Just2easy Privacy and Data Policy for Schools
version 1.2 November 2018
Online safety for our customers is paramount to Just2easy and we comply fully with the the EU General Data Protection Regulations
"the Service" is defined as your use of j2e.com subscription service
"the Sites" is defined as the j2e.com website and associated sites
Product data collection and use
Just2easy provides a personalised experience for its users. Account information for Just2easy users including teachers and students is password-protected so that only the user and teachers have access to this personal information. By requiring users to log in, Just2easy students can access the relevant content and their progress can be monitored.
We recommend that you do not divulge your password to anyone. Just2easy will never ask you for your password in an unsolicited phone call or in an unsolicited email. Just2easy recommend that If you have finished using the resource, you sign out. If you have accessed the Sites via a portal, you should log out of that portal and close your browser. This is to ensure that others cannot access personal information if the computer is used by someone else.
Just2easy backup all cloud data in line with industry best practice. If a customer suffers a data loss incident, trough accidental deletion they can request that it be restored by emailing email@example.com and providing details of the data loss.
At all times, within the definition of the EU General Data Protection Regulation (GDPR) the school and its employees retain the status of Data Controller for their data held on our cloud service. The data obtained from the school’s systems always remains in the ownership of the school, or that of the individual (employed) users. Just2easy shall be the Data Processor for the purposes of the GDPR except where we act as Data Controller for invoicing and administrative purposes.’
How long do we keep data?
Just2easy stores data for its users. Whilst there is an active account for a school, Just2easy will not delete any user data without an express request from the data controller to do so. Once an account has become inactive, Just2easy will delete all data associated with that account after a period of 5 years has elapsed.
At the express request of the data controller, Just2easy will delete all or any data as requested including any and all backups. Such requests should be sent via email or post as detailed at the bottom of this document.
Archival of users
Just2easy may, from time to time, archive users, and their data, that are perceived to be inactive. This will have the effect of removing this data from the day to day user interface of the Just2easy tools. However, the data controller will have the option of restoring these archived users and associated data.
Usage statistics of the Sites at school level will be stored by Just2easy and will be kept in perpetuity. No personal/user level information can be extracted from this data.
Just2easy has a strict policy of not sharing any information about students with anyone outside the organisation. Just2easy will not share data with third parties unless explicit instruction is given by the data controller. We will never sell user information.
Security and protection of your Information
All remote access via the the Sites may be conducted over HTTPS, an encrypted web link secured using Secure Sockets Layer (SSL). This is the same method used by banks and commercial entities to secure sensitive data from interception.
External data storage
Just2easy stores data using Amazon AWS services. All data entered and saved on the the Sites is stored and backed up within Europe. We use industry best practice to secure all such cloud data, including multi factor authentication for Just2easy directors for the highest level of access.
Access to Information
The EU General Data Protection Regulations give you the right to access information held about you. Your right of access can be exercised in accordance with the Act. Any such request should be made by email or post as detailed at the bottom of this document.
To ensure that the user receives the best customer care, from time to time Just2easy’s staff have access to user data (dependent upon their role). Staff access is only granted on a need to know basis.
Just2easy and cookies
Cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You may contact us at any time via email ( firstname.lastname@example.org )
or by postal mail, addressed to:
Brian Clough Business Centre
200-222 Cotton Lane