4. Privacy & Cookies Policy

Contents:

• 4.1 Introduction
• 4.2 Individuals Making Enquiries, Ordering SOCS and Requesting Support
• 4.3 School Staff, Parents and Pupils Using SOCS
• 4.4 The Use of Cookies on SSL Websites
• 4.5 Changes to this Privacy and Cookies Policy

4.1 Introduction. SSL is committed to ensuring your privacy is protected. SSL may ask for certain information when you use our websites and services. This policy sets out how SSL uses and protects any personal information provided to SSL.

4.2 Individuals Making Enquiries, Ordering SOCS and Requesting Support. SSL is the data controller of personal data when an enquiry is made about our services, when SOCS is ordered or when a question is submitted to our support team via the SOCS help system (http://help.socscms.com).

• 4.2.1 What personal information does SSL collect?
  Name, email address, phone number and job title, as well as school name will be collected. When an order is submitted we will request this information for the key members of staff depending on the SOCS modules ordered.
   
• 4.2.2 Where is the personal information stored?
  All personal information is stored in the UK.
   
• 4.2.3 How is the personal information stored?
  For enquiries, orders or support questions sent via email, personal information is stored in our Microsoft Exchange email system, as well as in our secure Microsoft Azure SQL Server Database. See our data security policy here.
   
• 4.2.4 How does SSL use the information collected?
  Internal record keeping, to improve products and services, to send information which is relevant to the enquiry or order. If SSL has been supplied with personal information, we may get in contact email, phone or fax for reasons relevant to the enquiry.
   
• 4.2.5 Does SSL share personal information with any third parties?
  SSL never shares personal information with third parties.
   
• 4.2.6 How long does SSL retain the personal information?
  SSL will retain personal information as long as it is relevant in order to provide the service relating to the enquiry, order or support request.
   
• 4.2.7 How to find out what personal information SSL holds?
  To find out what personal information SSL holds, email us at support@misocs.com.
   
• 4.2.8 How to delete the personal information SSL holds?
  Email us at support@misocs.com and request your personal data is deleted.

4.3 School Staff, Parents and Pupils using SOCS. SSL is the data processor and your school is the data controller of your personal data when the SOCS online system is used by logging into the SOCS control panel.

• 4.3.1 What personal information is processed by SSL?
  Name, email address and other contact information (i.e. phone number, fax number) is stored for staff, pupils and pupil contacts at the school, depending on which of the SOCS modules the school uses. SOCS user data is also stored including SOCS login details.
   
• 4.3.2 Where is the personal information stored?
  All personal information is stored in the UK.
   
• 4.3.4 How is the personal information stored?
  All personal information is stored in our secure Microsoft Azure SQL Server Database. All data is encrypted at rest, and sensitive data (e.g. passwords) is always encrypted. All data passed between the SOCS control panel and our secure server is also encrypted in transit. SSL certificates are available on request for all SOCS powered websites. See our data security policy here.
   
• 4.3.5 Does SSL share personal information with any third parties?
  SSL never shares your personal information with third parties.
   
• 4.3.6 How long does SSL retain the personal information?
  SSL retains personal information for as long as your school uses the SOCS system. If your school no longer uses the SOCS system all personal information is removed.
   
• 4.3.7 How do you request the personal data which is stored in SOCS?
  To request the personal data processed by SOCS you should contact your school who is the data controller.
   
• 4.3.8 How to delete the personal information stored?
  To request that personal data processed by SOCS is deleted, you should contact your school who is the data controller.

4.4 The Use of Cookies on SSL Websites.

• 4.4.1 What is a cookie?
  Cookies are small files which are stored on a user's computer. They are designed to hold a modest amount of data specific to a particular client and website, and can be accessed either by the web server or the client computer.
   
• 4.4.2 How does SSL use cookies?
  SSL uses cookies to store important information about your visit (not personal information). This allows SSL websites to function correctly for each individual visitor. SSL websites also use Google Analytics cookies to track visitors and generate useful website usage statistics allowing us to improve our service.
   
• 4.4.3 What about third party cookies?
  SSL websites sometimes use third party cookies from other domains within the SOCS system in order to monitor website usage and improve our service (no personal information). Some SSL websites may have third party widgets installed (e.g. Twitter timelines), and these will also often use third party cookies in order to provide the service.
   
• 4.4.4 How can you reject cookies and how does this impacts the use of SSL websites?
  To find out more about cookies, including how manage and reject cookies in your web browser, visit https://ico.org.uk/for-the-public/online/cookies/. In order to login to SOCS and use any features from SSL websites requiring the system to remember your preferences (e.g. favorite sports team), cookies from the website must be allowed.

4.5 Changes to this Privacy and Cookies Policy. This Privacy and Cookies Policy may be updated from time to time so you may wish to check it each time you submit personal information. Also see Section 1.4 Changes to these SOCS Terms & Conditions of Business.

<< 3. SOCS Services Agreement 5. Data Security Policy >>