Source:https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/principles/
Wewilldoourpartinhelpingyoutocomply(describedbelow).
You must respond to data protection requests
UsingTapestrynormallyinvolvesprocessingdataaboutpeople(children,possiblystaff,possiblyrelatives).Thosepeoplehaverightsunderdataprotectionlaw,including:
1. Therighttobeinformed2.1. Therightofaccess3.1. Therighttorectification4.1. Therighttoerasure5.1. Therighttorestrictprocessing6.1. Therighttodataportability7.1. Therighttoobject
8.1. Rightsinrelationtoautomateddecisionmakingandprofiling
Source:https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/individuals-rights/
Source:https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/individuals-rights/
Youareresponsibleforrespondingtothoserequests.Wehavedesignedoursystemtohelpyoutorespond.
The right to be informed
Inparticular,pleaseensureyouproactivelydealtwiththe“righttobeinformed”–youmustnotwaitforpeopletoaskyou.
TheUKInformationCommissioner’sOfficehasadviceonthis:https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-be-informed/.
Youmaywishtouseour‘AnnexC:TapestryPrivacy’asastartingpointforinformingyourstaffandtherelativesandchildrenwhosedatayouaddtoTapestry.Butyouwillprobablyneedtoadaptittocover:yourcontactdetails,yourlawfulbasisforaddingdata,whoyouintendtosharethedatawithandwhyandwhenyouintendtodeletethedata.Sincethenewdataprotectionlawcoversalldata,whetheritisoncomputeroronpaper,youmaywishtoincorporatethisintoasinglewiderdocumentthatcoversallthedatayouprocess.
You must keep your contact details on Tapestry up to date
YoumustkeepyourcontactdetailsuptodatewithinTapestry.Weusetheseto:
1. Contactyou2.1. Verifythatinstructionswereceivecomefromyou
Iftheyarenotuptodate,youmaynotreceiveourmessages.
Inparticular,wesometimesreceiverequestsfromcustomersstatingthattheonlymanagerregisteredonaschool,childminderornursery’sTapestryaccounthasleft,andrequestingthattheownershipbetransferredtoanewperson.Inordertoverifythattherequestislegitimatewehavetotakeseveralsteps.Evenifthesestepsaresuccessful,theymaymeanadelayofweeksduringwhichtimeTapestrymaynotbeaccessiblebyyou.Toavoidthis,pleaseensureyouupdatecontactdetailsbeforeamanagerdepartsand,ideally,alwaysregistermorethanonemanagerontheTapestrysystem.
What you can expect of us
We will only process data on your instructions
Tapestryonlydoeswhatyoutellit.Wedonotdoanyprocessingthatyoudonottellustodo.
Tobeabsolutelyclear:wedon’townlicenseorclaimownershipofyourdata;wedon’tsellyourdata;wedon’tuseyourdataforadvertising;wedon’tpassonyourdataexceptwhenyouinstructusto.
YoucanadduserstoTapestrywhocanthenalsoinstructTapestry.Youcanadjustwhatdatathoseusersseeandwhattheycandowiththedata.
PeoplewhosedatayouhaveaddedtoTapestryhavearighttorestrictprocessing.Ifyouhavebeentoldbysomeonetorestrictprocessingofsomeone’stheirdata,thenyouareresponsiblefornotusingTapestrytodoanyfurtherprocessingofthatperson’sdata.YouareresponsibleforensuringanyusersthatyouhaveaddedtoTapestrydonofurtherprocessing.TheeasiestwaytodothatistouseTapestrytomarkthechildoruserasinactive.
Who can instruct us
WeprefertoacceptinstructionsthroughtheTapestrywebinterfaceorapps.Thisinterfacehasoptionsforauthorisingdifferentusersandgivingthemdifferentlevelsofpermissionaboutwhattheycaninstructustodo.
Wemayalsoacceptinstructionsthroughoursupportticketsystemorbyemailiftheycomefrom:
• SomeonewhowehaveverifiedisregisteredontherelevantTapestryaccountwiththestatusofa‘manager’.
• Someonewhowehaveverifiedisanappropriaterepresentativeoftheaccountowner(e.g.,theheadorbursarofaschool,orthedirectorormanagerofanursery).
Dependingonthenatureoftheinstructionandtheroutebywhichwereceivetheinstruction,wemayneedtotakeextrastepstoverifythattheinstructionislegitimate.Thismayleadtoadelayinuscarryingouttheinstruction.
We will ensure that people we use to process your data are subject to a duty of confidence
Ourstaffwhoprocessyourdataare:
1. Contractuallyboundtokeepyourdataconfidential.2.1. Vettedbyus.ThisincludesaDBScheck,whichisupdatedannually.
We will take appropriate measures to ensure the security of our processing
ThemeasureswetakearedescribedinAnnexB.
WehavestartedtheprocessofbecomingcertifiedasISO27001compliant.Whenwehavebecomecertifiedwewillupdatethiscontracttoconfirmthatweare.
We will engage sub-processors only with your prior consent
Weusesub-processorsinawaythatiscompliantwithUKdataprotectionlaw.Oursub-processors,andwhattheydo,andourprocessforseekingyouragreementtoanychangesaredescribedinAnnexD.Wewillemailyouinadvanceofanychangestogiveyoutimetoobject.
Anysub-processorsweusearealwaysunderawrittencontractandarealwaysboundtokeepyourdataconfidential.
We will assist you in providing subject access and allowing data subjects to exercise their rights under data protection law
YoucandownloadalltheinformationthathasbeenenteredintoTapestry.
[NOTYETIMPLEMENTED:WeprovideasectioninthecontrolpanelwhereyoucandownloadasinglefilethatbringstogetheralltheinformationTapestryholdsaboutaparticularchildoraparticularuser.]
YoucancorrectalltheinformationthathasbeenenteredintoTapestry.
YoucandeletealltheinformationthatyouhaveenteredintoTapestry.
We will assist you in meeting your legal data protection obligations
The security of processing
WedescribeourcurrentsecurityapproachinAnnexB.
IfyoubelievethatthereissomethingthatshouldbedescribedinAnnexBbutisnot,pleaseletusknow.
Ifyouwishustodescribeoursecurityinaparticularway(suchasbyfillingoutformsforyou)thenwemaypassonourcostsindoingso.
Wedonotusuallyimplementbespokesecuritymeasures.However,wearealwaysinterestedinimprovingourservice,sopleasedoletusknowofanythingthatyouwouldliketosee.
Notification of personal data breaches
Ifwebecomeawareof,orsuspect,adatabreach,wewilltellyouwithoutunduedelay.Ifyoubecomeawareof,orsuspect,abreach,pleasetellusassoonasyoucan.
Ifthereisapersonaldatabreach,wewill:
1. Helpyoutopreventfurtherbreaches(e.g.,ifsomeonehasstolenacomputerusedbyyoutologintoTapestry,andyouareconcernedthatyourTapestrypasswordwasstoredonthatcomputer,wecandisabletherelevantaccountsandchangetherelevantpasswords).
1.2. Helpyoutoworkoutwhohasbeenaffected.2.1. Helpyoutoworkoutwhatdatamayhavebeenbreached.3.1. Helpyoutodeterminethecauseofthebreach.4.1. HelpyouinyourdealingwiththeInformationCommissionersOffice.
TheInformationCommissionersOfficerequirenotificationyoutonotifythemofanydatabreachthatis“likelytoresultinarisktotherightsandfreedomsofindividuals”within72hoursofyouorusbecomingawareofit.Wewillprioritiseourworktohelpyoutomeetthatdeadline.
Ifyouwishustogofurtherthanthat,wewilldoourbestbutmayhavetopassonourcostsinhelpingyou.
Data protection impact assessments
Wecannotcarryoutadataprotectionimpactassessmentforyou,becausewedonotknowwhatdatayouintendtoplaceinTapestry.
[NOTYETIMPLEMENTEDWedoprovidesomeexampledocumentsonrisksthatyoucancustomisewhencarryingoutyourownassessments.]
Ifyouwishustogofurtherthanthat,wewilldoourbestbutmayhavetopassonourcostsinhelpingyou.
We will delete or return all personal data to you as requested at the end of the contract
Youcandeletedataatanytime.Youcandownloaddataatanytime.
Attheendofthecontractourstandardpracticeistodeleteyourdatafromoursystemsafter90days.Thedatawillbedeletedfromourbackupsystems90daysafteritisdeletedfromoursystems.Wearehappytodeleteyourdatasoonerifyouaskusto.
Wearehappytoreturnyourdatatoyouatanytime.Ifyouwantyourdatainaparticularformat,wewilldoourbest,butmayhavetopassonourcostsinprovidingittoyouinthatformat.
