deleted: contract for the tapestry online learning journal€¦ · 01/05/2018 · standard...

Contract for the Tapestry Online Learning Journal FoundationStageForumLtd

18April2019

Table of Contents Anoteonthiscontract...........................................................................................................................................5AnoncontractualnoteonBrexit.......................................................................................................................6IfyouareacustomerintheEU,butnotintheUK................................................................................6IfyouareacustomerintheUK......................................................................................................................6

YourcontractwithusfortheuseofTapestry..............................................................................................6Whatyouget..........................................................................................................................................................7Whatyoudonotget............................................................................................................................................7Tapestry,ouronlinelearningjournal.........................................................................................................7Ourtutorials...........................................................................................................................................................8OurBillingandSupportSystem....................................................................................................................8OurDiscussionForum.......................................................................................................................................8Fees............................................................................................................................................................................8Termination............................................................................................................................................................8Changesanddisputes.........................................................................................................................................9

AnnexA:TapestryDataProtection...................................................................................................................9ThelegallyrequiredtermsinaDataProcessingAgreementorContract...................................9Ourjurisdiction..................................................................................................................................................10Whereisdatastored?.....................................................................................................................................10WhatdataisplacedintoTapestry?...........................................................................................................11Whoisresponsibleforwhat?......................................................................................................................11Whatweexpectofyou....................................................................................................................................12YoumusthavealawfulbasisforputtingdataintoTapestry...................................................12YoumustuseTapestryinawaythatiscompliantwithdataprotectionlaw....................12Youmustrespondtodataprotectionrequests..............................................................................13YoumustkeepyourcontactdetailsonTapestryuptodate.....................................................14

Whatyoucanexpectofus.............................................................................................................................14Wewillonlyprocessdataonyourwritteninstructions.............................................................14

Deleted: 1May2018

Deleted: ¶

Deleted: Anoteonthiscontract➝5¶YourcontractwithusfortheuseofTapestry➝6¶Whatyouget➝7¶Whatyoudonotget➝7¶Tapestry,ouronlinelearningjournal➝7¶Ourtutorials➝8¶OurBillingandSupportSystem➝8¶OurDiscussionForum➝8¶Fees➝8¶Termination➝8¶Changesanddisputes➝9¶AnnexA:TapestryDataProtection➝9¶ThelegallyrequiredtermsinaDataProcessingAgreementorContract➝9¶Ourjurisdiction➝10¶Whereisdatastored?➝10¶WhatdataisplacedintoTapestry?➝11¶Whoisresponsibleforwhat?➝11¶Whatweexpectofyou➝12¶YoumusthavealawfulbasisforputtingdataintoTapestry➝12¶YoumustuseTapestryinawaythatiscompliantwithdataprotectionlaw➝12¶Youmustrespondtodataprotectionrequests➝13¶YoumustkeepyourcontactdetailsonTapestryuptodate➝14¶Whatyoucanexpectofus➝14¶Wewillonlyprocessdataonyourwritteninstructions➝14¶Wewillensurethatpeopleweusetoprocessyourdataaresubjecttoadutyofconfidence➝16¶Wewilltakeappropriatemeasurestoensurethesecurityofourprocessing➝16¶Wewillengagesub-processorsonlywithyourpriorconsent➝16¶Wewillassistyouinprovidingsubjectaccessandallowingdatasubjectstoexercisetheirrightsunderdataprotectionlaw➝16¶Wewillassistyouinmeetingyourlegaldataprotectionobligations➝17¶Wewilldeleteorreturnallpersonaldatatoyouasrequestedattheendofthecontract➝18¶Wewillsubmittoyourauditsandinspections➝18¶Wewillprovideyouwiththeinformationtomeetyourlegalobligations➝18¶Wewilltellyouifwebecomeawareofadatabreach➝18¶Wewilltellyouimmediatelyifweareaskedtodosomethinginfringingdataprotectionlaw➝19¶Ifsomethinggoeswrong➝19¶Complaints➝19¶OurDataProtectionOfficer➝19¶FrequentlyAskedQuestions➝19¶WithregardtoBrexit:willthedatabehostedandbackedupintheUKonceBrexitisfinalised?➝19¶AnnexB:TapestrySecurity➝19¶SecurityResponsibilities➝19¶Whoarewe?➝20¶TheFoundationStageForumLtd➝20¶ ... [1]

Thomas Counsell

This is an automatically generated marked up copy of the differences between the Tapestry Online Learning Journal contract of 1 May 2018 and the one of 18 April 2019. It isn’t perfect (e.g., it reports spurious formatting changes) for which we are sorry, but we hope it helps.�

Wewillensurethatpeopleweusetoprocessyourdataaresubjecttoadutyofconfidence.......................................................................................................................................................16Wewilltakeappropriatemeasurestoensurethesecurityofourprocessing.................16Wewillengagesub-processorsonlywithyourpriorconsent.................................................16Wewillassistyouinprovidingsubjectaccessandallowingdatasubjectstoexercisetheirrightsunderdataprotectionlaw...............................................................................................16Wewillassistyouinmeetingyourlegaldataprotectionobligations..................................17Wewilldeleteorreturnallpersonaldatatoyouasrequestedattheendofthecontract..............................................................................................................................................................................18Wewillsubmittoyourauditsandinspections...............................................................................18Wewillprovideyouwiththeinformationtomeetyourlegalobligations.........................18Wewilltellyouifwebecomeawareofadatabreach.................................................................18Wewilltellyouimmediatelyifweareaskedtodosomethinginfringingdataprotectionlaw...............................................................................................................................................19

Ifsomethinggoeswrong...............................................................................................................................19Complaints......................................................................................................................................................19OurDataProtectionOfficer.....................................................................................................................19

FrequentlyAskedQuestions.............................................................................................................................19WithregardtoBrexit:willthedatabehostedandbackedupintheUKonceBrexitisfinalised?...............................................................................................................................................................19

AnnexB:TapestrySecurity...............................................................................................................................19SecurityResponsibilities...............................................................................................................................19Whoarewe?........................................................................................................................................................20TheFoundationStageForumLtd.........................................................................................................20Director:StephenEdwardsMSc............................................................................................................20Director:HelenEdwardsDPhil..............................................................................................................20DataProtectionOfficer:LaurenFoley.................................................................................................21

DataProtectionLaw........................................................................................................................................21Accesstodata.....................................................................................................................................................21Deletingdatawhenitisnolongerneeded.............................................................................................22Organisationaldatasecurity........................................................................................................................22ISO27001........................................................................................................................................................22Staff....................................................................................................................................................................22Procedures......................................................................................................................................................23Passwords.......................................................................................................................................................23

Technicaldatasecurity...................................................................................................................................24Physicalsecurity...........................................................................................................................................25Softwaresecurity.........................................................................................................................................26Encryption.......................................................................................................................................................26Partitioning.....................................................................................................................................................26Logging.............................................................................................................................................................27Verification(alsoknownasPenetrationTesting).........................................................................27

Capacity,RedundancyandBackups.........................................................................................................27Keepingintouchaboutsecurity.................................................................................................................28Frequentlyaskedsecurityquestions.......................................................................................................28Canyoufilloutthissecurityquestionnaireforme?.....................................................................28Doyouofferaservicelevelagreement?............................................................................................29Areyouinsured?..........................................................................................................................................29Whathappensifmyaccountsubscriptionshouldexpire?........................................................29DoyoustoredataoutsideoftheEU?...................................................................................................29Whatencryptionprinciplesareusedfordataintransit?...........................................................29HaveyoudisabledTLS1.0support?....................................................................................................29Whatencryptionkeymanagementprocessesareinplace?.....................................................29ThedatacentrehostingTapestryisISO27001accredited.WhichversionofISO27001isit,andwhoistheaccreditingcompany?.......................................................................................29Doyoufollowanyotherstandardsorholdanyothercertifications?...................................30Whichboardmemberisresponsibleforsecurity?.......................................................................30Doyouhaveadocumentedframeworkforsecuritygovernance,withpoliciesgoverningkeyaspectsofinformationsecurityrelevanttotheservice?.............................30Canyouprovideevidencethatsecurityandinformationsecurityarepartofyourfinancialandoperationalriskreportingmechanisms,ensuringthattheboardwouldbekeptinformedofsecurityandinformationrisk?...........................................................................30Canyouprovideevidenceofprocessestoidentifyandensurecompliancewithapplicablelegalandregulatoryrequirements?..............................................................................30Doyoutrackthestatus,locationandconfigurationofservicecomponentsthroughouttheirlifetime?.................................................................................................................................................30Doyouassesschangestotheserviceforpotentialsecurityimpactandmonitorthatimpacttocompletion?................................................................................................................................31Howarepotentialnewthreats,vulnerabilitiesorexploitationtechniqueswhichcouldaffecttheserviceassessed?.....................................................................................................................31

Doweuserelevantsourcesofinformationrelatingtothreat,vulnerabilityandexploitationtechniques,egNIST,NCSC?...........................................................................................31Howareknownvulnerabilitiesprioritisedandtrackeduntilmitigationshavebeendeployed?........................................................................................................................................................31Whatarethetimescalesforimplementingmitigations?E.g.inpatchingpolicy?............31Otherthanforfault-finding,areactivitylogsmonitoredforsuspiciousactivity,potentialcompromisesorinappropriateuseoftheservice?...................................................32Dowehaveanincidentmanagementprocess?..............................................................................32Whatistheprocessforthevendortoreportincidentstothecustomer?..........................32Is2-factorauthentication(2FA)availabletoendusers?............................................................32CanwerequirepasswordstobechangedeveryXdays?...........................................................32WhichNSCCsystemarchitecturedoyouuse?................................................................................32Whatprovisionismadeforcustomerstoaccess/monitorauditrecordsforsystem/dataaccess?....................................................................................................................................................32Doesyourorganisationhavedifferentiatedaccesstodatadependingonthesensitivitylevel?..................................................................................................................................................................33

AnnexC:TapestryPrivacy.................................................................................................................................33TheService..........................................................................................................................................................33Whatdatadowecollect?...............................................................................................................................34Whatisthelawfulbasisforstoringthisdata.......................................................................................35Whosedataisit?................................................................................................................................................35Whodowesharedatawith?........................................................................................................................36Howdowecollectthedata?.........................................................................................................................36CanIseemydatathatisstoredonyoursystem?...............................................................................36CanIhavemydatacorrectedordeleted?..............................................................................................36Whatareourcustomer’sresponsibilities?............................................................................................36ContactingUs......................................................................................................................................................37

AnnexD:TapestrySub-processors................................................................................................................37Listofsub-processors.....................................................................................................................................38Changestosub-processors...........................................................................................................................38

AnnexE:Billingandsupportdata..................................................................................................................38Whatdatadowecollect?...............................................................................................................................38Whydoyouneedthisdata?.........................................................................................................................39Whodoyousharethisdatawith?.............................................................................................................39Whereisthedatastored?..............................................................................................................................39

Howlongdoyoukeepthisdata?...............................................................................................................39HowdoIexercisemyrightsunderdataprotectionlaw?................................................................39

AnnexF:Useofourdiscussionforum..........................................................................................................40Liability..................................................................................................................................................................40Contentandownershipofyourmessages.............................................................................................40PrivacyandDataProtection.........................................................................................................................41

Changestothiscontract......................................................................................................................................42Nextversionofthecontract(releaseTBD)...........................................................................................422018May1..........................................................................................................................................................43TapestryDataProtection..........................................................................................................................43TapestrySecurity.........................................................................................................................................43TapestryPrivacy...........................................................................................................................................43TapestrySubProcessor.............................................................................................................................43

2018March12(SecondDraft)....................................................................................................................44Acrossallsections........................................................................................................................................44Anoteonthisdraft......................................................................................................................................44Overview..........................................................................................................................................................44AnnexA:TapestryDataProtection......................................................................................................44AnnexB:TapestrySecurity.....................................................................................................................45AnnexC:TapestryPrivacy.......................................................................................................................45AnnexD:TapestrySub-processors......................................................................................................45AnnexE:Billingandsupportdata........................................................................................................46AnnexF:Useofourdiscussionforum.................................................................................................46

2018January5(Firstdraft).........................................................................................................................46

A note on this contract ThisisthenewcontractbetweentheFoundationStageForumLtdandourcustomerswhouseTapestry.

