What information do we collect?
The eRevision system records pupil names, emails, target grades and groups, and teacher names and contacts. It also logs pupils' scores in activites/tests for the purpose of progress tracking and assessment.
Who can access your information?
The information is not accessible by ZigZag employees except for the specific purposes of administration (adding new packages and teachers) or programming (fixing bugs and adding new features); these ZigZag employees are under contract of confidentiality as per GDPR Article 28(3)(b). It is your responsibility to add pupils into the system and to remove old pupils and their data. We will only process personal data in line with schools documented instructions unless we are required to do otherwise by EU or member state law.
We will not use your information for marketing. We do not pass on your details to anyone else. You will only receive emails from us relating to your usage of the system for example login reminders, periodic activity logs, asking for feedback and responding to issues. Your scores are private to you, to the teachers that your school has added to the eRevision system, and to ZigZag Education for the purpose of administration and technical support. If you have any questions about this then please speak to your teacher.
It is our obligation to keep your data safe. We have technical, software, physical and administrative systems and procedures in place to protect your information. We make our best efforts to keep your personal information private, and if we are knowingly subject to a data breach then we will notify affected without undue delay, as well as taking appropriate action. The only sub-processors we are SendInBlue and MailChimp which are email systems for sending correspondance.
School Administrator Set-Up
The initial teacher who orders will made be a school administrator on eRevision. New administrators have to be authorised by an existing administrator before they can access student details. Administrators can add other teachers to give them access to students, groups and packages.
Supporting you as the Data Controller
We will support you in carrying out your role as data controller to deal with such as subject access requests, requests for the rectification or erasure of personal data, and objections to processing. Similarly we will assist you in meeting your obligations to keep personal data secure; notify personal data breaches to the supervisory authority; notify personal data breaches to data subjects; carry out data protection impact assessments (DPIAs) when required; and consult the supervisory authority where a DPIA indicates there is a high risk that cannot be mitigated.
At your request we will aid you in deleting all the personal data our system holds; we hold no further copies aside from backup copies on a rotational basis which are deleted in due course.
We will respond to requests from you to provide specific information to show that the obligations of GDPR Article 28 have been met.
Links to other websites
How to contact us