Wewillnotdeletedataifwearerequiredbylawtokeepit(forinstance,foranongoingpoliceordataprotectioninvestigation).
We will submit to your audits and inspections
WeprovideourapproachtosecurityinAnnexBforyoutoaudit.
WehavestartedtheprocessofbecomingISO27001certified.Whenwehavedoneso,wewillupdatethiscontractandprovideyouwithaccesstothecertificationforyoutoaudit.
Ifyouwanttosubmitustofurtherauditorinspection,wewilldoourbesttohelpyou,butmayhavetopassonourcostsincomplyingwithyourrequest.
We will provide you with the information to meet your legal obligations
Webelievethiscontractanditsannexes,combinedwiththetoolsprovidedwithinTapestry,provideyouwithwhatyouneedtomeetyourlegalobligations.Ifyouthinkthereissomethingmissing,pleaseletusknow.
Ifyouhaveaspecificorunusualrequestforinformation,wewilldoourbesttohelpyou,butmayhavetopassonourcostsincomplyingwithyourrequest.
We will tell you if we become aware of a data breach
Ifwebecomeawareofadatabreach,wewilltellyouaboutitandhelpyoutomeetyourobligationsaswe’vedescribedabove.Wewilldothiswithoutunduedelay.Pleasekeepyourcontactdetailsuptodatesothatwecancontactyouquickly.
Ifwesuspectapossibledatabreachwemay‘lockdown’accesstoTapestryifwethinkthatwouldhelppreventafurtherbreach.ThiswouldmeanthatsomeorallusersofTapestrywouldlosepartialorcompleteaccesstoTapestrywhileweinvestigateandfixwhateverledtothebreach.Wewouldinformyouassoonaspossibleifweneedtodothis.
We will tell you immediately if we are asked to do something infringing data protection law
Ifweareaskedtodosomethingthatwebelieveinfringesdataprotectionlawwewillnotdoso,andwewilltryandreachyouthroughthecontactdetailsyouhavegivenustoexplainwhathashappened.
If something goes wrong
Complaints
Ifyouhaveacomplaint,[email protected]@eyfs.info.
Our Data Protection Officer
Ifyouhaveaconcernthatwehavenotaddressed,pleasecontactourDataProtectionOfficer:
[email protected]@eyfs.info1SouthdownAvenueLewesBN71ELUK
Frequently Asked Questions
With regard to Brexit: will the data be hosted and backed up in the UK once Brexit is finalised? WedonotknowyethowdataprotectionlawwillchangewithBrexit.ButarekeepinganeyeondevelopmentsandmakewhateverchangesarerequiredtobecompliantwithUKdataprotectionlawasitchanges.
Annex B: Tapestry Security ThisannexrelatestotheuseofTapestry,ouronlinelearningjournal.AnnexErelatestodatainourbillingandsupportsystem.AnnexFrelatestodatainourdiscussionforum.
Securityofasoftwareserviceorproductinvolvesmanyaspects,andsatisfyingyourselfthatyoushouldputyourtrustinaproductcanandshouldrequirethatyouaskquestionsoftheorganisationandpeopleoverseeingthatsecurity.ThisannexaimstogiveyouanunderstandingofwhoweareandhowwehaveaddressedtheimportantissueofprotectingtheintegrityofTapestry.
Security Responsibilities Securityisonlyasstrongastheweakestlink.Wethereforeneedtoworkwithyou,theaccountholder,togetherwithanystaffandrelativesyougivepermissiontouseTapestrytoensuretheoverallsystemissecure.Thisannexexplainswhatwedoandwhatwehopeyouwilldo.
Thelatestcopyofthisannex,togetherwithourtermsandconditionsarealwaysavailableinthecontrolpanelofyourcopyofTapestry.
Who are we? Tapestryisthenameofaproductthatwasconceived,developedandisownedbyTheFoundationStageForumLtd.,anearlyyearsorganisationthathasprovidedresourcesandsupportfortheearlyyearsworkforcesinceFebruary2003.Wehavecontractswithmanylocalauthorities,someofwhichhavebeeninplacefortenormoreyears.
The Foundation Stage Forum Ltd
TheFoundationStageForumLtdisaVATregistered,privateUKlimitedcompany.
Ourcompanynumberis05757213.
Ourregisteredofficeisat:
1, Southdown AvenueLewes
East SussexBN7 1EL
OurVATregistrationnumberis932933317.
Youcanwritetousatourregisteredoffice,[email protected].
OurcontractsareunderUKlaw.
Wehavetwodirectors:HelenandStephenEdwards.
Director: Stephen Edwards MSc
SteveisthefounderoftheFSF.HeworkedformanyyearsasatechnicalmanagerforthetelecommunicationsorganisationEricsson,havingcompletedaMastersDegreeininformationsystems.Hebecameinterestedintheearlyyearsasaresultofhiswife(Helen,seebelow)settingupanurseryintheirhome,andleftEricssontosetuptheFSFin2002asaresourceandsupportnetworkfortheearlyyearsworkforce.HehasbeenfullyoccupiedwiththeFSFeversince,conceivinganddrivingthedevelopmentofTapestryasapartofthiscommitment.
Steveistheboardmemberresponsibleforsecurity.
Director: Helen Edwards DPhil
Helenhasbeenworkingwithyoungchildrensince1989,firstlyasaprimaryschoolteacher,andthenasasuccessfulnurseryowner/manager,followedbyemploymentasalocalauthorityadvisoranduniversitytutor,andmorerecentlyasanOfstedinspector.ShealsoholdstheEYPstatus.
Data Protection Officer: Lauren Foley
LaurenFoleyisourDataProtectionOfficer.Herdirectemailisdpo@[email protected].
LaurenjoinedtheFoundationStageForumin2014aftergraduatingfromtheUniversityofBirmingham.ShewasdesignatedourdataprotectionofficeraftercompletingGDPRtraininginNovember2017.
Data Protection Law WearecompliantwithUKdataprotectionlaw.WedescribeourapproachtodataprotectioninAnnexA.
Tosummariseitinbrief:You,theTapestryaccountmanager,ownthedatayouputonTapestry.We,FoundationStageForumLtd,donot.Intechnicalterms,youaretheDataController,wearetheDataProcessor.
Wewillonlydothingswithdatathatyou,orpeoplethatyougivepermissionto,request.
Wewillnotaccessyourdatawithoutyourpermission.
Weonlyusethedatayouentertoprovidetheserviceyousee:anonlinelearningjournalthathelpsyoutomonitortheprogressofchildren,communicatewithparentsandthegovernmentandmanageyouractivities.
Tobeabsolutelyclear:wedon’tusethedataformarketing;wedon’tsharethedatawithotherstodomarketing.
Youshouldbeawareofyourresponsibilitiesasadatacontroller.YoucanfindoutmoreattheInformationCommissioner’sOfficewebsite:https://ico.org.uk/for-organisations/.
YouareresponsibleformakingsurethatyouonlyputdataonTapestrywhereyouhavepermissiontodoso.i.e.,ifaparenthasagreedwithyouthatnophotosoftheirchildshouldbetaken,youareresponsibleforensuringthatnoneofthephotosaddedtoTapestrydepictthatchild.
Access to data Onlyyou,andthoseyouauthorise,willhaveaccesstoyourTapestryaccounts.Youcanrestrictthepeopleyouauthorisetoonlybeabletoviewdataaboutsomechildren.
Ifweneedtoaccessyouraccounttosortoutaproblemyouarehaving,wewillaskyourpermissionfirst.
WewillnotgiveTapestryaccountinformation,oraccesstoyourTapestryaccount,toanyoneotherthanthoseindividualsyouhavesetupasstaffmembers.
Relativescontactingusforaccessdetailswillalwaysbereferredtoyou,theTapestryaccountholder.
Underthedataprotectionact,individualshavearighttoseeacopyofinformationthatanorganisationholdsaboutthem.Asthedatacontroller,youwillneedtorespondtothoserequestsandwe,asthedataprocessor,willhelpyou.Thisisnormallyeasy,sinceyoucanalwaysseeandprinttheinformationyouhaveentered.
Deleting data when it is no longer needed Youcanmodifyanddeletethedatayouenter.
Inthecommoncaseofchildrenleavingyoursetting,youcanmovethemintoa‘deleted’area,where(afteradelayofninetydaystoavoiddisastrousmistakesoccurring)theirdatawillbedeleted(thisincludesrelevantpictures,videos,journalsandreports).