Ifyouhavereadthepreviousversion,youcanseealistofchangesattheendofthisdocument,oraversionwith“TrackChanges”athttps://tapestry.info/draft-contract.

Therearenofundamentalchangesinthisversion.Thekeyonesare:

Deleted:

Deleted: a

Deleted: draft

Deleted: Wearen’ttryingtochangeanything

Deleted: aboutourrelationshipandwhatwedoforyou.Butwearetryingto:¶Improvetheclarityofthecontract.¶Makeitunambiguouslyclearhowweworktogethertoensurewearecompliantwiththe

Deleted: todataprotectionlawintheEU(knownastheGDPR).…

1. Mentionthataforthcomingregisterfunctionmeansyoumight,ifyouwish,bestoringattendancedata.

2. MentionthatthenewTapestryappsmeanthatyoumight,ifyouwish,besendingpushnotifications.ThosenotificationswouldgoviaApple,GoogleorAmazon(dependingonthedevice)andmightgooutsideoftheEU.

3. MentionthatwehavechangedemailproviderforourbillingandcustomersupportfromFastmailtoZohoMail.

YouwillbeaskedtoagreetothiscontractthoughtheTapestryControlPanel.

A non contractual note on Brexit

If you are a customer in the EU, but not in the UK IntheeventofBrexit,wewillprobablyneedtoissueanewcontractwiththesetofstandardcontractualclausesthattheEuropeanCommissionhasprovidedthatallowdataprocessingintheUKtoremaincompliant.

Restassured,yourdatawillcontinuetobestoredwithindatacentersintheEU.ThereforealmostalloftheprocesssingwedoforyouwillcontinuetohappenwithintheEU.AdatatransferoutsidetotheUKwillonlyhappenifweneedtolookatyourdatainordertoprovideyouwithsupport.

If you are a customer in the UK IntheeventofBrexit,itisunclearwhatchangeswillberequiredforourcustomersintheUK.

Atthetimeofwriting,theUKgovernment’sintentionissuchthatnochangestoTapestrywouldberequired.Specifically,theprocessingofdataaboutpeopleintheUKcancontinuetohappenintheEU.

Unfortunately,theUKgovernmenthasnot,atthetimeofwriting,passedalltherequiredlegislation.Iftheyfailtopassthelegislation,orpassdifferentlegistation,thenwewilldowhatittakestobecompliantanddoourbesttogiveyouasmuchnoticeaspossibleaboutwhatchangesmightberequired.

TheUKInformationCommissioner’sOfficeisprovidingguidanceonhowtoprepareforBrexitthatyoumaywishtoread:https://ico.org.uk/for-organisations/data-protection-and-brexit/.

Your contract with us for the use of Tapestry 1. WearetheFoundationStageForumLtd,acompanyregisteredinEnglandwith

companynumber05757213andaregisteredaddressof1,SouthdownAvenue,LewesBN71EL,UK.

2. Youareachildminder,educator,nursery,schoolorsimilareducationalorganisation.

What you get 3. Thiscontractisfora12monthsubscriptiontoTapestry,ouronlinelearningjournal,

togetherwith:– Ourtutorials– EmailsupportduringUKbusinesshours– Accesstothehttps://eyfs.infodiscussionforum

What you do not get 4. Wedonotprovidetelephoneorfacetofacesupport.However,atourdiscretion,we

mayoffertocallyouifwefeelaquerycouldbebetterresolvedoverthephone.Wealsodoofferbookabletelephonesupportsessionsforafee.

4. WedonotprovidedirectsupporttoanyrelativesthatyouaddtoTapestry.Iftheycontactus,wewillusuallydirectthembacktoyou.Wedothisbecauseitisdifficultforustoknowwhethertheirrequestsareauthorisedbyyou.

4. WedoourbesttoprovideTapestryatalltimes(seeourAnnexB:TapestrySecurity),butwecannotguaranteethis.

Tapestry, our online learning journal 7. YoumustbetheDataControlleroftheinformationthatyouenterintoTapestry(as

youareforyourpaperrecords);wewillbetheDataProcessor.Ifyoudon’tknowwhatthosetermsmean,itisessentialthatyoufindout.Astartingpointforfindingoutishttps://ico.org.uk.

7. Youagreewithourapproachtodataprotection,privacyandsecurityandtodoyourpart.Wedescribeourapproachandwhatweexpectofyouintheselinkedannexes:– AnnexA:TapestryDataProtection– AnnexB:TapestrySecurity– AnnexC:TapestryPrivacy

7. Youagreetoourcurrentsub-processors:– AnnexD:TapestrySub-processors

7. WearecompliantwithUKdataprotectionlegislation(sometimesreferredtoasthe‘GDPR’).

7. ThiscontractcontainsthetermsrequiredforadataprocessingagreementunderUKdataprotectionlegislation.

7. WewillhelpyoutocomplywithyourdutiesunderUKdataprotectionlegislation.Inmostcasesyoucanusethetoolsweprovide.Ifyouaskusforextrahelpincomplyingwewillgiveittoyou,butwemaychargeyouourcostsinhelping.MoredetailisprovidedinAnnexA:TapestryDataProtection.

7. IfyouwishtoauditusunderUKdataprotectionlegislation,youmaydoso,butwemaychargeyouourcostsinparticipatinginyouraudit.

Our tutorials 14. Youmaycopy,store,shareandadaptourtutorialsforthepurposeofmakingbetter

useofTapestry.

Our Billing and Support System 15. Ifyoucontactusbyemailorthroughourwebsitesthenwewillstoreandprocessthe

informationyouprovideinourbillingandsupportsystem.UnlikethedatayouenterintoTapestry,wearetheDataControllerforinformationinourbillingandsupportsystem.WedescribehowweusethatdatainAnnexE:Billingandsupportdata.

Our Discussion Forum 16. Youdonotneedtouseourdiscussionforum.Butifyouchooseto,thenyouagreeto

theconditionssetoutinAnnexF:Useofourdiscussionforum.

Fees 17. YoumustpayourfeeinfullbeforewewillstartyourTapestrysubscription17. Ourfee,assetoutonourwebsite,isbasedonthemaximumnumberofchildrenyou

wishtohaveinyourTapestryaccountduringthe12monthsubscription.17. Youcanaddorremoveindividualchildrenthroughouttheyearsolongasthe

maximumnumberofchildrenisnotexceededatanyonemoment.17. Ifyouhavenotpaidyourfeeinfullthen:• wemaynotprovideaccesstoTapestry.• after90days,wewilldeletethedatathatyouhaveenteredintoTapestry.21. Ifyouwishtoincreasethemaximumnumberofchildrenyoucanhaveinyour

Tapestryaccountduringthe12monthsubscriptionthenwewillchargeyouthedifferencebetweenwhatyouhavepaidandthecurrentfeeforanaccountwiththeincreasednumberofchildren.Thiswillnotextendyoursubscription.

21. YoumustpayusUKPoundsSterlingincludinganyapplicableVAT.Ifyouchoosetopaybybanktransferyoumustbearallcurrencyconversionandbanktransfercosts.

Termination 23. YoucanstopusingTapestryatanytimeandaskustoreturnand/ordeletethedata

youhaveenteredintoTapestry,butwewillnotrefundanyfeesthatyouhavepaidunless:– YouarewithinthefirstmonthofyourTapestrysubscription– Wemateriallychangethiscontracttoyourdetriment

23. Wemay,afterdiscussingthesituationwithyou,stopprovidingyouwithTapestryifyou:– misuseoursystemsor– createanunreasonableloadonoursystemsor– causeusunreasonablecostsor– abuseourstaffor

– breachthiscontract.

Changes and disputes 25. Ifsomethinggoeswrong,unlessotherwiserequiredbylaw,ourtotalliabilitytoeach

otherislimitedtotheannualfeethatyouhavepaidusforTapestry.25. OneexampleofwherethelawrequiresdifferentliabilityisinbreachesofUKdata

protectionlaw.Wecanbothbeinvestigatedandfinedbytherelevantsupervisoryauthoritiesandwebothmaybeliabletopaycompensationfordamagescausedbybreachingthislaw.Ifitlaterturnsoutthatoneorotherofuswasn’tresponsibleforthebreach,thenwecanclaimbacktheshareofliabilityfromtheresponsibleparty–evenifthatismorethantheannualthatfeeyouhavepaidus.

25. OurcontractwithyouisunderEnglishlawandanydisputewillbesettledbyanEnglishcourt.

25. Thisdocument,togetherwithitsannexesareourentirecontractwithyou.Ifyouwanttovarythiscontract,oraddadditionalterms,thentherewillneedtobewrittenandexplicitagreementbetweenyouandoneofourcompanydirectors.Tokeepourcostsandpricesdown,werarelydothis.Inparticular,unlessexplicitlyagreedtobyoneofourcompanydirectors,wedonotacceptanystandardpurchasingtermsandconditionsthatyoumayusuallyapply.

25. Wemaychangethiscontract,butwillgiveyoureasonablewarning.

Annex A: Tapestry Data Protection WearetheFoundationStageForumLtd,acompanyregisteredinEnglandwithcompanynumber05757213andaregisteredaddressof1,SouthdownAvenue,LewesBN71EL,UK.

Youareachildminder,educator,nursery,schoolorsimilareducationalorganisation.

ThisAnnexrelatestotheuseofTapestry,ouronlinelearningjournal.AnnexErelatestodatainourbillingandsupportsystem.AnnexFrelatestodatainourdiscussionforum.

WeneedtoworktogethertoensurewearecompliantwithdataprotectionregulationswhenusingTapestry.

Thisannexshouldbereadinconjunctionwithouroverallcontractand,inparticular,AnnexBwhichexplainingourapproachtosecurityandAnnexDwhichlistsoursubprocessors.

The legally required terms in a Data Processing Agreement or Contract IfyouareintheEU,thenyoumusthaveawrittencontractwithus(sometimesknownasaDataProcessingAgreement)and,legally,mustincludesomeparticularbitsofinformationandcommitments.Thiscontractactsasthatwrittencontractandcontainstherequiredinformationandcommitments.

Tohelpyoufindthem:

• Thesubjectmatteranddurationoftheprocessingissummarisedbelowunder‘WhatdataisplacedintoTapestry’andsetoutindetailinAnnexC:TapestryPrivacy

• Thenatureandpurposeoftheprocessingissummarisedbelowunder‘WhatdataisplacedintoTapestry’andsetoutindetailinAnnexC:TapestryPrivacy.

• Thetypeofpersonaldataandcategoriesofdatasubjectissummarisedbelowunder‘WhatdataisplacedintoTapestry’andsetoutindetailinAnnexC:TapestryPrivacy.

• Theobligationsandrightsofthecontrollerissetoutin“Whatweexpectofyou”and“Whatyoucanexpectofus”below.

• Thestandardrequirementsondataprocessors(e.g.,toactonwritteninstructions,submittoaudit,notifyofbreachesetc)aresetoutin“Whatyoucanexpectofus”below.

Our jurisdiction WeareheadquarteredintheUK.ThiscontractisunderUKlaw.

OurleadsupervisoryauthorityfordataprotectionistheUKInformationCommissioner’sOffice(https://ico.org.uk).

Where is data stored? OurprocessingandstorageofyourdatahappenswithintheEU.

TheprimaryprocessingandstoragelocationisinIreland.

OuroffsitebackupsarestoredinGermany.

OurofficeisintheUK.

Fortheavoidanceofdoubt:Thestoragelocationispartofyourcontractwithus.Ifwewishedtochangewhereyourdataisstored,wewouldneedtochangethiscontract,andcontractchangesalwaysrequireagreementfrombothyouandus.

Toprovidealittlemoredetail:

• AlmostallstorageandprocessingiscarriedoutoncomputersandnetworksprovidedbyAmazonWebServices(AWS)asub-processorwhowelistinAnnexD.WeinstructthemtoonlystoredataoncomputersintheirdatacentreslocatedinIreland(fortheprimarysystem)andGermany(forthebackupsystem).Theyarecontractuallyboundnottomovedataelsewherewithoutourpermission.

