"You" shall mean you, the user of the Site. "We/Us" means The Spelling Shed "Users" means the users of the Site collectively and/or individually as the context allows.
We process personal data only in strict compliance with the General Data Protection Regulation 2016/679.
All Spelling Shed data is stored and processed in the UK via Amazon Web Services (AWS), who we use as a data processor under their data processing addendum (DPA). See https://aws.amazon.com/compliance/gdpr-center/ for more information.
The data controller of your personal information is The Spelling Shed Ltd which is registered with the Information Commissioner’s Office (“ICO”) with registration number ZA311518.
We collect the school name and address plus minimal contact details. We collect this data for billing purposes.
This applies to all account holders including teachers.
Name - Our system asks for a name for all users. This is for your convenience and a pseudonym is perfectly acceptable.
Username - All users have a unique username that can be changed at any time. This username is publicly visible in certain places such as where a user owns a list and that list is found in search. For this reason usernames for children should not be identifying beyond first name and last initial and our system generates usernames following that pattern when one is not provided.
Unique Pupil Number (UPN) - Schools can associate a pupil's UPN with their user account to enable that pupil to be moved between class groups more easily. This can be deleted from a user account at any time.
Email - Email address is requested for all teacher accounts to allow system communications. Pupil records may optionally include an email address for sign-in purposes and very rarely, system communications. We do not share email address information with anyone.
Password - We collect or generate a password for all users to access Spelling Shed. We only store an encrypted form of the user password so that in the event of a data breach no password data will be accessible. As a consequence of not storing passwords in plain text teachers may wish to hold their own record of pupil logins for reference. If this is the case, these should be stored securely according to the school's data protection policy.
Our system stored and generates data based on activity in our game. This data is for internal system use only and is used to monitor usage and performance as well as to allow teachers to target spelling tasks as appropriate. This data is not shared in any way.
Cookies do not attach to Your system or damage Your files.
By entering Your User Information via this Site You accept that we may retain Your User Information and that it may be held by Us or any third party company which processes it on Our behalf. We shall be entitled to use Your User Information for the following purposes:
Please also note that we do not disclose Your User Information to third parties to enable them to send You direct marketing.
Security and Data Retention Security is very important to Us. Secure Socket Layer ("SSL") encryption technology is used for protection of information in transit for any sensitive transactions such as payments. Additional security procedures are in place to protect the confidentiality, integrity and availability of Your User Information.
By policy, we only collect personal data strictly necessary for the operation of our system and in many cases anonyised data can be used.
We will comply with all relevant Data Protection legislation in relation to the period for which We retain your User information.
You have a right to access a copy of Personal Information stored in Our system about You or Your child. This information is available on request via firstname.lastname@example.org.
You have a right to be forgotten and your Personal Information may be deleted by request. Note that we automatically delete Personal Information after 12 months of inactivity. Note that we do not delete school records as this is not individual Personal Information and this information is required for financial reporting.
We commit to notify users within 72 hours of any breach of Personal Information affecting them.
In order to sign up for Spelling Shed you are required to explicitly accept our Terms including that you agree to the handling of Your Personal Information in accordance with this policy.
If you are a school that has Control of children's Personal Information you should gain explicit consent from parents before entering their Personal Information into Spelling Shed. Visit our Resources section to download a model parental consent / information letter.
Our organisation fully complies with GDPR regulations. We have completed internal data audits and have appointed a "Data Protection Officer" to monitor our on-going compliance. If you have any specific queries not covered by this policy please contact email@example.com.