Youcaninstructustodeleteallyourdataatanytime.Butthisisallornothing.Ifyoujustwanttodeletesomeofyourdata,youwillneedtousethecontrolpanelinthesystemtodosoyourself.
IfyouletyoursubscriptiontoTapestrylapse,wewilldeletealldataassociatedwithit.Wedelaythedeletionfor90daysincaseyoursubscriptionhasinadvertentlylapsed(e.g.,it
happenedwhileyouareonholiday,ortherewasadelayinyourLocalAuthoritypayingourinvoice)butifyouexplicitlyaskustothenwewilldeleteyourdataimmediately.
Datawillremaininourbackupsfor90furtherdays.Ifyouwish,youcaninstructustotodeleteallyourdatafromthesebackups.Butitisallornothing.Wecannotdeletesomeofyourdataonthesebackups.
Oncethedataisdeletedfromourbackupswecannolongerrecoverit.
Organisational data security
ISO 27001
WeareworkingtowardsbecomingindependentlycertifiedasISO27001complaintcompliant.Whenwehaveachievedcertificationwewillupdatethiscontractandprovideyouwithaccesstothecertification.
Ourdatacentercentre,AmazonWebServices,hasbeenindependentlycertifiedasISO27001compliant.
Staff
Wearecarefulinwhoweemploy.AllourstaffwithaccesstoyourdatahavebeencheckedandclearedbytheDisclosureandBarringService(DBS)andwechecktheirDBSstatusannually.
Thecompanythathostsourserversanddatabases,AWS,alsovetstheirstaff(thoughinpracticewewouldneverexpectthemtoseeyourdata).
YouareresponsibleforonlygivingaccesstoTapestrytopeopleyoutrustandwhoactuallyneedaccess.Forinstance,pleaseremembertomakestaffinactiveoncetheyhaveleftyourserviceoriftheyarefacingrelevantdisciplinaryprocedures.
Pleasealsoensurethat,whenyougiveaccesstorelativesofchildren,youarecarefultoallocatethemtothecorrectchildren,toentertheiremailaddresscorrectly,andtomaketheminactiveoncethechildhasleftyoursetting.
Procedures
Ourproceduresaredesignedtominimiseouraccesstoyourdata.Forexample,wewouldn’tlogintoyouraccountwithoutyourpermissionandeventhenwouldonlydosoifitwasnecessarytoresolveafaultorproblemyouwereexperiencing.
Wearesimilarlycarefulwithoursuppliers.Thecompanythathostsourserversanddatabases,AWS,operatesonasimilarprincipleofminimalaccess.TheyareISO27001accredited,whichmeanstheyhaveacompleteandappropriatesetofsecurityprocedures.Wewouldneverexpectthemtoneedaccesstoyourdata.
ItisimportantthatyouthinkaboutyourproceduresforwhatsortofdatayouputonTapestryandwhatyouallowyourstaffandrelativestodowithit.
Forinstance,youshouldthinkabout:
• Whetheryougiveallstaffaccesstodataaboutallchildren,orjustsomechildren.• Whenitisappropriateforyourstafftotakeandsharephotosandvideos.• Whatinstructionsyoushouldgivetoparentsastowhatisappropriateforthemto
add,andwhattheymaydowithmaterialthatyouadd(e.g.,insistingnophotosareuploadedtosocialmediasitesbyparentswithoutthewrittenpermissionoftheparentswhosechildrenaredepictedinphotos,videosortext.)
Passwords
ThemainwaywecontrolaccesstoTapestryisthroughpasswords.
Neitheryou,norwe,canseewhatpasswordshavebeenused(technically,wehashthepasswordsbeforestoringthemusingbcryptandweneverwritepasswordstoanylogfiles).
Ourstaffusestrongpasswordsand,forthemoresecuresystems,havetosupplementthecorrectpasswordwithothersecuritymeasures(suchaslogginginfromourofficeIPaddressand/orusingtwo-factorauthentication).
Youareresponsiblefortrainingyourstaff,andencouraginganyrelatives,toadoptsensibleprecautionsaroundtheiruseofpasswords–don’tsharethem,don’treusethem,andmakethemhardtoguess.
Incorrectpasswordattemptswillresultinanaccessforthatuserbeingpreventedforaperiodoftime.Ifyoususpectoneofyourstafforrelativeaccountshasorcouldhavebeencompromised,youcanmakeitinactive.Thiswillpreventaccessusingthataccount.Ataminimum,youshouldthencontactthestafforrelativeandaskthemtochangetheirpasswordonthissystemandanyothersystemonwhichtheyhaveusedasimilarpassword.
YoucanchooseaminimumpasswordstrengththatyoupermitthepeopleyouaddtoTapestrytouse.Wewon’tletthisminimumbeanylessthan10charactersandweallowandencourageyoutosetatougherstandardthanthat(by,forinstance,requiringlongerpasswords).
Foryourstaff,wealsoprovideanoptionwheretheycannotloginwithoutadifferentmemberofstaff(suchasamanager)logginginfirst.WecallthisPINonlystaff.
Ifyouwish,youcansetaninitialpasswordandPINforthestaffandrelativesthatyouadd,butwestronglydiscouragethis.WepreferyoutousetheoptionofsendingresetlinksthatallowuserstosettheirownpasswordsandPIN.
Weallowuserstoresettheirownpasswordsusingtheiremailaddress.You,andmanagersyounominate,canalsoresetpasswordsforstaffandrelatives.Ifamemberofstafforrelativecontactsusbecausetheyhavelostaccesstotheemailaddressassociatedwithanaccount,wewilldirectthembacktoyou.
IfyouhavelostaccesstoyouremailaddressassociatedwithTapestry,oryouhavetakenoveraTapestryaccountduetothedepartureofthepreviousaccountowneranddon’thaveaccess,thenwecanaddanemailaddressforthenewmanager.Inordertoverifythattherequestislegitimatewehavetotakeseveralsteps.Evenifthesestepsaresuccessful,theymaymeanadelayofweeksduringwhichtimeTapestrymaynotbeaccessiblebyyou.Toavoidthis,pleaseensureyouupdatecontactdetailsbeforeamanagerdepartsand,ideally,alwaysregistermorethanonemanagerontheTapestrysystem.
Wedonotcurrentlyhaveafacilityforyoutorestrictaccesstoparticularlocationsorparticulardevices.Thatmakesitdoublyimportantthatyoutakesensibleprecautionsoverpasswords.
Ifyoubelievethepasswordforoneormoreaccountshasorcouldhavebeencompromised,pleaseimmediatelymakethataccountinactiveusingtheTapestrycontrolpanelor,ifyouareunabletodoso,contactusandwewilldoitforyou.Pleasethencontactustodiscusshowtore-activatetheaccountsinawaythatensurestheyremainsecure.
Becausepasswordscanberesetbyemail,ifyoubelievethattheemailaccountassociatedwithaTapestryaccounthasbeencompromised,pleasetreatitasifthepasswordhasbeencompromised:maketheTapestryaccountinactiveandcontactus.
Technical data security TheTapestrywebserviceanddataarehostedinacloudhostingenvironmentoperatedbyAWSintheEU(primarilytheRepublicofIreland,withbackupsinGermany).AWSisthelargestcloudhostingproviderintheworldandprovidesasecureplatformforsomeoftheworld’slargestonlineserviceproviders.
Physical security
AWSensurethatourserversarephysicallysecure.AWSdatacentresarehousedinnondescriptfacilities.Physicalaccessisstrictlycontrolledbothattheperimeterandatbuildingingresspointsbyprofessionalsecuritystaffutilizingvideosurveillance,intrusiondetectionsystems,andotherelectronicmeans.Authorizedstaffmustpasstwo-factorauthenticationaminimumoftwotimestoaccessdatacentrefloors.Allvisitorsandcontractorsarerequiredtopresentidentificationandaresignedinandcontinuallyescortedbyauthorizedstaff.
AWSonlyprovidesdatacentreaccessandinformationtoemployeesandcontractorswhohavealegitimatebusinessneedforsuchprivileges.Whenanemployeenolongerhasabusinessneedfortheseprivileges,hisorheraccessisimmediatelyrevoked,eveniftheycontinuetobeanemployeeofAWS.AllphysicalaccesstodatacentresbyAWSemployeesisloggedandauditedroutinely.
WemakesurethatthedevicesweusetoconnecttotheTapestryserversarephysicallysecure.Wealsodon’tstoreanyofyourdataonourlocaldevices–itisonlyontheservers.