• Theexceptionsare:– Onveryrareoccasions,andsubjecttostrictsafeguards,wemaystoreand

processsomedatalocallyinourofficesinordertodiagnoseorfixabug.OntheseoccasionsdatawillbestoredandprocessedinLewesintheUK.Someofthesafeguardsare:weonlydoitwhenwehaveto–itisneverroutine;westoretheminimumpossibleamountofdatalocally;weonlystoreitonencryptedsecuremachines;wedeleteitassoonaspossible.

– IfyoulogintoTapestrywhenyouareoutsidetheEU,datawillbetransferredoutsideoftheEUtogettoyou.Thisisunlikelytobeaconcernifyouareanon-EUschoolornurserybecauseyouwon’tbestoringdataaboutpeoplewhoareintheEU.Itisalsounlikelytobeaconcernifitonlyhappenseverynowandagainandonlyconcernsafewchildren(i.e.,aparentdoesit).However,ifyouareanEUbasedorganisation,youshouldconsideryourpoliciesforallowingstafftologintoTapestryiftheyareoutsidetheEU.

– ThecontentsofPush NotificationstoiOS,AndroidandAmazonappswillgoviaApple,GoogleorAmazonserversrespectivelywhichmaybeoutsidetheEU.ThisonlyhappensifALLofthefollowingaretrue:1)‘AllowPushNotifications’isenabledintheTapestryControlPanel;2)‘Includenamesinpushnotifications’isenabledintheTapestryControlPanel;3)Apersonisusingaversionofourappthatsupportspushnotifications;4)Thepersonusingourappenablespushnotificationsforthatdevice;5)Thepersonusingourappconsentstonamesbeingincludedinourpushnotifications.

What data is placed into Tapestry? AnnexC:TapestryPrivacysetsoutthesubjectmatteranddurationofourprocessing;thenatureandpurposeoftheprocessing;thetypeofpersonaldataandthecategoriesofdatasubject.

Insummary:

• ThecategoriesofdatasubjectarethepeopleyouaddtoTapestry.Typicallychildren,staffandrelativesofthechildren.Youchooseexactlywho.

• Thesubjectmatterandtypesofpersonaldataaretypically:names,emailaddresses,datesofbirth,postcodes,contentsofanonlinelearningjournal,recordsofachild’scare,recordsofachild’sattendance.Youchooseexactlywhatdata.

• Thenatureandpurposeoftheprocessingistypically:toprovideanonlinerecordofchildren’sattendance,progressandcareinordertomonitor,shareandanalysethatattendance,progressandcare.Youchooseexactlywhatisdonewiththedataandwhoitissharedwith.

• Thedurationoftheprocessingis,atmost,thedurationofthiscontractplusthetimetakenfordatatoleaveourbackupsystem.Itcanbeshorterifyouchoosetodeletesomeorallofyourdatasooner.

Who is responsible for what? Thefirstthingtoagreeisthat:

1. Youarethedatacontrollerfordatayou,orthepeopleyougiveaccess,addtoTapestry.1. Wearethedataprocessor.

Ifyoudon’tknowwhatthosetermsmean,itisessentialthatyoufindout.Astartingpointforfindingoutishttps://ico.org.uk.

Deleted: .

Youmust:

• HavealawfulbasisforenteringdataintoTapestry.• UseTapestryinawaythatiscompliantwithdataprotectionlaw.• Respondtodataprotectionrequests.• KeepyourcontactdetailsonTapestryuptodate.

Wemust:

• Onlyprocessdataonyourinstructions.• Ensurethatpeopleweusetoprocessyourdataaresubjecttoadutyofconfidence.• Takeappropriatemeasurestoensurethesecurityofourprocessing.• Onlyengagesub-processorswithyourpriorwrittenconsent(seeAnnexD).• Assistyouinprovidingsubjectaccessandallowingdatasubjectstoexercisetheir

rightsunderdataprotectionlaw.• Assistyouinmeetingyourlegaldataprotectionobligationsinrelationto:

– thesecurityofprocessing.– thenotificationofpersonaldatabreaches.– dataprotectionimpactassessments.

• Deleteorreturnallpersonaldatatoyouasrequestedattheendofthecontract.• Submittoyourauditsandinspections.• Provideyouwiththeinformationtomeetyourlegalobligations.• Tellyouifwebecomeawareofadatabreach• Tellyouimmediatelyifweareaskedtodosomethinginfringingdataprotectionlaw.

What we expect of you

You must have a lawful basis for putting data into Tapestry

WerelyonyoutoensureyouhavealawfulbasisforputtingdataintoTapestry.Ifyouhaven’tworkedoutwhatyourlawfulbasisis,pleasedosoimmediately.Onceagain,theUKInformationCommissionersOffice,https://ico.org.uk,isagoodstartingpoint.

Pleasedon’tleaptoassumingconsentistheonlylawfulbasisforyou,butcarefullyconsiderthesixpossiblebasesdescribedinlawandworkoutwhichisright,givenwhatyouintendtostoreinTapestryandhowyouintendtouseandshareit.

Ifyouarerelyingonconsentasyourlawfulbasis,thenwerelyonyoutohavegainedtheconsentforwhateverdatayouintendtoputonTapestryandtoremovedataifconsentislaterwithdrawn.

You must use Tapestry in a way that is compliant with data protection law

AsthecontrollerofthedatayouputinTapestry,youmustcomplywithdataprotectionlaw.Thisincludesensuringthatthedatais:

1. Processedlawfully,fairlyandinatransparentmannerinrelationtoindividuals.1. Collectedforspecified,explicitandlegitimatepurposesandnotfurtherprocessedina

mannerthatisincompatiblewiththosepurposes;furtherprocessingforarchivingpurposesinthepublicinterest,scientificorhistoricalresearchpurposesorstatisticalpurposesshallnotbeconsideredtobeincompatiblewiththeinitialpurposes.

1. Adequate,relevantandlimitedtowhatisnecessaryinrelationtothepurposesforwhichtheyareprocessed.

1. Accurateand,wherenecessary,keptuptodate;everyreasonablestepmustbetakentoensurethatpersonaldatathatareinaccurate,havingregardtothepurposesforwhichtheyareprocessed,areerasedorrectifiedwithoutdelay.

1. Keptinaformwhichpermitsidentificationofdatasubjectsfornolongerthanisnecessaryforthepurposesforwhichthepersonaldataareprocessed;personaldatamaybestoredforlongerperiodsinsofarasthepersonaldatawillbeprocessedsolelyforarchivingpurposesinthepublicinterest,scientificorhistoricalresearchpurposesorstatisticalpurposessubjecttoimplementationoftheappropriatetechnicalandorganisationalmeasuresrequiredbytheGDPRinordertosafeguardtherightsandfreedomsofindividuals.

1. Processedinamannerthatensuresappropriatesecurityofthepersonaldata,includingprotectionagainstunauthorisedorunlawfulprocessingandagainstaccidentalloss,destructionordamage,usingappropriatetechnicalororganisationalmeasures.

Source:https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/principles/

Wewilldoourpartinhelpingyoutocomply(describedbelow).

You must respond to data protection requests

UsingTapestrynormallyinvolvesprocessingdataaboutpeople(children,possiblystaff,possiblyrelatives).Thosepeoplehaverightsunderdataprotectionlaw,including:

1. Therighttobeinformed1. Therightofaccess1. Therighttorectification1. Therighttoerasure1. Therighttorestrictprocessing1. Therighttodataportability1. Therighttoobject1. Rightsinrelationtoautomateddecisionmakingandprofiling

Source:https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/individuals-rights/

Youareresponsibleforrespondingtothoserequests.Wehavedesignedoursystemtohelpyoutorespond.

The right to be informed

Inparticular,pleaseensureyouproactivelydealtwiththe“righttobeinformed”–youmustnotwaitforpeopletoaskyou.

TheUKInformationCommissioner’sOfficehasadviceonthis:https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-be-informed/.

Youmaywishtouseour‘AnnexC:TapestryPrivacy’asastartingpointforinformingyourstaffandtherelativesandchildrenwhosedatayouaddtoTapestry.Butyouwillprobablyneedtoadaptittocover:yourcontactdetails,yourlawfulbasisforaddingdata,whoyouintendtosharethedatawithandwhyandwhenyouintendtodeletethedata.Sincethenewdataprotectionlawcoversalldata,whetheritisoncomputeroronpaper,youmaywishtoincorporatethisintoasinglewiderdocumentthatcoversallthedatayouprocess.

You must keep your contact details on Tapestry up to date

YoumustkeepyourcontactdetailsuptodatewithinTapestry.Weusetheseto:

1. Contactyou1. Verifythatinstructionswereceivecomefromyou

Iftheyarenotuptodate,youmaynotreceiveourmessages.

Inparticular,wesometimesreceiverequestsfromcustomersstatingthattheonlymanagerregisteredonaschool,childminderornursery’sTapestryaccounthasleft,andrequestingthattheownershipbetransferredtoanewperson.Inordertoverifythattherequestislegitimatewehavetotakeseveralsteps.Evenifthesestepsaresuccessful,theymaymeanadelayofweeksduringwhichtimeTapestrymaynotbeaccessiblebyyou.Toavoidthis,pleaseensureyouupdatecontactdetailsbeforeamanagerdepartsand,ideally,alwaysregistermorethanonemanagerontheTapestrysystem.

What you can expect of us

We will only process data on your written instructions

Tapestryonlydoeswhatyoutellit.Wedonotdoanyprocessingthatyoudonottellustodo.

Tobeabsolutelyclear:wedon’tlicenseorclaimownershipofyourdata;wedon’tsellyourdata;wedon’tuseyourdataforadvertising;wedon’tpassonyourdataexceptwhenyouinstructusto.

YoucanadduserstoTapestrywho,dependingonthelevelofaccessyougivethem,canthenalsoinstructTapestry.Youcanadjustwhatdatathoseusersseeandwhattheycandowiththedata.

PeoplewhosedatayouhaveaddedtoTapestryhavearighttorestrictprocessing.Ifyouhavebeentoldbysomeonetorestrictprocessingoftheirdata,thenyouareresponsiblefornotusingTapestrytodoanyfurtherprocessingofthatperson’sdata.YouareresponsibleforensuringanyusersthatyouhaveaddedtoTapestrydonofurtherprocessing.TheeasiestwaytodothatistouseTapestrytomarkthechildoruserasinactive.

Who can instruct us

WeprefertoacceptinstructionsthroughtheTapestrywebinterfaceorapps.Thisinterfacehasoptionsforauthorisingdifferentusersandgivingthemdifferentlevelsofpermissionaboutwhattheycaninstructustodo.

Wemayalsoacceptinstructionsthroughoursupportticketsystemorbyemailiftheycomefrom:

• SomeonewhowehaveverifiedisregisteredontherelevantTapestryaccountwiththestatusofa‘manager’.

• Someonewhowehaveverifiedisanappropriaterepresentativeoftheaccountowner(e.g.,theheadofaschool,orthedirectorormanagerofanursery).

Dependingonthenatureoftheinstructionandtheroutebywhichwereceivetheinstruction,wemayneedtotakeextrastepstoverifythattheinstructionislegitimate.Thismayleadtoadelayinuscarryingouttheinstruction.

Ifsomeonewhoisn’tauthorisedtriestoinstructustodosomething,wewilltellyouaboutit.Forexample,thismostcommonlyappliestorelativesyouaddtotheTapestryaccountwhoaskusforaccesstotheirchildren’sdatabecausetheycannotloginoryouhaven’tprovidedthemwithdatatheythinktheyareentitledto.Wewilldirectthoserelativesbacktoyou.

What does only ‘written’ instructions mean?

Underdataprotectionlaw,wearenotallowedtoacceptverbalinstructionsfordataprocessing.

Ifyouspeaktousfacetofaceorbytelephone,youwillneedyoutoconfirmanyinstructionsyougiveusby:

• CarryingthemoutyourselfthroughtheTapestrywebinterfaceorapp• Replyingtoouremailedsummaryofyourinstructions,confirmingthatyouwishusto

proceed.• Repeatingyourinstructionsinamessagethroughoursupportticketsystem,• Repeatingyourinstructionsbyemail,• Repeatingyourinstructionsinalettertous.

