GDPR Compliance – The role of SSC as a Data Controller

School Software Company (SSC) are the providers of Sleuth.  SSC is the controller of data about customers and partners engaged in using its products and services.  This data is held securely in a Customer Relationship Management system (CRM) on a local network and is used by SSC employees only for the purposes of providing support, managing our business (e.g. contracts and billing) and for sales and marketing activities.

This information is to let you know how SSC looks after your data as a controller.  Please do contact us if you have any specific questions about GDPR and the data that we control.

Why we hold personal data

Your privacy is protected by law.  We will only use personal information that we control if we have a genuine reason to do so, which includes:

  • Taking action to fulfil a contract we have with you, or
  • When you have asked us to engage with you in relation to a contract, or
  • When it is in our legitimate interest, or
  • When you consent to it.

A legitimate interest is when we have a business or commercial reason to use your information, however, this will not unfairly go against what is right and best for you.  If we rely on our legitimate interest, we will tell you what that is.

Our Privacy Promise

We promise:

  • To keep your data safe and private
  • Not to sell your data
  • Not to share your data without your permission
  • To give you options for managing and reviewing the data we control

How long is data kept?

We will not keep data for longer than necessary.  We will routinely review and remove data that is not required and out of date.  You have the right to erasure, if you have shown an interest in our products or services and there is no need for us to keep your details then please contact us.

Data that we hold

The occasions when we may collect personal data about you and your organisation include:

  • When you enquire about our products and services
  • When you contact us for information or support
  • When you use our website and contact forms
  • When you participate in customer surveys

The personal data that we collect includes:

  • School details – Name of organisation/school and background information (e.g. school type, LA, on-roll numbers). For schools using Sleuth this will include details of our Sleuth contract with you and any financial transactions;
  • Staff details – Staff name and role in school/organisation and contact details (if provided);
  • Events and Communications – Details of communications between us, including the nature of any enquiries and how we responded;
  • Information – Details of information that we have sent you or you have downloaded from our website.

For customers with a Sleuth contract we also collect and store details about your contract, financial transactions and product use.   For more details of the data we hold, please contact us or refer to your Sleuth contract.

School Contact Details

Name of organisation/school and background information (e.g. school type, LA, on-roll numbers). Details about our Sleuth contract with you and any financial transactions.

Professional Contact Details

Contact name and work details for persons interested in using Sleuth or involved in a Sleuth Project (e.g. key staff in your project and those we have been contacted by for support).

Events & Communications

Details of the communications we’ve had with you (e.g. telephone enquiry, support calls, emails, training, meetings, visits), including date and time and a summary of the enquiry/request, how we responded and any actions taken by SSC as a result.

Information Shared

Details of the information we have shared with you (e.g. in response to product enquiries, training, orders or support requests).

Sleuth Usage

If your school are using Sleuth then our CRM provides an overview of your Sleuth setup and configuration with usage statistics for support and diagnostic purposes.

Return to GDPR Compliance page.

Sleuth is a School Software Company Product
© 2024 School Software Company