Wealsodon’troutinelystoreanyofyourdataonourlocaldevices.Itisusuallyonlystoredonourservers.Ontheveryrareoccasionswhenwehaveto(inorder,forinstance,todiagnoseabugwhichwehavenotbeenabletoreplicateinanyotherway),westoreaslittleaspossible,forasshortastimeaspossible,withaccesslimitedtoasfewpeopleaspossible.Wealsoensurethatthemachineswestoreitonaresecure,includingensuringthattheirstorageisencrypted.
ItisimportantthatyoumakesurethatthedevicesyouusetoconnectwithTapestryarephysicallysecure.Inparticular,ifyouusesomeformofpasswordmanageronadevicethatremembersyourTapestrypasswordthen,ataminimum,makesurethatthedevicealsorequiresapasswordtologinorunlock.
TheTapestrywebsitedoesn’tstoredatathatyouhaveenteredonyourlaptopordesktop.Therefore,ifyourcomputerisstolen,solongasthepasswordwasn’tstoredonthecomputerthenthepersonwhostolethecomputerwillnotbeabletoaccessTapestrydatawithoutguessingyourpassword.
IfyouwereloggedintoTapestrywhenyourlaptopordesktopwasstolenthen,solongasthebrowserisopenandthemachinehasn’tbeenswitchedoff,thepersonwhostolethecomputerhasashorttimewhentheycoulduseyouraccount.Thereforeitisimportantthatyoueitherlogoffwhenyouleaveacomputerunattended,orensureyourcomputerautomaticallylocksitsscreenwhenyouleaveitandrequiresasecurepasswordtounlock.
TheiOSandAndroidTapestryappsdon’tstorepasswordslocally,onlytemporarilystoresomedata(suchascopiesofimagesthatarebeingshownonscreen),andrequireapasswordorpintobeenteredtoopentheapp.Therefore,ifthedeviceisstolen,thepersonwhostoleitwouldnothavesignificantaccesstoTapestrydatawithoutguessingyourpasswordorPIN.
Thedevicesmayhavecopiesofthepicturesandvideosthathavebeentakenoutsideoftheapp.Thereisalsoasettingthatallowscopiesofpicturesandvideostakenwithintheapptobestoredinthedevice’spicturegallery.However,bydefaultthissettingisdisabled.Ifyoudownloaddata(suchasPDFsofjournals)fromTapestrytoyourdevice,thoseareatrisk.
Software security
We,togetherwithAWS,ensurethatthesoftwarerunningonourserversisuptodate.Werunregularautomatedtestsandinternalsecurityreviewstoexaminetheconfigurationandsecurityofourservers.
Similarly,weensurethatthedevicesweusetoconnecttoTapestryareuptodateandfreefromvirusesandcompromisingsoftware.
ItisimportantthatyoutakesimilarcarewiththedevicesyouusetoconnecttoTapestrytoensuretheyareuptodateandfreefromvirusesorcompromisingsoftware.Ifyougiverelativesaccess,pleasealsoencouragethemtodothesame.
Encryption
ConnectionsbetweenyouandtheTapestryserversareencrypted.TapestryusesEnhancedValidationCertification(EVC),whichdoesnotofferanygreaterdegreeoftechnicalprotection(encryptionisstillperformedatthesamestrength)butdoesofferavisibleassurancethattheserviceisbeingprovidedbyavalidatedorganisation(theFoundationStageForumLtd).
ConnectionsbetweentheiOSandTapestryappsaresimilarlyencrypted.
ConnectionsbetweenourofficecomputersandTapestryareencrypted.
Yourdataisencryptedatrestonourservers.Thisincludesourbackupsofyourdata.
Itisimportantthatyoucheck,andencouragethosewhoyougiveaccesstocheck,thattheyareconnectedtotheofficialTapestrysitebeforeenteringtheirpassword.ThecorrectURLishttps://tapestryjournal.com.Thereshouldbeapadlockorsimilarsymboltoshowthattheconnectionisencrypted.ClickingonthepadlockorsymbolshouldprovideyouwithinformationabouttheconnectionwhichshouldincludethefactthatthesiteisownedbytheFoundationStageForumLtd.
TheSHA1fingerprintofourcertificateisDCF623A3359798986E6B299151B23593DA1F7FDC
Partitioning
Ournetworkispartitionedtoprovideminimumaccessbetweenourserversandtheinternet.Inparticular,ourdatabasescannotdirectlyaccessorbeaccessedfromtheinternet,butonlyfromspecificservers.Onlyahandfulofserverscanbeaccessedfromtheinternet,andonlyonspecificportsandusingspecificprotocols(e.g.,nounencryptedconnectionsarepermitted).Thisreducesthelikelihoodthatexternalhackerscangainaccesstoourserversandthengetdataout.
Ourdataispartitionedsothatyourdataisheldinaseparatedatabasefromthatofotheraccounts.Thisreducesthelikelihoodthatacompromiseinsomebodyelses’saccount(because,forinstance,theyuseaneasilyguessablepassword)wouldleadtoacompromiseofyourdata.
Oursoftwareispartitionedsothatitonlyhastheminimumlevelofprivilegestocarryoutwhatevertaskitiscurrentlydoing.Thisreducesthelikelihoodthatsomebodywhohackedintoonepartofourcodecoulduseittocompromiseotherareas.
Logging
Welogactivityonoursystem.SomeoftheselogsareavailabletoyouintheTapestrycontrolpanel.Weretainmoredetailedlogstohelpdiagnoseandfixfaults.
Verification (also known as Penetration Testing)
Weemployindependentfirmstocheckthatoursystemsaresecurebyattemptingtohackorpenetratethem.Thesefirmsareaccreditedbytherelevantindustrybodies.
ThepenetrationtestscoverboththewebandtheappversionsofTapestry.
Thepenetrationtestsincludeauthenticatedtests,wherethetestersareprovidedwithlogindetailstoTapestryaccountstocheckwhethertheycanexploitthosetoseeorextractdatathatshouldnotbevisible.
ThemostrecentcheckwasinAugust2017.IfyouhavealegitimateinterestinTapestry(e.g.,youaretheaccountowneroraparent)wearehappytoprovideyouwiththeirsummaryofsummarisewhattheyfound.
Wealsoregularlyrunautomatedsecuritytestsandcarryoutinternalsecurityreviews.
Capacity, Redundancy and Backups Oursystem’scapacityscalestomeetdemand.Wedonotcurrentlylimitthenumberofusers,ortheamountofdatathattheystore,wejustaddtherequiredstorageandserverstomeetthedemand,inmostcasesautomatically.
Ifaparticularaccountisusingoursystemexcessivelywemayneedtodiscussthepossibilityofanincreasedsubscriptionfee,butwehaveneveryethadtodothis.
Oursystemisredundantandshouldsurvivethelossofanyserveror,indeed,thelossofaphysicaldatacentre.Thismeansthatwehaveatleasttwocopiesofeachoperationalserverandalldataisstoredinatleasttwolocations.
Wealsoretainbackupsofalldatainadifferentphysicallocation(atthetimeofwriting,theprimaryphysicallocationsareintheRepublicofIreland,thebackupphysicallocationsareinGermany).
Thesebackupsshouldbe,atmost,24hoursoldandweshouldhave90daysofbackups.
Thebackupsaretreatedwiththesamecareastheprimarydata(inparticular,theyareencryptedintransitandrestandstoredinAWSfacilitieswiththesamephysicalsecurityasdescribedinthe‘physicalsecurity’sectionabove).
Pleasenotethatbackupsarefordisasterrecovery.Wewillusethemtorestoreyourdatashoulditbecomelostorcorruptedonthelivesystem.Itisnotdesignedforeasyaccesstorestorespecificbitsofdatathatyouhavedeliberatelydeletedfromthelivesystem.Ifyouaskustoretrievespecificbitsofinformationfromthebackups,wewilldoso,butwemayneedtochargeourcosts.
Keeping in touch about security Ifyoususpectasecurityissue(e.g.,youbelievethatpasswordsonyouraccountmaybecompromisedbecause,forinstance,computershavebeenstolen)thenemailusat
customer.service@eyfs.info.Pleaseincludeadescriptivesubjectlineinyouremail(i.e.,don’tjustsay“Help!”butsay“Help!Ourcomputershavebeenstolen”).
Ifwehaveasecurityconcernaboutyouraccount,wewilltryandemailtheprimarycontactwehavelisted.Thiswillinitiallybethepersonthatsetuptheaccount.YoucanchangethisusingtheControlPanelwithinTapestry(Settings>ContactDetails).Pleasekeepthisinformationuptodate.
Ifyouorwesuspectasecurityproblem,ourfirststepwillusuallybetolockdowntheaccountswhilstweworktogethertoestablishwhathappenedandthebestcourseofaction.