Instructions we do and don’t accept

Sometimesourcustomerswritetouswitha‘dataprocessingagreement’or‘dataprocessingschedule’thatsetsouthowtheyintendtouseTapestry(e.g.,theyintendtouse

Tapestrytostoreassessments,butnotpicturesandvideosandintendtosharethosewithotherstaffbutnotrelatives).Itisimportanttonotethatwhilewedon’trequireyoutostoreanyparticulardataaboutanyparticularperson,wealsodon’tpreventyoufromstoringanyparticulardataaboutanyparticularperson.So,inthecaseoftheexample,ifanauthorisedmemberofstafflaterchosetouploadavideoorshareanobservationwitharelative,wewouldnotstopthem.

WhatthismeansisthatwecannotlimityouruseofTapestrybeyondtheoptionswegiveuserswith‘manager’accountsonTapestrytosetpermissionsforotherusers.Ifyouinstructustoapplyfurtherlimitations,forexamplebysendingusascheduledescribinghowyouintendtouseTapestry,wecannotcomply.However,wearealwayshappytoprovideyouwithhelpandguidanceinhowtosetpermissionswithinTapestrytomeetyourneeds.

Similarly,whilstwearealwayskeentoreceivesuggestionsabouthowtoimproveoursecurity,wecannotacceptinstructionstoapplyparticularsecuritymeasurestoyouraccountthataren’talreadyavailableintheTapestrycontrolpanel.Forexample,wecannotcurrentlyacceptinstructionstorestrictaccesstoTapestryforparticularuserstoparticularlocationsortimesofday,thoughwehavegotfeatureslikethatonourtodolist.

We will ensure that people we use to process your data are subject to a duty of confidence

Ourstaffwhoprocessyourdataare:

1. Contractuallyboundtokeepyourdataconfidential.1. Vettedbyus.ThisincludesaDBScheck,whichisupdatedannually.1. Appropriatelytrainedindataprotection.

We will take appropriate measures to ensure the security of our processing

ThemeasureswetakearedescribedinAnnexB.

WehavestartedtheprocessofbecomingcertifiedasISO27001compliant.Whenwehavebecomecertifiedwewillupdatethiscontracttoconfirmthatweare.

We will engage sub-processors only with your prior consent

Weusesub-processorsinawaythatiscompliantwithUKdataprotectionlaw.Oursub-processors,whattheydo,andourprocessforseekingyouragreementtoanychangesaredescribedinAnnexD.

We will assist you in providing subject access and allowing data subjects to exercise their rights under data protection law

YoucandownloadalltheinformationthathasbeenenteredintoTapestry.

WeprovideasectioninthecontrolpanelwhereyoucandownloadasinglefilethatbringstogetheralltheinformationTapestryholdsaboutaparticularchildoraparticularuser.

YoucancorrectalltheinformationthathasbeenenteredintoTapestry.

YoucandeletealltheinformationthatyouhaveenteredintoTapestry.

We will assist you in meeting your legal data protection obligations

The security of processing

WedescribeourcurrentsecurityapproachinAnnexB.

IfyoubelievethatthereissomethingthatshouldbedescribedinAnnexBbutisnot,pleaseletusknow.

Ifyouwishustodescribeoursecurityinaparticularway(suchasbyfillingoutformsforyou)thenwemaypassonourcostsindoingso.

Wedonotusuallyimplementbespokesecuritymeasures.However,wearealwaysinterestedinimprovingourservice,sopleasedoletusknowofanythingthatyouwouldliketosee.

Notification of personal data breaches

Ifwebecomeawareof,orsuspect,adatabreach,wewilltellyouwithoutunduedelay.Ifyoubecomeawareof,orsuspect,abreach,pleasetellusassoonasyoucan.

Ifthereisapersonaldatabreach,wewill:

1. Helpyoutopreventfurtherbreaches(e.g.,ifsomeonehasstolenacomputerusedbyyoutologintoTapestry,andyouareconcernedthatyourTapestrypasswordwasstoredonthatcomputer,wecandisabletherelevantaccountsandchangetherelevantpasswords).

1. Helpyoutoworkoutwhohasbeenaffected.1. Helpyoutoworkoutwhatdatamayhavebeenbreached.1. Helpyoutodeterminethecauseofthebreach.1. HelpyouinyourdealingwiththeInformationCommissionersOffice.

TheInformationCommissionersOfficerequireyoutonotifythemofanydatabreachthatis“likelytoresultinarisktotherightsandfreedomsofindividuals”within72hoursofyoubecomingawareofit.Wewillprioritiseourworktohelpyoutomeetthatdeadline.

Ifyouwishustogofurtherthanthat,wewilldoourbestbutmayhavetopassonourcostsinhelpingyou.

Data protection impact assessments

Wecannotcarryoutadataprotectionimpactassessmentforyou,becausewedonotknowwhatdatayouintendtoplaceinTapestry.

Ifyouwishustogofurtherthanthat,wewilldoourbestbutmayhavetopassonourcostsinhelpingyou.

We will delete or return all personal data to you as requested at the end of the contract

Youcandeletedataatanytime.Youcandownloaddataatanytime.

Attheendofthecontractourstandardpracticeistodeleteyourdatafromoursystemsafter90days.Thedatawillbedeletedfromourbackupsystems90daysafteritisdeletedfromoursystems.Wearehappytodeleteyourdatasoonerifyouaskusto.

Wearehappytoreturnyourdatatoyouatanytime.Ifyouwantyourdatainaparticularformat,wewilldoourbest,butmayhavetopassonourcostsinprovidingittoyouinthatformat.

Wewillnotdeletedataifwearerequiredbylawtokeepit(forinstance,foranongoingpoliceordataprotectioninvestigation).

We will submit to your audits and inspections

WeprovideourapproachtosecurityinAnnexBforyoutoaudit.

WehavestartedtheprocessofbecomingISO27001certified.Whenwehavedoneso,wewillupdatethiscontractandprovideyouwithaccesstothecertificationforyoutoaudit.

Ifyouwanttosubmitustofurtherauditorinspection,wewilldoourbesttohelpyou,butmayhavetopassonourcostsincomplyingwithyourrequest.

We will provide you with the information to meet your legal obligations

Webelievethiscontractanditsannexes,combinedwiththetoolsprovidedwithinTapestry,provideyouwithwhatyouneedtomeetyourlegalobligations.Ifyouthinkthereissomethingmissing,pleaseletusknow.

Ifyouhaveaspecificorunusualrequestforinformation,wewilldoourbesttohelpyou,butmayhavetopassonourcostsincomplyingwithyourrequest.

We will tell you if we become aware of a data breach

Ifwebecomeawareofadatabreach,wewilltellyouaboutitandhelpyoutomeetyourobligationsaswe’vedescribedabove.Wewilldothiswithoutunduedelay.Pleasekeepyourcontactdetailsuptodatesothatwecancontactyouquickly.

Ifwesuspectapossibledatabreachwemay‘lockdown’accesstoTapestryifwethinkthatwouldhelppreventafurtherbreach.ThiswouldmeanthatsomeorallusersofTapestrywouldlosepartialorcompleteaccesstoTapestrywhileweinvestigateandfixwhateverledtothebreach.Wewouldinformyouassoonaspossibleifweneedtodothis.

We will tell you immediately if we are asked to do something infringing data protection law

Ifweareaskedtodosomethingthatwebelieveinfringesdataprotectionlawwewillnotdoso,andwewilltryandreachyouthroughthecontactdetailsyouhavegivenustoexplainwhathashappened.

If something goes wrong

Complaints

Ifyouhaveacomplaint,[email protected].

Our Data Protection Officer

Ifyouhaveaconcernthatwehavenotaddressed,pleasecontactourDataProtectionOfficer:

[email protected]

Frequently Asked Questions

With regard to Brexit: will the data be hosted and backed up in the UK once Brexit is finalised? WedonotknowyethowdataprotectionlawwillchangewithBrexit.ButwearekeepinganeyeondevelopmentsandwillmakewhateverchangesarerequiredtobecompliantwithUKdataprotectionlawasitchanges.

Annex B: Tapestry Security ThisannexrelatestotheuseofTapestry,ouronlinelearningjournal.AnnexErelatestodatainourbillingandsupportsystem.AnnexFrelatestodatainourdiscussionforum.

Securityofasoftwareserviceorproductinvolvesmanyaspects,andsatisfyingyourselfthatyoushouldputyourtrustinaproductcanandshouldrequirethatyouaskquestionsoftheorganisationandpeopleoverseeingthatsecurity.ThisannexaimstogiveyouanunderstandingofwhoweareandhowwehaveaddressedtheimportantissueofprotectingtheintegrityofTapestry.

Security Responsibilities Securityisonlyasstrongastheweakestlink.Wethereforeneedtoworkwithyou,theaccountholder,togetherwithanystaffandrelativesyougivepermissiontouseTapestryto

ensuretheoverallsystemissecure.Thisannexexplainswhatwedoandwhatwehopeyouwilldo.

Thelatestcopyofthisannex,togetherwithourtermsandconditionsarealwaysavailableinthecontrolpanelofyourcopyofTapestry.

Who are we? Tapestryisthenameofaproductthatwasconceived,developedandisownedbyTheFoundationStageForumLtd.,anearlyyearsorganisationthathasprovidedresourcesandsupportfortheearlyyearsworkforcesinceFebruary2003.Wehavecontractswithmanylocalauthorities,someofwhichhavebeeninplacefortenormoreyears.

The Foundation Stage Forum Ltd

TheFoundationStageForumLtdisaVATregistered,privateUKlimitedcompany.

Ourcompanynumberis05757213.

Ourregisteredofficeisat:

1, Southdown AvenueLewesEast SussexBN7 1EL

OurVATregistrationnumberis932933317.

Youcanwritetousatourregisteredoffice,[email protected].

OurcontractsareunderUKlaw.

Wehavetwodirectors:HelenandStephenEdwards.

Director: Stephen Edwards MSc

SteveisthefounderoftheFSF.HeworkedformanyyearsasatechnicalmanagerforthetelecommunicationsorganisationEricsson,havingcompletedaMastersDegreeininformationsystems.Hebecameinterestedintheearlyyearsasaresultofhiswife(Helen,seebelow)settingupanurseryintheirhome,andleftEricssontosetuptheFSFin2002asaresourceandsupportnetworkfortheearlyyearsworkforce.HehasbeenfullyoccupiedwiththeFSFeversince,conceivinganddrivingthedevelopmentofTapestryasapartofthiscommitment.

Steveistheboardmemberresponsibleforsecurity.

Director: Helen Edwards DPhil

Helenhasbeenworkingwithyoungchildrensince1989,firstlyasaprimaryschoolteacher,andthenasasuccessfulnurseryowner/manager,followedbyemploymentasa

localauthorityadvisoranduniversitytutor,andmorerecentlyasanOfstedinspector.ShealsoholdstheEYPstatus.

Data Protection Officer: Lauren Foley

LaurenFoleyisourDataProtectionOfficer.Herdirectemailisdpo@eyfs.info.

LaurenjoinedtheFoundationStageForumin2014aftergraduatingfromtheUniversityofBirmingham.ShewasdesignatedourdataprotectionofficeraftercompletingGDPRtraininginNovember2017.

Data Protection Law WearecompliantwithUKdataprotectionlaw.WedescribeourapproachtodataprotectioninAnnexA.

Tosummariseitinbrief:You,theTapestryaccountmanager,ownthedatayouputonTapestry.We,FoundationStageForumLtd,donot.Intechnicalterms,youaretheDataController,wearetheDataProcessor.

Wewillonlydothingswithdatathatyou,orpeoplethatyougivepermissionto,request.

Wewillnotaccessyourdatawithoutyourpermission.

Weonlyusethedatayouentertoprovidetheserviceyousee:anonlinelearningjournalthathelpsyoutomonitortheprogressofchildren,communicatewithparentsandthegovernmentandmanageyouractivities.

Tobeabsolutelyclear:wedon’tusethedataformarketing;wedon’tsharethedatawithotherstodomarketing.