Frequently asked security questions Belowaresomefrequentlyaskedquestionsthatrelatetosecurity.Ifyouhaveaquestionthathasn’tbeencoveredbythisdocument,[email protected],forsecurityreasons,wemaynotanswersomequestions(suchas,forinstance,theexactversionsofsoftwarethatweareusing).
Can you fill out this security questionnaire for me?
Tokeepourpricedown,wedonotenterintobespokecontractsorfilloutsecuritychecklists.However,wehopethatourcontract,includingitsannexes,includealltheanswersyouneedandcoveralltheeventsthatyouareconcernedaboutandthatyoucanusethemtofilloutwhateverpaperworkyourequireforyourownsystems.
Ifyouhavequestionsaboutourservicethataren’tcoveredthendogetintouchand,ifwecan,wewilladdtheanswerstothiscontract.
Do you offer a service level agreement?
Tokeepourpricedown,wedonot.However,wetakefulfillingourobligationstoyouveryseriouslyandwilldoourutmosttoensureourserviceistherewheneveryouneedit.
Are you insured?
Yes.Ourinsurancecoversthestandardcorporateliabilities.Inadditionitcoversliabilitiesrelatingtohackingandrelatingtodatabreaches.Likeallinsuranceitissubjecttoexcesses,limitsandexclusions.
What happens if my account subscription should expire?
Wewanttoavoidpainfulmistakeshappeningbecause,forinstance,asubscriptionexpiresduringaschoolholidayandnobodyisaroundtopaythebill.Sowedonotimmediatelydeleteyourdatawhenyoursubscriptionexpiresunlessyouspecificallyaskusto.
However,90daysafteryoursubscriptionexpireswewillpermanentlydeleteyourdata.Datawillremaininourbackupsfor90furtherdays.
Ifyouwish,youcaninstructustotodeleteallyourdatasooner.
Do you store data outside of the EU?
No.
What encryption principles are used for data in transit?
Weregularlycheckourencryptionmeetsmodernstandardsandimproveitasappropriate.Atthemomentweusea2048bitkey,SHA256withRSAandallowTLS1.0,TLS1.1,andTLS1.2.WearereviewingwhetherweshoulddropTLS1.0support.
Have you disabled TLS 1.0 support?
Notyet:AnappreciableproportionofourcustomersstillusedevicesthatareonlyabletouseTLS1.0.
However,wearekeepingthisunderregularreviewandwouldstronglyliketodisableitatsomepointthisyear.
What encryption key management processes are in place?
WeuseAWStomanageourencryptionkeysandprovidethemtoauthorisedserversattherightmoment.
The data centre hosting Tapestry is ISO 27001 accredited. Which version of ISO 27001 is it, and who is the accrediting company?
Theversionis2013,andtheaccreditingcompanyisBMTRADA.
Do you follow standard X or have you been certified as Yany other standards or hold any other certifications?
Unlessmentionedabove,no.Wetakesecurityveryseriouslyandregularlyreviewwhatwedo.Butwehavenotyet,forinstance,undergoneISO27001accreditationasabusiness.
Which board member is responsible for security?
OurManagingDirector,StephenEdwards,isresponsibleforsecurity.
Do you have a documented framework for security governance, with policies governing key aspects of information security relevant to the service?
Wedonotyethaveacompletesetofdocumentation.WehavestartedontheprocessofcreatinganISO27001compliantdocumentationset,buttheprocessisnotyetcomplete.
Can you provide evidence that security and information security are part of your financial and operational risk reporting mechanisms, ensuring that the board would be kept informed of security and information risk?
Weareasmallfirmsoourboard,StephenEdwardsandHelenEdwards,arecloselyinvolvedineverydecisiontakenbythefirm.
Weareveryawareoftheimportanceofinformationsecurity.Wediscussitinalmosteverymeetingandwecontinuouslyattempttoimproveoursecurity.
Wehaveaweeklyformalreviewofoursecuritystate(seeabove)
Wegetindependentpenetrationtesterstoreviewoursystem(seeabove)
Can you provide evidence of processes to identify and ensure compliance with applicable legal and regulatory requirements?
Wediscusscomplianceinalmosteverymeeting,particularlyduringthisperiodoftransitiontotheGDPR.
WehaveappointedaDataProtectionOfficertoholdustoaccountonthispoint.
Do you track the status, location and configuration of service components throughout their lifetime?
Yes.Oursoftwareconfigurationismanagedunderversioncontrol,withrepeatablebuildsandchangelogging.
Yes.Ourhardwareconfigurationismanagedunderversioncontrol,withrepeatablebuildsandchangelogging.
Do you assess changes to the service for potential security impact and monitor that impact to completion?
Yes.
How are potential new threats, vulnerabilities or exploitation techniques which could affect the service assessed?
Werunregularautomatedtestsandinternalsecurityreviewstoexaminetheconfigurationandsecurityofourservers.
Weengageexternalpenetrationtesterstoassessoursystemagainstthelatestthreats.
Do we use relevant sources of information relating to threat, vulnerability and exploitation techniques, eg NIST, NCSC?
Yes.WemonitorCVEsrelatingtothesoftwareourservicedependson.
Yes.WeregularlyreviewguidancefromtheNCSCandOSWAP.WedonotregularlyreviewguidancefromNIST.
How are known vulnerabilities prioritised and tracked until mitigations have been deployed?
Wehaveautomatednotificationsofvulnerabilitiesthatareinourdeployedcode.Thesenotificationsareonlyquietenedwhenfixeshavebeendeployed.
Wehaveinternalissuetrackingforrequiredcodeanddeploymentchanges.
Wereviewandprioritiseremainingsecurityactionsatleastonceaweek.
What are the timescales for implementing mitigations? E.g. in patching policy?
Thisdependsonthevulnerability.
Forinstance,ifwebelievethevulnerabilitycouldleadtodataexposure,wewouldimmediatelytakeTapestryofflinewhilewefixthevulnerability.BecauseTapestrywouldbeoffline,itwouldbeourhighestprioritytofix.Wehaveproceduresforcallinginengineersoutofhoursandatweekends.Wehaveproceduresfordeployingchangestoourproductionconfigurationwithinhours.
Ifthevulnerabilitywasassessedasbeingoflowrisk,itwouldbedeployedaspartofourregularcodeandconfigurationupdates.Thesetendtobemadeatleastonceeverytwoweeksandareoftenmadeseveraltimesaweek.
Other than for fault-finding, are activity logs monitored for suspicious activity, potential compromises or inappropriate use of the service?
Activitylogsforourbackendsystemhaveautomatedalertingforsuspiciousactivity.ThesealertsareseenbyalldevelopersandbyStephenEdwards.
Activitylogsforourcustomersarenotmonitoredbyus.Theyareavailabletocustomerstomonitor.
Do we have an incident management process?
Yes.Anincidentwillbeuniquelyidentifiedandanamedindividualwillbeallocatedresponsibilityformanaginganincidentthroughoursupportsystem.Wehavestandardproceduresforcommonincidents.
What is the process for the vendor to report incidents to the customer?
See“Keepingintouchaboutsecurity”above.
Is 2-factor authentication (2FA) available to end users?
No.Butifsufficientnumbersofusersaskforit,wewillimplementit:[email protected]@eyfs.info.
Can we require passwords to be changed every X days?
No.TheUKNationalCyberSecurityCentrerecomendthatyouDONOTrequireuserstochangepasswordseveryXdays.
Ifyoususpectapasswordoremailaccountmayhavebeencompromised,youcanmaketheaccountinactiveandthenmanuallyforcethepasswordtobechanged.Wecandothisinbulkforallaccountsifyoucontactus.
Which NSCC system architecture do you use?
Ofthelistathttps://www.ncsc.gov.uk/guidance/systems-administration-architecturesOfthelistathttps://www.ncsc.gov.uk/guidance/systems-administration-architecturesoursystemisclosesttothe‘bastion’model.
Theserviceisrunonpartitionedandprivatenetworks.Managementfunctionsarecarriedoutbydevicesonthecorporatenetworkwhichaccesstheprivatenetworksthroughbastions.
What provision is made for customers to access / monitor audit records for system / data access?
Customershavedirectself-serviceaccesstologsthatshowchangestodata.
Wecanprovidelogsofwhohasvieweddataonrequesttocustomer.service@[email protected].
Does your organisation have differentiated access to data depending on the sensitivity level?
Yes.Ourdefaultis‘noaccess’andoursystemsaredesignedtominimiseaccesstodata.Differentpeopleandthedifferentrolestheycarryouthavedifferentaccesstodataanddifferentrequirementsforwhatauthorisationtheymusthavebeforeaccessingit.Weregularlyreviewwhocanaccesswhatandwhytoensureweareprivateandsecurebydefault.
Annex C: Tapestry Privacy ThisannexdescribesourprivacypolicyforpeoplewhoaccesstheTapestryonlinelearningjournalservice,(https://tapestryjournal.com).ThispolicyisintendedtobesharedwithanypersonwhousesTapestryaspartoftheir“righttobeinformed”underUKdataprotectionlaw.SinceweoperateasaDataProcessorforourcustomers,theDataController(usuallyourcustomer–thechildminder,educator,nursery,schoolorsimilareducationalorganisation),willneedtoprovideextrainformationtofulfilthe“righttobeinformed”.Wedescribethisextrainformationbrieflyin‘AnnexA:TapestryDataProtection’andyoucangetmoreguidancefromtheUKInformationCommissioner’sOffice:https://ico.org.uk/for-
organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-be-informed/.
ThispolicyisintendedtobesharedwithanypersonwhousesTapestry.
WearetheFoundationStageForumLtd,acompanyregisteredinEnglandwithcompanynumber05757213andaregisteredaddressof1,SouthdownAvenue,LewesBN71EL,UK.
Ourcustomersarechildminders,educators,nurseries,schoolsorsimilareducationalorganisations.
YouaresomeonewhohasbeengivenaccesstoTapestrybyoneofourcustomers.Forexample,youcouldbeamemberofstaff,arelativeofachild,thechildthemselves,orsomeoneactingonbehalfofachild.
YoumayhaverightsunderEUDataProtectionlegislationrelatingtoinformationwestoreaboutyou.Theserightsaredescribedhere:https://ico.org.uk/for-the-public/.https://ico.org.uk/for-the-public/.Ifyouwanttoexercisethoserights,pleasecontactthecustomerwhoisstoringdatainTapestryinthefirstinstance(e.g.,theschoolornursery).Iftheywanthelpincarryingoutyourrequest,theycancontactus.
OurleadsupervisoryauthorityfordataprotectionistheUKInformationCommissioner’sOffice(https://ico.org.uk).(https://ico.org.uk).
The Service Ourcustomerspayustoprovidethemwithaservicethatallowsthemtocreateonlinelearningjournalsforchildrenundertheircare,monitorthosechildren’sprogressandsharethisinformationwiththeirstaffand,iftheywish,thosechildren’sparentsandrelatives.
What data do we collect? Ourcustomersmaychoosetostoresomeofthefollowingdataonourservice:
• Thenamesandemailaddressesoftheirstaff• Thenames,datesofbirthandpostcodeoftheirchildren• Thenamesandemailaddressesoftheparentsandrelativesoftheirchildren• Thecontentsofalearningjournal:
– assessmentsofchildren’sperformance– notes,photographsandvideosofthechildren
• Arecordofthechild’scare:– whattheyateanddrank– toileting– howtheyslept– whethertheyhadanyaccidents
Ourcustomersstorethisinformationinordertorecord,analyseand,iftheywish,sharetheprogressoftheirchildren.
Ourcustomershavethefreedomtochoosewhatdatatheystoreandwhotheystoreitabout.
Ourcustomerschoosewhohasaccesstothedata.
Ourcustomersareabletocorrectanddeletedataatwill.
IfOurcustomersmusttellyouwish,aspartofyourrighttoknowthepolicyforexactlybeinformed,whatdataisstoredinTapestryaboutaspecificpersontheyarestoring,whytheyarestoringitandwhotheyaresharingitissharedwith,pleasecontacttherelevantchildminder,educator,nursery,schoolorsimilareducationalorganisation.
Inprovidingtheservice,wewillsendautomatedemailstostaffandparentsinordertoconfirmemailaddresses,resetpasswordsandnotifythemofeventsrelatingtothecustomer(suchaswhenanewobservationisaddedaboutachild).Weneversendanymarketinginformation,thoughwedosendstaffanewsletteraboutTapestry.
WeONLYaccessthedatastoredbyourcustomersinordertocarryoutourcustomer’sinstructions,tomaintainorimprovetheserviceortofixfaults.Wedonotuseourcustomer’sdataformarketing.Weusesub-contractorstoprocesssomeofthedata,butwedonototherwisesharethisdatawithotherorganisations.
IfyourcontactdetailsareregisteredonTapestryinthe‘contactdetails’section,orasa‘manager’thenwemaycontactyouifwehaveaquestionorconcernabouttheassociatedTapestryaccount.
WhenyouvisittheTapestrywebsitewecollectyour:
• IPaddress,togetherwith• Informationyourcomputersendsaboutitswebbrowserandoperatingsystem,and• Whatpagesyoulookat(e.g.,thelistofobservations),butnotthecontentofthose
pages(i.e.,wecouldnottelldirectlyfromthedatawhetherthelistofobservationscontainedinformationaboutaparticularchild,thoughgiventimeandaccesstothedataaboveitwouldbepossibletofigurethatout)).
Weusethisinformationtomonitorthesecurityofourservice,tohelpusfigureouthowtoimprovetheservice(e.g.,whatbrowsersshouldwesupport?Howmuchcapacityshouldweadd?)andtoimprovethewaywemarkettheservice(e.g.,whatsearchtermswereusedtodiscoveroursite).Wedonotshareit.
Ifyouuseourphoneortabletapplicationwecollect:
• TheIPaddressofthenetworkyourphoneortabletison,togetherwith• Themakeandmodelofyourphoneortablet,togetherwith• Theversionofyourphoneortablet’soperatingsystem,togetherwith• Detailsofanycrashesthatoccurintheapplication,and• Whatscreensyoulookatintheapplication(e.g.,thelistofobservations),butnotthe
contentofthosescreens(i.e.,wecouldnottelldirectlyfromthedatawhetherthelist
ofobservationscontainedinformationaboutaparticularchild,thoughgiventimeandaccesstothedataaboveitwouldbepossibletofigurethatout)).
Weusethisinformationtomonitorthesecurityofourserviceandtotohelpusfigureouthowtoimprovetheservice(e.g.,whatcausescrashes?whichcrashesneedfixingmosturgently?)?).Wedonotshareit.
Who ownsWhat is the lawful basis for storing this data? Ourcustomersownthedatatheyplaceinourservice.Wedonot.Ourcustomer’sdecideandmusttellyouthelawfulbasisforthedatatheyaddtoTapestry.Pleasenote,yourconsentisnottheonlylawfulbasisforstoringdataandourcustomersmayhaveadifferentlegalbasis.
Whose data is it? Wedon’tclaimownershipofthedataenteredintoTapestry.Weonlyuseitaccordingtoourcustomer’sinstructionstoprovidetheservicedescribedabove.
Formally,inUKdataprotectionlegislationterms,ourcustomersarethe“DataController”andwearethe“DataProcessor”.
Therearethreeexceptionstothis,wherewearethe“DataController”:
1. Thecontentofourbillingsystem2.1. Thecontentofoursupportticketsystem3.1. Thecontentofourforums
TheseexceptionsaredescribedinmoredetailinAnnexEandAnnexF.
Who do we share data with? Wedonotsharedata,exceptasexplicitlyrequestedbyourcustomers.
Iftheywished,ourcustomersmightgiveotherpeople(e.g.,stafforparents)accesstodata.Theymightdownloadorprintsomeorallofthedataandshareitwithotherpeople(e.g.,staff,parents,thegovernment).Theymighttransfersomeofthedatatoanotherorganisation(e.g.,parents,thegovernment,anothereducationalestablishmentlookingafterachild).
WeONLYaccessthedatastoredbyourcustomersinordertocarryoutourcustomer’sinstructions,tomaintainorimprovetheservice,ortofixfaults.
How do we collect the data? Mostdataisenteredbyourcustomersdirectlyintoourwebsiteorthroughourphoneandtabletapplications.Ourcustomersmay,iftheywish,permitparentsandrelativesofchildrentoadddatatotheservice.
Somedata(describedabove)issentautomaticallybyyourwebbrowserorbyourapplications.
Wemaystorecookiesonyourcomputerinordertoverifythatyouareloggedinandtostoreyourpreferences.Thecookiesthemselvesdonotcontainanyidentifiableinformationaboutyouoraboutwhatyoulookat.
Can I see my data that is stored on your system? Yes.Theschool,childminder,nurseryorsimilareducationalorganisation,cangiveyouacopyofdataaboutyouthattheyoryouhavestoredinTapestry.Wecanprovideyouwithacopyofanyoftheotherdatathathasbeencollected(e.g.,ourrecordsofyourIPaddressand/ormakeandmodelofyourtabletsetc.).