Youshouldbeawareofyourresponsibilitiesasadatacontroller.YoucanfindoutmoreattheInformationCommissioner’sOfficewebsite:https://ico.org.uk/for-organisations/.

YouareresponsibleformakingsurethatyouonlyputdataonTapestrywhereyouhavepermissiontodoso.i.e.,ifaparenthasagreedwithyouthatnophotosoftheirchildshouldbetaken,youareresponsibleforensuringthatnoneofthephotosaddedtoTapestrydepictthatchild.

Access to data Onlyyou,andthoseyouauthorise,willhaveaccesstoyourTapestryaccounts.Youcanrestrictthepeopleyouauthorisetoonlybeabletoviewdataaboutsomechildren.

Ifweneedtoaccessyouraccounttosortoutaproblemyouarehaving,wewillaskyourpermissionfirst.

WewillnotgiveTapestryaccountinformation,oraccesstoyourTapestryaccount,toanyoneotherthanthoseindividualsyouhavesetupasstaffmembers.

Relativescontactingusforaccessdetailswillalwaysbereferredtoyou,theTapestryaccountholder.

Underthedataprotectionact,individualshavearighttoseeacopyofinformationthatanorganisationholdsaboutthem.Asthedatacontroller,youwillneedtorespondtothoserequestsandwe,asthedataprocessor,willhelpyou.Thisisnormallyeasy,sinceyoucanalwaysseeandprinttheinformationyouhaveentered.

Deleting data when it is no longer needed Youcanmodifyanddeletethedatayouenter.

Inthecommoncaseofchildrenleavingyoursetting,youcanmovethemintoa‘deleted’area,where(afteradelayofninetydaystoavoiddisastrousmistakesoccurring)theirdatawillbedeleted(thisincludesrelevantpictures,videos,journalsandreports).

Youcaninstructustodeleteallyourdataatanytime.Butthisisallornothing.Ifyoujustwanttodeletesomeofyourdata,youwillneedtousethecontrolpanelinthesystemtodosoyourself.

IfyouletyoursubscriptiontoTapestrylapse,wewilldeletealldataassociatedwithit.Wedelaythedeletionfor90daysincaseyoursubscriptionhasinadvertentlylapsed(e.g.,ithappenedwhileyouareonholiday,ortherewasadelayinyourLocalAuthoritypayingourinvoice)butifyouexplicitlyaskustothenwewilldeleteyourdataimmediately.

Datawillremaininourbackupsfor90furtherdays.Ifyouwish,youcaninstructustotodeleteallyourdatafromthesebackups.Butitisallornothing.Wecannotdeletesomeofyourdataonthesebackups.

Oncethedataisdeletedfromourbackupswecannolongerrecoverit.

Organisational data security

ISO 27001

WeareworkingtowardsbecomingindependentlycertifiedasISO27001compliant.Whenwehaveachievedcertificationwewillupdatethiscontractandprovideyouwithaccesstothecertification.

Ourdatacentre,AmazonWebServices,hasbeenindependentlycertifiedasISO27001compliant.

Staff

Wearecarefulinwhoweemploy.AllourstaffwithaccesstoyourdatahavebeencheckedandclearedbytheDisclosureandBarringService(DBS)andwechecktheirDBSstatusannually.

Thecompanythathostsourserversanddatabases,AWS,alsovetstheirstaff(thoughinpracticewewouldneverexpectthemtoseeyourdata).

YouareresponsibleforonlygivingaccesstoTapestrytopeopleyoutrustandwhoactuallyneedaccess.Forinstance,pleaseremembertomakestaffinactiveoncetheyhaveleftyourserviceoriftheyarefacingrelevantdisciplinaryprocedures.

Pleasealsoensurethat,whenyougiveaccesstorelativesofchildren,youarecarefultoallocatethemtothecorrectchildren,toentertheiremailaddresscorrectly,andtomaketheminactiveoncethechildhasleftyoursetting.

Procedures

Ourproceduresaredesignedtominimiseouraccesstoyourdata.Forexample,wewouldn’tlogintoyouraccountwithoutyourpermissionandeventhenwouldonlydosoifitwasnecessarytoresolveafaultorproblemyouwereexperiencing.

Wearesimilarlycarefulwithoursuppliers.Thecompanythathostsourserversanddatabases,AWS,operatesonasimilarprincipleofminimalaccess.TheyareISO27001accredited,whichmeanstheyhaveacompleteandappropriatesetofsecurityprocedures.Wewouldneverexpectthemtoneedaccesstoyourdata.

ItisimportantthatyouthinkaboutyourproceduresforwhatsortofdatayouputonTapestryandwhatyouallowyourstaffandrelativestodowithit.

Forinstance,youshouldthinkabout:

• Whetheryougiveallstaffaccesstodataaboutallchildren,orjustsomechildren.• Whenitisappropriateforyourstafftotakeandsharephotosandvideos.• Whatinstructionsyoushouldgivetoparentsastowhatisappropriateforthemto

add,andwhattheymaydowithmaterialthatyouadd(e.g.,insistingnophotosareuploadedtosocialmediasitesbyparentswithoutthewrittenpermissionoftheparentswhosechildrenaredepictedinphotos,videosortext.)

Passwords

ThemainwaywecontrolaccesstoTapestryisthroughpasswords.

Neitheryou,norwe,canseewhatpasswordshavebeenused(technically,wehashthepasswordsbeforestoringthemusingbcryptandweneverwritepasswordstoanylogfiles).

Ourstaffusestrongpasswordsand,forthemoresecuresystems,havetosupplementthecorrectpasswordwithothersecuritymeasures(suchaslogginginfromourofficeIPaddressand/orusingtwo-factorauthentication).

Youareresponsiblefortrainingyourstaff,andencouraginganyrelatives,toadoptsensibleprecautionsaroundtheiruseofpasswords–don’tsharethem,don’treusethem,andmakethemhardtoguess.

Incorrectpasswordattemptswillresultinanaccessforthatuserbeingpreventedforaperiodoftime.Ifyoususpectoneofyourstafforrelativeaccountshasorcouldhavebeencompromised,youcanmakeitinactive.Thiswillpreventaccessusingthataccount.Ataminimum,youshouldthencontactthestafforrelativeandaskthemtochangetheirpasswordonthissystemandanyothersystemonwhichtheyhaveusedasimilarpassword.

YoucanchooseaminimumpasswordstrengththatyoupermitthepeopleyouaddtoTapestrytouse.Wewon’tletthisminimumbeanylessthan10charactersandweallowandencourageyoutosetatougherstandardthanthat(by,forinstance,requiringlongerpasswords).

Foryourstaff,wealsoprovideanoptionwheretheycannotloginwithoutadifferentmemberofstaff(suchasamanager)logginginfirst.WecallthisPINonlystaff.

Ifyouwish,youcansetaninitialpasswordandPINforthestaffandrelativesthatyouadd,butwestronglydiscouragethis.WepreferyoutousetheoptionofsendinglinksthatallowuserstosettheirownpasswordsandPINwithoutyouseeingthem.

Weallowuserstoresettheirownpasswordsusingtheiremailaddress.You,andmanagersyounominate,canalsoresetpasswordsforstaffandrelatives.Ifamemberofstafforrelativecontactsusbecausetheyhavelostaccesstotheemailaddressassociatedwithanaccount,wewilldirectthembacktoyou.

IfyouhavelostaccesstoyouremailaddressassociatedwithTapestry,oryouhavetakenoveraTapestryaccountduetothedepartureofthepreviousaccountowneranddon’thaveaccess,thenwecanaddanemailaddressforthenewmanager.Inordertoverifythattherequestislegitimatewehavetotakeseveralsteps.Evenifthesestepsaresuccessful,theymaymeanadelayofweeksduringwhichtimeTapestrymaynotbeaccessiblebyyou.Toavoidthis,pleaseensureyouupdatecontactdetailsbeforeamanagerdepartsand,ideally,alwaysregistermorethanonemanagerontheTapestrysystem.

Wedonotcurrentlyhaveafacilityforyoutorestrictaccesstoparticularlocationsorparticulardevices.Thatmakesitdoublyimportantthatyoutakesensibleprecautionsoverpasswords.

Ifyoubelievethepasswordforoneormoreaccountshasorcouldhavebeencompromised,pleaseimmediatelymakethataccountinactiveusingtheTapestrycontrolpanelor,ifyouareunabletodoso,contactusandwewilldoitforyou.Pleasethencontactustodiscusshowtore-activatetheaccountsinawaythatensurestheyremainsecure.

Becausepasswordscanberesetbyemail,ifyoubelievethattheemailaccountassociatedwithaTapestryaccounthasbeencompromised,pleasetreatitasifthepasswordhasbeencompromised:maketheTapestryaccountinactiveandcontactus.

Technical data security TheTapestrywebserviceanddataarehostedinacloudhostingenvironmentoperatedbyAWSintheEU(primarilytheRepublicofIreland,withbackupsinGermany).AWSisthe

largestcloudhostingproviderintheworldandprovidesasecureplatformforsomeoftheworld’slargestonlineserviceproviders.

Physical security

AWSensurethatourserversarephysicallysecure.AWSdatacentresarehousedinnondescriptfacilities.Physicalaccessisstrictlycontrolledbothattheperimeterandatbuildingingresspointsbyprofessionalsecuritystaffutilizingvideosurveillance,intrusiondetectionsystems,andotherelectronicmeans.Authorizedstaffmustpasstwo-factorauthenticationaminimumoftwotimestoaccessdatacentrefloors.Allvisitorsandcontractorsarerequiredtopresentidentificationandaresignedinandcontinuallyescortedbyauthorizedstaff.

AWSonlyprovidesdatacentreaccessandinformationtoemployeesandcontractorswhohavealegitimatebusinessneedforsuchprivileges.Whenanemployeenolongerhasabusinessneedfortheseprivileges,hisorheraccessisimmediatelyrevoked,eveniftheycontinuetobeanemployeeofAWS.AllphysicalaccesstodatacentresbyAWSemployeesisloggedandauditedroutinely.

WemakesurethatthedevicesweusetoconnecttotheTapestryserversarephysicallysecure.

Wealsodon’troutinelystoreanyofyourdataonourlocaldevices.Itisusuallyonlystoredonourservers.Ontheveryrareoccasionswhenwehaveto(inorder,forinstance,todiagnoseabugwhichwehavenotbeenabletoreplicateinanyotherway),westoreaslittleaspossible,forasshortastimeaspossible,withaccesslimitedtoasfewpeopleaspossible.Wealsoensurethatthemachineswestoreitonaresecure,includingensuringthattheirstorageisencrypted.

ItisimportantthatyoumakesurethatthedevicesyouusetoconnectwithTapestryarephysicallysecure.Inparticular,ifyouusesomeformofpasswordmanageronadevicethatremembersyourTapestrypasswordthen,ataminimum,makesurethatthedevicealsorequiresapasswordtologinorunlock.

TheTapestrywebsitedoesn’tstoredatathatyouhaveenteredonyourlaptopordesktop.Therefore,ifyourcomputerisstolen,solongasthepasswordwasn’tstoredonthecomputerthenthepersonwhostolethecomputerwillnotbeabletoaccessTapestrydatawithoutguessingyourpassword.

IfyouwereloggedintoTapestrywhenyourlaptopordesktopwasstolenthen,solongasthebrowserisopenandthemachinehasn’tbeenswitchedoff,thepersonwhostolethecomputerhasashorttimewhentheycoulduseyouraccount.Thereforeitisimportantthatyoueitherlogoffwhenyouleaveacomputerunattended,orensureyourcomputerautomaticallylocksitsscreenwhenyouleaveitandrequiresasecurepasswordtounlock.

TheiOSandAndroidTapestryappsdon’tstorepasswordslocally,onlytemporarilystoresomedata(suchascopiesofimagesthatarebeingshownonscreen),andrequireapasswordorpintobeenteredtoopentheapp.Therefore,ifthedeviceisstolen,theperson

whostoleitwouldnothavesignificantaccesstoTapestrydatawithoutguessingyourpasswordorPIN.

Thedevicesmayhavecopiesofthepicturesandvideosthathavebeentakenoutsideoftheapp.Thereisalsoasettingthatallowscopiesofpicturesandvideostakenwithintheapptobestoredinthedevice’spicturegallery.However,bydefaultthissettingisdisabled.Ifyoudownloaddata(suchasPDFsofjournals)fromTapestrytoyourdevice,thoseareatrisk.

Software security

We,togetherwithAWS,ensurethatthesoftwarerunningonourserversisuptodate.Werunregularautomatedtestsandinternalsecurityreviewstoexaminetheconfigurationandsecurityofourservers.

Similarly,weensurethatthedevicesweusetoconnecttoTapestryareuptodateandfreefromvirusesandcompromisingsoftware.

ItisimportantthatyoutakesimilarcarewiththedevicesyouusetoconnecttoTapestrytoensuretheyareuptodateandfreefromvirusesorcompromisingsoftware.Ifyougiverelativesaccess,pleasealsoencouragethemtodothesame.

Encryption

ConnectionsbetweenyouandtheTapestryserversareencrypted.TapestryusesEnhancedValidationCertification(EVC),whichdoesnotofferanygreaterdegreeoftechnicalprotection(encryptionisstillperformedatthesamestrength)butdoesofferavisibleassurancethattheserviceisbeingprovidedbyavalidatedorganisation(theFoundationStageForumLtd).

ConnectionsbetweentheTapestryappsandourserversaresimilarlyencrypted.

ConnectionsbetweenourofficecomputersandTapestryareencrypted.

Yourdataisencryptedatrestonourservers.Thisincludesourbackupsofyourdata.

Itisimportantthatyoucheck,andencouragethosewhoyougiveaccesstocheck,thattheyareconnectedtotheofficialTapestrysitebeforeenteringtheirpassword.ThecorrectURLishttps://tapestryjournal.com.Thereshouldbeapadlockorsimilarsymboltoshowthattheconnectionisencrypted.ClickingonthepadlockorsymbolshouldprovideyouwithinformationabouttheconnectionwhichshouldincludethefactthatthesiteisownedbytheFoundationStageForumLtd.

TheSHA1fingerprintofourcertificateisDCF623A3359798986E6B299151B23593DA1F7FDC

Partitioning

Ournetworkispartitionedtoprovideminimumaccessbetweenourserversandtheinternet.Inparticular,ourdatabasescannotdirectlyaccessorbeaccessedfromtheinternet,butonlyfromspecificservers.Onlyahandfulofserverscanbeaccessedfromthe

internet,andonlyonspecificportsandusingspecificprotocols(e.g.,nounencryptedconnectionsarepermitted).Thisreducesthelikelihoodthatexternalhackerscangainaccesstoourserversandthengetdataout.

Ourdataispartitionedsothatyourdataisheldinaseparatedatabasefromthatofotheraccounts.Thisreducesthelikelihoodthatacompromiseinsomebodyelse’saccount(because,forinstance,theyuseaneasilyguessablepassword)wouldleadtoacompromiseofyourdata.

Oursoftwareispartitionedsothatitonlyhastheminimumlevelofprivilegestocarryoutwhatevertaskitiscurrentlydoing.Thisreducesthelikelihoodthatsomebodywhohackedintoonepartofourcodecoulduseittocompromiseotherareas.

Logging

Welogactivityonoursystem.SomeoftheselogsareavailabletoyouintheTapestrycontrolpanel.Weretainmoredetailedlogstohelpdiagnoseandfixfaults.

Verification (also known as Penetration Testing)

Weemployindependentfirmstocheckthatoursystemsaresecurebyattemptingtohackorpenetratethem.Thesefirmsareaccreditedbytherelevantindustrybodies.

ThepenetrationtestscoverboththewebandtheappversionsofTapestry.

Thepenetrationtestsincludeauthenticatedtests,wherethetestersareprovidedwithlogindetailstoTapestryaccountstocheckwhethertheycanexploitthosetoseeorextractdatathatshouldnotbevisible.

IfyouhavealegitimateinterestinTapestry(e.g.,youaretheaccountowner,aprospectivecustomeroraparent)wearehappytoprovideasummaryofwhattheindependenttestersfound–pleasecontactusatcustomer.service@eyfs.info.Pleasealsogetintouchifyouwanttofindoutwhenthelasttesttookplaceorthenexttestisscheduled.

Wealsoregularlyrunautomatedsecuritytestsandcarryoutinternalsecurityreviews.

Capacity, Redundancy and Backups Oursystem’scapacityscalestomeetdemand.Wedonotcurrentlylimitthenumberofusers,ortheamountofdatathattheystore,wejustaddtherequiredstorageandserverstomeetthedemand,inmostcasesautomatically.

Ifaparticularaccountisusingoursystemexcessivelywemayneedtodiscussthepossibilityofanincreasedsubscriptionfee,butwehaveneveryethadtodothis.

Oursystemisredundantandshouldsurvivethelossofanyserveror,indeed,thelossofaphysicaldatacentre.Thismeansthatwehaveatleasttwocopiesofeachoperationalserverandalldataisstoredinatleasttwolocations.

Deleted: ThemostrecentcheckwasinAugust2017.

Deleted: summarise

Deleted: they

Wealsoretainbackupsofalldatainadifferentphysicallocation(atthetimeofwriting,theprimaryphysicallocationsareintheRepublicofIreland,thebackupphysicallocationsareinGermany).

Thesebackupsshouldbe,atmost,24hoursoldandweshouldhave90daysofbackups.

Thebackupsaretreatedwiththesamecareastheprimarydata(inparticular,theyareencryptedintransitandrestandstoredinAWSfacilitieswiththesamephysicalsecurityasdescribedinthe‘physicalsecurity’sectionabove).

Pleasenotethatbackupsarefordisasterrecovery.Wewillusethemtorestoreyourdatashoulditbecomelostorcorruptedonthelivesystem.Itisnotdesignedforeasyaccesstorestorespecificbitsofdatathatyouhavedeliberatelydeletedfromthelivesystem.Ifyouaskustoretrievespecificbitsofinformationfromthebackups,wewilldoso,butwemayneedtochargeourcosts.

Keeping in touch about security Ifyoususpectasecurityissue(e.g.,youbelievethatpasswordsonyouraccountmaybecompromisedbecause,forinstance,computershavebeenstolen)thenemailusatcustomer.service@eyfs.info.Pleaseincludeadescriptivesubjectlineinyouremail(i.e.,don’tjustsay“Help!”butsay“Help!Ourcomputershavebeenstolen”).

Ifwehaveasecurityconcernaboutyouraccount,wewilltryandreachtheprimarycontactwehavelisted.Thiswillinitiallybethepersonthatsetuptheaccount.YoucanchangethisusingtheControlPanelwithinTapestry(Settings>ContactDetails).Pleasekeepthisinformationuptodate.

Ifyouorwesuspectasecurityproblem,ourfirststepwillusuallybetolockdowntheaccountswhilstweworktogethertoestablishwhathappenedandthebestcourseofaction.

Frequently asked security questions Belowaresomefrequentlyaskedquestionsthatrelatetosecurity.Ifyouhaveaquestionthathasn’tbeencoveredbythisdocument,[email protected],forsecurityreasons,wemaynotanswersomequestions(suchas,forinstance,theexactversionsofsoftwarethatweareusing).

Can you fill out this security questionnaire for me?

Tokeepourpricedown,wedonotenterintobespokecontractsorfilloutsecuritychecklists.However,wehopethatourcontract,includingitsannexes,includealltheanswersyouneedandcoveralltheeventsthatyouareconcernedaboutandthatyoucanusethemtofilloutwhateverpaperworkyourequireforyourownsystems.

Ifyouhavequestionsaboutourservicethataren’tcoveredthendogetintouchand,ifwecan,wewilladdtheanswerstothiscontract.

Do you offer a service level agreement?

Tokeepourpricedown,wedonot.However,wetakefulfillingourobligationstoyouveryseriouslyandwilldoourutmosttoensureourserviceistherewheneveryouneedit.

Are you insured?

Yes.Ourinsurancecoversthestandardcorporateliabilities.Inaddition,itcoversliabilitiesrelatingtohackingandrelatingtodatabreaches.Likeallinsuranceitissubjecttoexcesses,limitsandexclusions.

What happens if my account subscription should expire?

Wewanttoavoidpainfulmistakeshappeningbecause,forinstance,asubscriptionexpiresduringaschoolholidayandnobodyisaroundtopaythebill.Sowedonotimmediatelydeleteyourdatawhenyoursubscriptionexpiresunlessyouspecificallyaskusto.

However,90daysafteryoursubscriptionexpireswewillpermanentlydeleteyourdata.Datawillremaininourbackupsfor90furtherdays.

Ifyouwish,youcaninstructustodeleteallyourdatasooner.

Do you store data outside of the EU?

No.

What encryption principles are used for data in transit?

Weregularlycheckourencryptionmeetsmodernstandardsandimproveitasappropriate.Atthemomentweusea2048bitkey,SHA256withRSAandallowTLS1.0,TLS1.1,andTLS1.2.

Have you disabled TLS 1.0 support?

Notyet:AnappreciableproportionofourcustomersstillusedevicesthatareonlyabletouseTLS1.0.

However,wearekeepingthisunderregularreviewandwouldstronglyliketodisableitatsomepointthisyear.

What encryption key management processes are in place?

WeuseAWStomanageourencryptionkeysandprovidethemtoauthorisedserversattherightmoment.

The data centre hosting Tapestry is ISO 27001 accredited. Which version of ISO 27001 is it, and who is the accrediting company?

Theversionis2013,andtheaccreditingcompanyisBMTRADA.

Do you follow any other standards or hold any other certifications?

Unlessmentionedabove,no.Wetakesecurityveryseriouslyandregularlyreviewwhatwedo.Butwehavenotyet,forinstance,undergoneISO27001accreditationasabusiness.

Which board member is responsible for security?

OurManagingDirector,StephenEdwards,isresponsibleforsecurity.

Do you have a documented framework for security governance, with policies governing key aspects of information security relevant to the service?

Wedonotyethaveacompletesetofdocumentation.WehavestartedontheprocessofcreatinganISO27001compliantdocumentationset,buttheprocessisnotyetcomplete.

Can you provide evidence that security and information security are part of your financial and operational risk reporting mechanisms, ensuring that the board would be kept informed of security and information risk?

Weareasmallfirmsoourboard,StephenEdwardsandHelenEdwards,arecloselyinvolvedineverydecisiontakenbythefirm.

Weareveryawareoftheimportanceofinformationsecurity.Wediscussitinalmosteverymeetingandwecontinuouslyattempttoimproveoursecurity.

Wehaveaweeklyformalreviewofoursecuritystate(seeabove)

Wegetindependentpenetrationtesterstoreviewoursystem(seeabove)

Can you provide evidence of processes to identify and ensure compliance with applicable legal and regulatory requirements?

Wediscusscomplianceinalmosteverymeeting,particularlyduringthisperiodoftransitiontotheGDPR.

WehaveappointedaDataProtectionOfficertoholdustoaccountonthispoint.

Do you track the status, location and configuration of service components throughout their lifetime?

Yes.Oursoftwareconfigurationismanagedunderversioncontrol,withrepeatablebuildsandchangelogging.

Yes.Ourhardwareconfigurationismanagedunderversioncontrol,withrepeatablebuildsandchangelogging.

Do you assess changes to the service for potential security impact and monitor that impact to completion?

Yes.

How are potential new threats, vulnerabilities or exploitation techniques which could affect the service assessed?

Werunregularautomatedtestsandinternalsecurityreviewstoexaminetheconfigurationandsecurityofourservers.

Weengageexternalpenetrationtesterstoassessoursystemagainstthelatestthreats.

Do we use relevant sources of information relating to threat, vulnerability and exploitation techniques, eg NIST, NCSC?

Yes.WemonitorCVEsrelatingtothesoftwareourservicedependson.

Yes.WeregularlyreviewguidancefromtheNCSCandOSWAP.WedonotregularlyreviewguidancefromNIST.

How are known vulnerabilities prioritised and tracked until mitigations have been deployed?

Wehaveautomatednotificationsofvulnerabilitiesthatareinourdeployedcode.Thesenotificationsareonlyquietenedwhenfixeshavebeendeployed.