Can I have my data corrected or deleted? Yes.Theschool,childminder,nurseryorsimilareducationalorganisation,cancorrectordeletethedatatheyoryouhavestoredinTapestry.
Theprocessofdeletionisgradual:initiallydeleteddataismovedtoa‘deleted’areaincaseitwasdeletedinerror.Afteradelay,itisthenpermanentlydeletedfromourmainsystems.Afterafurtherdelay,itisthenpermanentlydeletedfromourbackups.
What are our customer’s responsibilities? Ourcustomersdecidewhotoadddataabout,whatdatatoadd,andhowlongtokeepitfor.TheyhaveoverallresponsibilityforcomplyingwithDataProtectionlaw(ortheequivalentinothercountries).
Wedescribethisinmoredetailinthecontractwehavewithourcustomers.But,forinstance,theyhaveto:
• EnsuretheyhavealegalbasisforwhatdatatheystoreonTapestryandwhotheyshareitwith.
• Thinkaboutwhatinformationitisappropriatetosharewithwhom,giventheirsituationandthatofthechildrenundertheircare.
• Respondtorequestsforaccesstodata.• Traintheirstaffaboutsensiblesecurityandconfidentialityprecautions:
– Takingcareofpasswords.– Takingcarenottoinstallsoftwareoncomputersthatmaycompromise
security.– Takingcarenottoaccessmaterialfrominappropriateplaceswhereitcan’tbe
keptappropriatelyconfidential.• Deletedatawhenitisnolongerrequired.• Removeaccessforpeoplewhonolongerneedaccess.• Giveparentsinstructionsinaccordancewiththeirsafeguardingpolicy.
Contacting Us [email protected]@eyfs.infoor1,SouthdownAvenue,LewesBN71EL,UK.
WealsohaveaDataProtectionOfficer,LaurenFoley,[email protected]@eyfs.info.
Annex D: Tapestry Sub-processors NotallpartsofTapestryarerunin-house.Belowarealistofthesub-contractorsthatweusetoprocesssomeofyourdata.TheyareunderawrittencontractthatensurestheyarecompliantwithUKdataprotectionlaw.
Fortheavoidanceofdoubt:Weareaccountabletoyouforthiscontract.Ifoneofoursub-processorsdoessomethingwrong,itisourfault–wewon’tpassthebuck.
Fortheavoidanceofdoubt:Weinstructoursub-processorsinwaysthatareconsistentwiththiscontract.
Forinstance:AlthoughAmazonWebServiceshavedatacentresoutsideoftheEUand,technically,couldmoveyourdatathere,theyarecontractuallyboundnottodosowithoutourinstructionandwewouldnotinstructthemtodoso.
Forinstance:AlthoughAmazonWebServicescould,technically,accessyourdata,theyarecontractuallyboundnottoexceptifitisstrictlyneccessarytodelivertheirservicetous.Eventhen,theiremployeesarecontractuallyobligedtokeepdataconfidentialandsecure.
List of sub-processors TocontinuetouseTapestry,werequireyourconsenttoouruseofthefollowingsub-processors:
• AmazonWebServices-.TheyhostTapestry.TheyareISO27001compliant.Theiraddressis410TerryAvenueNorthSeattleWA98109-5210.
[NOTE:Wecurrentlyalsousethefollowingsupplierssupplier,butareinwillremovethemfromtheprocessnextreleaseofremovingthemeitherbyreplacingtheirservicewiththatofAmazonWebServicesorbringingourapps,whichshouldbebeforeweneedtoagreetheserviceinhouse].finalversionofthiscontract]
• Viper-Manageourlaptopsandtelephones• Mailchimp-Managesomeofouroutboundemail.• Sparkpost-Managesomeofouroutboundemail.• Crashlytics-ManagesomeofourcrashreportingonourAndroid,iOSandAmazonFire
apps.
Changes to sub-processors Wemay,occasionally,needtoaddorchangethesub-contractorsweusetoprocesssomeofyourdata.
Ifwedo,thenUKdataprotectionlawrequiresustotellyouandtoobtainyouragreement.
We’veincludedthelistofsub-processorsaspartofthiscontractwhichmeansthatifwewanttochangethemwewilldosobyproposingachangetothiscontractwithyou.Wewillgiveyouasmuchnoticeaspossiblesoyoucandiscussanychangeswithus.Wewillthenaskforyourwrittenagreementtothechangeincontract.
Annex E: Billing and support data 1. WearetheFoundationStageForumLtd,acompanyregisteredinEnglandwith
companynumber05757213andaregisteredaddressof1,SouthdownAvenue,LewesBN71EL,UK.
2.1. Youareachildminder,educator,nursery,schoolorsimilareducationalorganisation.
3.1. Thisannexrelaterelatestodatainourbillingandsupportsystem.ItdoesnotrelatetodataplacedintheTapestryonlinelearningjournal(seeAnnexA)ortodataplacedinourdiscussionforums(seeAnnexF).
What data do we collect? 3. Wecollectthefollowinginformationaboutpeoplewhocontactusbyemailorthrough
oursupportticketsystem:• Theperson’semailaddressandthecontentsoftheemail4. Ifyoucontactusbytelephone,postorface-to-facewemayalsokeepnotesofthose
interactions.
5.4. Westore:• Yourname,emailaddress,telephonenumberandpostaladdress• Thename,emailaddressandtelephonenumbersofanyoneyoutelluswho
administersorpaysforyouraccountwithus.6. Creditcardpaymentinformationisgivendirectlytoapaymentserviceprovider.We
donotholdanycreditcardinformationourselves.
Why do you need this data? 7. Ourlawfulbasisforcollectingthisdatais‘contract’.Weneedthisdatato:• Chargeyouforourservice.• Respondtoquestionsorproblemsraisedbyyouaboutourservice.• Contactyouifwehavequestionsaboutyouraccount.• Decidewhatchangestomaketoourservice.
Who do you share this data with? 8. Wemakeuseofsubcontractorstoprovideourservicetoyouandtheymayseesome
orallofthisdata:• AmazonWebServices-Forhosting.• UnitedHosting-Forhosting.• BarnianMediaLtd-Fortechnicalsupport.• SagePay-Formanagingcreditcardpayments.• Fastmail-Formanagingouremail10. IfyoucontactusinrelationtoaparticularTapestryaccountthenwemaysharethat
datawithotherpeoplewhowebelieverepresenttheorganisationthatownsthataccount.Forexample,ifateachercontactedustoinstructustopermanentlydeleteaparticularchild’sdata,andthentheheadoftheschoollatercontactedustoaskwhyachildhadbeendeleted,wewouldsharetheinstructionfromtheteacherwiththehead.
9.11. Wedonotuseorshareyourdataforanyreasonotherthantoprovideorimproveourservicetoyou.Fortheavoidanceofdoubt:wedonotsellyourdata.
Where is the data stored? 10. YourdataisstoredwithintheEU.OurprocessingiscarriedoutwithintheEU.
How long do you keep this data? 11. Wekeepyourdataforupto7years.Wekeepdatathislongincaseitisrequiredinan
auditandtohelpusdecidewhatchangestomaketoourservice.
How do I exercise my rights under data protection law? 12. Wearethedatacontrollerofthisdata.
13.12. Yourrightsunderdataprotectionlawaredescribedathttps://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.Theyincludetherighttoseeandcorrectthisdata.
14.12. Toexercisethoserights,[email protected]@eyfs.info.
15.12. WealsohaveaDataProtectionOfficer,LaurenFoley,[email protected]@eyfs.info.
16.12. OurleadsupervisoryauthorityfordataprotectionistheUKInformationCommissioner’sOffice(https://ico.org.uk).(https://ico.org.uk).
Annex F: Use of our discussion forum 1. WearetheFoundationStageForumLtd,acompanyregisteredinEnglandwith
companynumber05757213andaregisteredaddressof1,SouthdownAvenue,LewesBN71EL,UK.
2.1. Youareachildminder,educator,nursery,schoolorsimilareducationalorganisation.3.1. Wehaveadiscussionforum(https://eyfs.info)(https://eyfs.info)thatyoumayuseto
discussissuesfacingchildminders,educators,nurseries,schoolsorsimilareducationalorganisations.
Liability 4. Wedonotvouchfortheaccuracy,completenessorusefulnessofanymaterialonthe
forum.Useitatyourownrisk.5.4. Thematerialexpressexpressestheviewsoftheauthorofthematerial,andnot
necessarilyourviews.6.4. Ifyoufeelanymaterialontheforumisisobjectionable,pleasecontactusimmediately
[email protected]@eyfs.info.
Content and ownership of your messages 6. Don’tpostanythingwewon’tlike.