Wehaveinternalissuetrackingforrequiredcodeanddeploymentchanges.

Wereviewandprioritiseremainingsecurityactionsatleastonceaweek.

What are the timescales for implementing mitigations? E.g. in patching policy?

Thisdependsonthevulnerability.

Forinstance,ifwebelievethevulnerabilitycouldleadtodataexposure,wewouldimmediatelytakeTapestryofflinewhilewefixthevulnerability.BecauseTapestrywouldbeoffline,itwouldbeourhighestprioritytofix.Wehaveproceduresforcallinginengineersoutofhoursandatweekends.Wehaveproceduresfordeployingchangestoourproductionconfigurationwithinhours.

Ifthevulnerabilitywasassessedasbeingoflowrisk,itwouldbedeployedaspartofourregularcodeandconfigurationupdates.Thesetendtobemadeatleastonceeverytwoweeksandareoftenmadeseveraltimesaweek.

Other than for fault-finding, are activity logs monitored for suspicious activity, potential compromises or inappropriate use of the service?

Activitylogsforourbackendsystemhaveautomatedalertingforsuspiciousactivity.ThesealertsareseenbyalldevelopersandbyStephenEdwards.

Activitylogsforourcustomersarenotmonitoredbyus.Theyareavailabletocustomerstomonitor.

Do we have an incident management process?

Yes.Anincidentwillbeuniquelyidentifiedandanamedindividualwillbeallocatedresponsibilityformanaginganincidentthroughoursupportsystem.Wehavestandardproceduresforcommonincidents.

What is the process for the vendor to report incidents to the customer?

See“Keepingintouchaboutsecurity”above.

Is 2-factor authentication (2FA) available to end users?

No.Butifsufficientnumbersofusersaskforit,wewillimplementit:[email protected].

Can we require passwords to be changed every X days?

No.TheUKNationalCyberSecurityCentrerecommendthatyouDONOTrequireuserstochangepasswordseveryXdays.

Ifyoususpectapasswordoremailaccountmayhavebeencompromised,youcanmaketheaccountinactiveandthenmanuallyforcethepasswordtobechanged.Wecandothisinbulkforallaccountsifyoucontactus.

Which NSCC system architecture do you use?

Ofthelistathttps://www.ncsc.gov.uk/guidance/systems-administration-architecturesoursystemisclosesttothe‘bastion’model.

Theserviceisrunonpartitionedandprivatenetworks.Managementfunctionsarecarriedoutbydevicesonthecorporatenetworkwhichaccesstheprivatenetworksthroughbastions.

What provision is made for customers to access / monitor audit records for system / data access?

Customershavedirectself-serviceaccesstologsthatshowchangestodata.

Wecanprovidelogsofwhohasvieweddataonrequesttocustomer.service@eyfs.info.

Does your organisation have differentiated access to data depending on the sensitivity level?

Yes.Ourdefaultis‘noaccess’andoursystemsaredesignedtominimiseaccesstodata.Differentpeopleandthedifferentrolestheycarryouthavedifferentaccesstodataanddifferentrequirementsforwhatauthorisationtheymusthavebeforeaccessingit.Weregularlyreviewwhocanaccesswhatandwhytoensureweareprivateandsecurebydefault.

Annex C: Tapestry Privacy ThisannexdescribesourprivacypolicyforpeoplewhoaccesstheTapestryonlinelearningjournalservice,(https://tapestryjournal.com).ThispolicyisintendedtobesharedwithanypersonwhousesTapestryaspartoftheir“righttobeinformed”underUKdataprotectionlaw.SinceweoperateasaDataProcessorforourcustomers,theDataController(thechildminder,educator,nursery,schoolorsimilareducationalorganisation),willneedtoprovideextrainformationtofulfilthe“righttobeinformed”.Wedescribethisextrainformationbrieflyin‘AnnexA:TapestryDataProtection’andyoucangetmoreguidancefromtheUKInformationCommissioner’sOffice:https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-be-informed/.

WearetheFoundationStageForumLtd,acompanyregisteredinEnglandwithcompanynumber05757213andaregisteredaddressof1,SouthdownAvenue,LewesBN71EL,UK.

Ourcustomersarechildminders,educators,nurseries,schoolsorsimilareducationalorganisations.

YouaresomeonewhohasbeengivenaccesstoTapestrybyoneofourcustomers.Forexample,youcouldbeamemberofstaff,arelativeofachild,thechildthemselves,orsomeoneactingonbehalfofachild.

YoumayhaverightsunderEUDataProtectionlegislationrelatingtoinformationwestoreaboutyou.Theserightsaredescribedhere:https://ico.org.uk/for-the-public/.Ifyouwanttoexercisethoserights,pleasecontactthecustomerwhoisstoringdatainTapestryinthefirstinstance(e.g.,theschoolornursery).Iftheywanthelpincarryingoutyourrequest,theycancontactus.

OurleadsupervisoryauthorityfordataprotectionistheUKInformationCommissioner’sOffice(https://ico.org.uk).

The Service Ourcustomerspayustoprovidethemwithaservicethatallowsthemtocreateonlinelearningjournalsforchildrenundertheircare,monitorthosechildren’sprogressandsharethisinformationwiththeirstaffand,iftheywish,thosechildren’sparentsandrelatives.

What data do we collect? Ourcustomersmaychoosetostoresomeofthefollowingdataonourservice:

• Thenamesandemailaddressesoftheirstaff• Thenames,datesofbirthandpostcodeoftheirchildren• Thenamesandemailaddressesoftheparentsandrelativesoftheirchildren• Thecontentsofalearningjournal:

– assessmentsofchildren’sperformance– notes,photographsandvideosofthechildren

• Arecordofthechild’scare:– whattheyateanddrank– toileting– howtheyslept– whethertheyhadanyaccidents

• Aregisterofthechild’sattendance:– whentheywererecordedasbeingpresent– notesrelatingtothatattendance(e.g.,whethertheydidn’tattendbecausethey

wereill)

Ourcustomersstorethisinformationinordertorecord,analyseand,iftheywish,sharetheprogressoftheirchildren.

Ourcustomershavethefreedomtochoosewhatdatatheystoreandwhotheystoreitabout.

Ourcustomerschoosewhohasaccesstothedata.

Ourcustomersareabletocorrectanddeletedataatwill.

Ourcustomersmusttellyou,aspartofyourrighttobeinformed,whatdatatheyarestoring,whytheyarestoringitandwhotheyaresharingitwith.

Inprovidingtheservice,wewillsendautomatedemailstostaffandparentsinordertoconfirmemailaddresses,resetpasswordsandnotifythemofeventsrelatingtothecustomer(suchaswhenanewobservationisaddedaboutachild).Weneversendanymarketinginformation,thoughwedosendstaffanewsletteraboutTapestry.

WeONLYaccessthedatastoredbyourcustomersinordertocarryoutourcustomer’sinstructions,tomaintainorimprovetheserviceortofixfaults.Wedonotuseourcustomer’sdataformarketing.Weusesub-contractorstoprocesssomeofthedata,butwedonototherwisesharethisdatawithotherorganisations.

IfyourcontactdetailsareregisteredonTapestryinthe‘contactdetails’section,orasa‘manager’thenwemaycontactyouifwehaveaquestionorconcernabouttheassociatedTapestryaccount.

WhenyouvisittheTapestrywebsitewecollectyour:

• IPaddress,togetherwith• Informationyourcomputersendsaboutitswebbrowserandoperatingsystem,and• Whatpagesyoulookat(e.g.,thelistofobservations),butnotthecontentofthose

pages(i.e.,wecouldnottelldirectlyfromthedatawhetherthelistofobservationscontainedinformationaboutaparticularchild,thoughgiventimeandaccesstothedataaboveitwouldbepossibletofigurethatout).

Weusethisinformationtomonitorthesecurityofourservice,tohelpusfigureouthowtoimprovetheservice(e.g.,whatbrowsersshouldwesupport?Howmuchcapacityshouldweadd?)andtoimprovethewaywemarkettheservice(e.g.,whatsearchtermswereusedtodiscoveroursite).Wedonotshareit.

Ifyouuseourphoneortabletapplicationwecollect:

• TheIPaddressofthenetworkyourphoneortabletison,togetherwith• Themakeandmodelofyourphoneortablet,togetherwith• Theversionofyourphoneortablet’soperatingsystem,togetherwith• Detailsofanycrashesthatoccurintheapplication,and• Whatscreensyoulookatintheapplication(e.g.,thelistofobservations),butnotthe

contentofthosescreens(i.e.,wecouldnottelldirectlyfromthedatawhetherthelistofobservationscontainedinformationaboutaparticularchild,thoughgiventimeandaccesstothedataaboveitwouldbepossibletofigurethatout).

Weusethisinformationtomonitorthesecurityofourserviceandtotohelpusfigureouthowtoimprovetheservice(e.g.,whatcausescrashes?whichcrashesneedfixingmosturgently?).Wedonotshareit.

What is the lawful basis for storing this data OurcustomersdecideandmusttellyouthelawfulbasisforthedatatheyaddtoTapestry.Pleasenote,yourconsentisnottheonlylawfulbasisforstoringdataandourcustomersmayhaveadifferentlegalbasis.

Whose data is it? Wedon’tclaimownershipofthedataenteredintoTapestry.Weonlyuseitaccordingtoourcustomer’sinstructionstoprovidetheservicedescribedabove.

Formally,inUKdataprotectionlegislationterms,ourcustomersarethe“DataController”andwearethe“DataProcessor”.

Therearethreeexceptionstothis,wherewearethe“DataController”:

1. Thecontentofourbillingsystem1. Thecontentofoursupportticketsystem1. Thecontentofourforums

TheseexceptionsaredescribedinmoredetailinAnnexEandAnnexF.

Who do we share data with? Wedonotsharedata,exceptasexplicitlyrequestedbyourcustomers.

Iftheywished,ourcustomersmightgiveotherpeople(e.g.,stafforparents)accesstodata.Theymightdownloadorprintsomeorallofthedataandshareitwithotherpeople(e.g.,staff,parents,thegovernment).Theymighttransfersomeofthedatatoanotherorganisation(e.g.,parents,thegovernment,anothereducationalestablishmentlookingafterachild).

WeONLYaccessthedatastoredbyourcustomersinordertocarryoutourcustomer’sinstructions,tomaintainorimprovetheservice,ortofixfaults.

How do we collect the data? Mostdataisenteredbyourcustomersdirectlyintoourwebsiteorthroughourphoneandtabletapplications.Ourcustomersmay,iftheywish,permitparentsandrelativesofchildrentoadddatatotheservice.

Somedata(describedabove)issentautomaticallybyyourwebbrowserorbyourapplications.

Wemaystorecookiesonyourcomputerinordertoverifythatyouareloggedinandtostoreyourpreferences.Thecookiesthemselvesdonotcontainanyidentifiableinformationaboutyouoraboutwhatyoulookat.

Can I see my data that is stored on your system? Yes.Theschool,childminder,nurseryorsimilareducationalorganisation,cangiveyouacopyofdataaboutyouthattheyoryouhavestoredinTapestry.Wecanprovideyouwithacopyofanyoftheotherdatathathasbeencollected(e.g.,ourrecordsofyourIPaddressand/ormakeandmodelofyourtabletsetc.).

Can I have my data corrected or deleted? Yes.Theschool,childminder,nurseryorsimilareducationalorganisation,cancorrectordeletethedatatheyoryouhavestoredinTapestry.

Theprocessofdeletionisgradual:initiallydeleteddataismovedtoa‘deleted’areaincaseitwasdeletedinerror.Afteradelay,itisthenpermanentlydeletedfromourmainsystems.Afterafurtherdelay,itisthenpermanentlydeletedfromourbackups.

What are our customer’s responsibilities? Ourcustomersdecidewhotoadddataabout,whatdatatoadd,andhowlongtokeepitfor.TheyhaveoverallresponsibilityforcomplyingwithDataProtectionlaw(ortheequivalentinothercountries).

Wedescribethisinmoredetailinthecontractwehavewithourcustomers.But,forinstance,theyhaveto:

• EnsuretheyhavealegalbasisforwhatdatatheystoreonTapestryandwhotheyshareitwith.