– Welikeprofessionaldiscussionoftheissuesfacingissuesfacingchildminders,educators,nurseries,schoolsorsimilareducationalorganisations.
– Wedon’tlikethingsthatareunkind,illegal,lies,uselanguageyouwouldn’twantchildrentohear,orareshamelessadvertising.
7.6. Don’tpostanythingthatyoudon’thavepermissiontopost.Forinstance,ifyoudidn’twritethematerialyouareposting,makesureyouhavethepermissionofthepersonwhowroteitbeforeyoupostit.
8.6. Onshamelessadvertising:Occasionallyduringthecourseofadiscussionitmaybeappropriateforayoutomentionaproductorservicewithwhichyouareinvolvedifithelpsthediscussionanddoesn’tannoyanyone.Wewilluseourdiscretioninthosecases.
9.6. Ifwedon’tlikewhatyoupost,orfearyoumaynothavepermissiontopostit,wewillremoveit.
10.6. Ifwekeephavingtoremoveyourmaterial,orifwereallydon’tlikeit,wewillbaryoufromtheforum.
11.6. Whenyoupostmaterial,youretaincopyrightbutgrantustherighttousethematerial:
• withoutpayment,• inanywaywechoose,• anywhereintheworld,• forever.
12. Ifweuseyourmaterial,wewilltrytoattributeittoyou.
13.12. Ifyouwishtocopymaterialpostedbysomeoneelse,pleasecontactusorthepersonwhopostedforpermission.
Privacy and Data Protection 14. Westoreanydatathatyousubmittous,plusyourIPaddress,detailsaboutyour
browserandcomputerandwhichpagesonoursiteyouview.
15.14. Ourlawfulbasisforstoringandusingthedatais‘contract’.Westoreandprocessthisdatainorderto:– provideadiscussionforum,– monitorabuse,– fixbugs– andtoimproveourservice.
16.14. YourdataisstoredwithintheEU.OurprocessingiscarriedoutwithintheEU.OurforumisaccessiblefromoutsideoftheEU,somaterialyoupostmaybeviewedfromoutsideoftheEU.
17.14. YourforumaccountwilllapseonceyourTapestrysubscriptionlapsesor,ifyouhaveaseparateforumsubscriptiondirectlyorthroughyourlocalauthority,oncethatsubscriptionlapses.
18.14. Whenyourforumaccountlapsesyouwillnolongerbeabletologintotheforumorpostmaterialtotheforum.Atourdiscretion,thematerialyouhavepostedmayremainontheforum.
19.14. Whenyourforumaccounthaslapsedwewillonlyusethepersonalinformationthatyouhaveprovidedusto:– helpyoure-activateyourforumaccountifyoulaterwishtore-subscribe– keeptrackofwhopostedwhatmaterialincaseweneedtoattributeittoyouor
incaseweneedtoverifythatyouhadpermissiontopostthematerial.20.14. Wewilldeletethepersonalinformationthatyouhaveprovidedusatmost7years
afteryourforumaccounthaslapsed.Atourdiscretion,thematerialyouhavepostedmayremainontheforum.
21.14. Wearethedatacontrollerforthisdata.ToexerciseyourrightsunderUKdataprotectionlawyoucancontactusatcustomer.service@[email protected].
22.14. WehaveaDataProtectionOfficer,LaurenFoley,[email protected]@eyfs.info.
14. OurleadsupervisoryauthorityfordataprotectionistheUKInformationCommissioner’sOffice(https://ico.org.uk).
Changes to this contract Belowisalistofmaterialchangestothisdocument.Ifyouspotachangethatshouldbeinthislist,pleaseletusknow.
2018 March 12 (Second Draft) LinenumbersmentionedbelowarethelinenumbersmarkedonthePDFcopyofthisdraft.
Accross all sections • Fixedtyposandimprovedsomewording.• Adjustnumberingthatoccursbecauseofotherchanges.• Makelinkstoemailsandwebsitesclickable.
A note on this draft • Mentionthelistofchanges(line163).• Fixdates(line174).
Overview • Clarifythatwedosometimescallpeopleback,andofferpaid-fortelephonesupport
sessions(lines189-192).• StateexplicitlythatweareGDPRcompliantandthiscontractcontainstherequired
clauses(lines212-215).• Statethatthelimitonliabilityisreciprocal(lines268-269)• Clarifythatsomeliabilitiesaresetinlawandwearen’tattemptingtooverridethem
(line268).Inparticular,inrelationtoliabilitiesfrombreachesindataprotectionlaw(lines270-275).
Annex A: Tapestry Data Protection • Providemoredetailonwheredataisstored(lines308-330).• Confirmthatwewon’tchangewheredataisstoredwithoutyouragreement(lines
309-311).• ReferencethePrivacyPolicyforafullerexplanationofwhatdataiscoveredbythis
dataprocessingagreement(line345).• Confirmthatwewillgetyourwrittenconsentbeforechangingoursub-processors
(line363).• Confirmthatwewilltellyouifwebecomeawareofabreach(line375,line527,lines
578-582).• SuggestcarefulconsiderationofthelawfulbasisforaddingdatatoTapestry(lines
384-387).• Expandontheimplicationsoftherighttobeinformed(lines439-451).• Clarifywedon’tlicenseyourdata(line469).• Clarifywhocantellyoutorestrictprocessingofdata(itisn’tus)(line474).• Clarifywhocaninstructus(lines480-493).
• Confirmthatweusesub-processorsinawaythatiscompliantwithdataprotectionlawandpointtotheAnnexforadescriptionofhowwewillseekyouragreementifwewishtochangethem.(lines505-507).
• Clarifythatwewillhelpyouto‘lock-down’youraccountifyoususpectabreach(line531-534).
• Clarifythatyouhavetonotifythedataprotectionregulatorinthecaseofabreach(line539).
• Clarifywewon’tdeletedataifwearenotallowedtobylaw(lines562-563).• Clarifythatwemaypartiallyorentirelylockdownyouraccountifwesuspectabreach
(lines583-587).• AddaFAQonBrexit(lines601-605).
Annex B: Tapestry Security • AddVATnumber(line637)• Confirmthatwhendataisdeletedfromourbackups,itisnolongerrecoverablebyus
(line714).• Addareminderaboutwhattodoifyoususpectapasswordoremailaccounthasbeen
compromised(lines795-803).• Clarifywhenandhowwemightstoredataonourlocaldevices(lines824-829).• Providemoredetailonwhatourpenetrationtestscover(lines906-912).• Confirmthatweareinsured(lines969-972).• MakeourTLS1.0supportmoreobvious(lines987-991).• Clarifythatyoucan’tforcepasswordchangeseveryXdays(lines1078-1083).• Confirmwehavedifferentiateddataaccesspolicies(lines1095-1101).
Annex C: Tapestry Privacy • ClarifythattheDataControllerwillneedtoaddmoreinformationtofulfilasubject’s
righttobeinformed(lines1106-1113,lines1153-1154).• Giveexamplesofwho‘you’mightbe(lines1120-1121).• Clarifythatwemaycontact‘managers’registeredwithTapestryusingthecontact
detailstheyhaveenteredifwehaveaquestionorconcernabouttheassociatedTapestryaccount(lines1165-1167).
• ClarifywealsocollectyourIPaddressifyouuseourphoneortabletapp(line1182).• Confirmthatwedonotsharedataaboutyourcomputerortablet(line1193).• ClarifythattheDataControllerwillneedtoprovidethelawfulbasis(line1194-1197).• Removetroublesomereferencetowhoownsdata:keepingthefactthatwedon’t,but
notclaimingthatyoudo(line1199-1200).
Annex D: Tapestry Sub-processors • Confirmthattheyareunderawrittencontractwithus(line1266).• Confirmthatweusetheminawaythatisconsistentwiththiscontract,andgive
examplesinrelationtocommonquestions.(lines1271-1279).• Removereferencestosub-processorswehavenoweliminated(line1288).
• Explainhowwewillseekyourwrittenconsentifweneedtoaddorchangesub-processors(lines1290-1299).
Annex E: Billing and support data • Explicitlystateourlawfulbasisforprocessingdata(line1322).• RemovereferencetoUnitedHosting-wenolongerusethem(line1330).• Clarifythatwewouldsharedatarelatingtoanaccountwithotherrepresentativesof
thataccount.(lines1334-1339).• Clarifythatwedouseyourdatatoimproveourservice(line1341).
Annex F: Use of our discussion forum • Explicitlystateourlawfulbasisforprocessingdata(line1405).
2018 January 5 (First draft) 23.• Firstpublicdraftofnew,moredetailed,contract.