• Thinkaboutwhatinformationitisappropriatetosharewithwhom,giventheirsituationandthatofthechildrenundertheircare.

• Respondtorequestsforaccesstodata.• Traintheirstaffaboutsensiblesecurityandconfidentialityprecautions:

– Takingcareofpasswords.– Takingcarenottoinstallsoftwareoncomputersthatmaycompromise

security.– Takingcarenottoaccessmaterialfrominappropriateplaceswhereitcan’tbe

keptappropriatelyconfidential.• Deletedatawhenitisnolongerrequired.• Removeaccessforpeoplewhonolongerneedaccess.• Giveparentsinstructionsinaccordancewiththeirsafeguardingpolicy.

Contacting Us [email protected],SouthdownAvenue,LewesBN71EL,UK.

WealsohaveaDataProtectionOfficer,LaurenFoley,[email protected].

Annex D: Tapestry Sub-processors NotallpartsofTapestryarerunin-house.Belowarealistofthesub-contractorsthatweusetoprocesssomeofyourdata.TheyareunderawrittencontractthatensurestheyarecompliantwithUKdataprotectionlaw.

Fortheavoidanceofdoubt:Weareaccountabletoyouforthiscontract.Ifoneofoursub-processorsdoessomethingwrong,itisourfault–wewon’tpassthebuck.

Fortheavoidanceofdoubt:Weinstructoursub-processorsinwaysthatareconsistentwiththiscontract.

Forinstance:AlthoughAmazonWebServiceshavedatacentresoutsideoftheEUand,technically,couldmoveyourdatathere,theyarecontractuallyboundnottodosowithoutourinstructionandwewouldnotinstructthemtodoso.

Forinstance:AlthoughAmazonWebServicescould,technically,accessyourdata,theyarecontractuallyboundnottoexceptifitisstrictlynecessarytodelivertheirservicetous.Eventhen,theiremployeesarecontractuallyobligedtokeepdataconfidentialandsecure.

List of sub-processors TocontinuetouseTapestry,werequireyourconsenttoouruseofthefollowingsub-processors:

• AmazonWebServices.TheyhostTapestry.TheyareISO27001compliant.Theiraddressis410TerryAvenueNorthSeattleWA98109-5210.

If,andonlyif,youenablepushnotificationsthenyouwillbeconsentingtosendingthecontentsofthenotificationsvia:

• Apple.ForpushnotificationssenttotheiOSapp.TheiraddressisOneAppleParkWay,Cupertino,California95014,U.S.A.

• Google.ForpushnotificationssenttotheAndroidapp.Theiraddressis1600AmphitheatreParkway,MountainView,CA94043,UnitedStates.

• Amazon.ForpushnotificationssenttotheAmazonFireapp.Theiraddressis410TerryAvenueNorthSeattleWA98109-5210.

NotethattheenduseroftheTapestryappwillalsoneedtoconsentbeforepushnotificationswillbesenttothem.

Changes to sub-processors Wemay,occasionally,needtoaddorchangethesub-contractorsweusetoprocesssomeofyourdata.

Ifwedo,thenUKdataprotectionlawrequiresustotellyouandtoobtainyouragreement.

We’veincludedthelistofsub-processorsaspartofthiscontractwhichmeansthatifwewanttochangethemwewilldosobyproposingachangetothiscontractwithyou.Wewillgiveyouasmuchnoticeaspossiblesoyoucandiscussanychangeswithus.Wewillthenaskforyourwrittenagreementtothechangeincontract.

Annex E: Billing and support data 1. WearetheFoundationStageForumLtd,acompanyregisteredinEnglandwith


1. Youareachildminder,educator,nursery,schoolorsimilareducationalorganisation.

1. Thisannexrelatestodatainourbillingandsupportsystem.ItdoesnotrelatetodataplacedintheTapestryonlinelearningjournal(seeAnnexA)ortodataplacedinourdiscussionforums(seeAnnexF).

What data do we collect? 3. Wecollectthefollowinginformationaboutpeoplewhocontactusbyemailorthrough

oursupportticketsystem:

• Theperson’semailaddressandthecontentsoftheemail4. Ifyoucontactusbytelephone,postorface-to-facewemayalsokeepnotesofthose

interactions.

4. Westore:• Yourname,emailaddress,telephonenumberandpostaladdress• Thename,emailaddressandtelephonenumbersofanyoneyoutelluswho

administersorpaysforyouraccountwithus.6. Creditcardpaymentinformationisgivendirectlytoapaymentserviceprovider.We

donotholdanycreditcardinformationourselves.

Why do you need this data? 7. Ourlawfulbasisforcollectingthisdatais‘contract’.Weneedthisdatato:• Chargeyouforourservice.• Respondtoquestionsorproblemsraisedbyyouaboutourservice.• Contactyouifwehavequestionsaboutyouraccount.• Decidewhatchangestomaketoourservice.

Who do you share this data with? 8. Wemakeuseofsubcontractorstoprovideourservicetoyouandtheymayseesome

orallofthisdata:• AmazonWebServices-Forhosting.• BarnianMediaLtd-Fortechnicalsupport.• SagePay-Formanagingcreditcardpayments.• ZohoMail-Formanagingouremail10. IfyoucontactusinrelationtoaparticularTapestryaccountthenwemaysharethat

datawithotherpeoplewhowebelieverepresenttheorganisationthatownsthataccount.Forexample,ifateachercontactedustoinstructustopermanentlydeleteaparticularchild’sdata,andthentheheadoftheschoollatercontactedustoaskwhyachildhadbeendeleted,wewouldsharetheinstructionfromtheteacherwiththehead.

10. Wedonotuseorshareyourdataforanyreasonotherthantoprovideorimproveourservice.Fortheavoidanceofdoubt:wedonotsellyourdata.

Where is the data stored? 10. YourdataisstoredwithintheEU.OurprocessingiscarriedoutwithintheEU.

How long do you keep this data? 11. Wekeepyourdataforupto7years.Wekeepdatathislongincaseitisrequiredinan

auditandtohelpusdecidewhatchangestomaketoourservice.

How do I exercise my rights under data protection law? 12. Wearethedatacontrollerofthisdata.

Deleted: Fastmail

12. Yourrightsunderdataprotectionlawaredescribedathttps://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.Theyincludetherighttoseeandcorrectthisdata.

12. Toexercisethoserights,[email protected].

12. WealsohaveaDataProtectionOfficer,LaurenFoley,[email protected].

12. OurleadsupervisoryauthorityfordataprotectionistheUKInformationCommissioner’sOffice(https://ico.org.uk).

Annex F: Use of our discussion forum 1. WearetheFoundationStageForumLtd,acompanyregisteredinEnglandwith


1. Youareachildminder,educator,nursery,schoolorsimilareducationalorganisation.1. Wehaveadiscussionforum(https://eyfs.info)thatyoumayusetodiscussissues

facingchildminders,educators,nurseries,schoolsorsimilareducationalorganisations.

Liability 4. Wedonotvouchfortheaccuracy,completenessorusefulnessofanymaterialonthe

forum.Useitatyourownrisk.4. Thematerialexpressestheviewsoftheauthorofthematerial,andnotnecessarilyour

views.4. Ifyoufeelanymaterialontheforumisobjectionable,pleasecontactusimmediatelyat

[email protected].

Content and ownership of your messages 6. Don’tpostanythingwewon’tlike.

– Welikeprofessionaldiscussionoftheissuesfacingchildminders,educators,nurseries,schoolsorsimilareducationalorganisations.

– Wedon’tlikethingsthatareunkind,illegal,lies,uselanguageyouwouldn’twantchildrentohear,orareshamelessadvertising.

6. Don’tpostanythingthatyoudon’thavepermissiontopost.Forinstance,ifyoudidn’twritethematerialyouareposting,makesureyouhavethepermissionofthepersonwhowroteitbeforeyoupostit.

6. Onshamelessadvertising:Occasionallyduringthecourseofadiscussionitmaybeappropriateforayoutomentionaproductorservicewithwhichyouareinvolvedifithelpsthediscussionanddoesn’tannoyanyone.Wewilluseourdiscretioninthosecases.

6. Ifwedon’tlikewhatyoupost,orfearyoumaynothavepermissiontopostit,wewillremoveit.

6. Ifwekeephavingtoremoveyourmaterial,orifwereallydon’tlikeit,wewillbaryoufromtheforum.

6. Whenyoupostmaterial,youretaincopyrightbutgrantustherighttousethematerial:

• withoutpayment,• inanywaywechoose,• anywhereintheworld,• forever.12. Ifweuseyourmaterial,wewilltrytoattributeittoyou.

12. Ifyouwishtocopymaterialpostedbysomeoneelse,pleasecontactusorthepersonwhopostedforpermission.

Privacy and Data Protection 14. Westoreanydatathatyousubmittous,plusyourIPaddress,detailsaboutyour

browserandcomputerandwhichpagesonoursiteyouview.

14. Ourlawfulbasisforstoringandusingthedatais‘contract’.Westoreandprocessthisdatainorderto:– provideadiscussionforum,– monitorabuse,– fixbugs– andtoimproveourservice.

14. YourdataisstoredwithintheEU.OurprocessingiscarriedoutwithintheEU.OurforumisaccessiblefromoutsideoftheEU,somaterialyoupostmaybeviewedfromoutsideoftheEU.

14. YourforumaccountwilllapseonceyourTapestrysubscriptionlapsesor,ifyouhaveaseparateforumsubscriptiondirectlyorthroughyourlocalauthority,oncethatsubscriptionlapses.

14. Whenyourforumaccountlapsesyouwillnolongerbeabletologintotheforumorpostmaterialtotheforum.Atourdiscretion,thematerialyouhavepostedmayremainontheforum.

14. Whenyourforumaccounthaslapsedwewillonlyusethepersonalinformationthatyouhaveprovidedusto:– helpyoure-activateyourforumaccountifyoulaterwishtore-subscribe– keeptrackofwhopostedwhatmaterialincaseweneedtoattributeittoyouor

incaseweneedtoverifythatyouhadpermissiontopostthematerial.

14. Wewilldeletethepersonalinformationthatyouhaveprovidedusatmost7yearsafteryourforumaccounthaslapsed.Atourdiscretion,thematerialyouhavepostedmayremainontheforum.

14. Wearethedatacontrollerforthisdata.ToexerciseyourrightsunderUKdataprotectionlawyoucancontactusatcustomer.service@eyfs.info.

14. WehaveaDataProtectionOfficer,LaurenFoley,[email protected].

14. OurleadsupervisoryauthorityfordataprotectionistheUKInformationCommissioner’sOffice(https://ico.org.uk).

Changes to this contract Belowisalistofmaterialchangestothisdocument.Ifyouspotachangethatshouldbeinthislist,pleaseletusknow.

Next version of the contract (release TBD) LinenumbersmentionedinthissectionarethelinenumbersmarkedonthePDFcopyofthe2019April18versionofthiscontract.

• Overview:Clause26makeitclearthattherewouldnotbealimittoliabilityifyouorweneedtoclaimbackthecompensationwehavepaidunderabreachofdataprotectionlaw(line307).

• AnnexA:TapestryDataProtection:Explainthatif,andonlyif,pushnotificationsareenabledbyyouandtheenduseroftheapp,thensometimesthecontentsofthenotificationmightgooutsideoftheEUonitswaytocompanythatmakestheenduser’sphoneortabletoperatingsystem(line389)

• AnnexA:TapestryDataProtection:Mentionthat,ifyouusethenewRegisterfunctionality,youmightbestoringdataaboutachild’sattendance(line407).

• AnnexA:TapestryDataProtection:Fixatypo“Repeatingyourinalettertous.”shouldbe:“Repeatingyourinstructioninalettertous”(line580).

• AnnexB:TapestrySecurity:Takeoutreferencetowhenthelastpenetrationtestwas,thisbecomesoutofdatetooquickly.Addinhowtogetholdofthesummaryofthetestandtocontactusforwhenthelasttesttookplaceandwhenthenextoneisscheduled(line1022).

• AnnexC:TapestryPrivacy:Mentionthat,ifthecustomerusestheforthcomingRegisterfunctionality,theymightbestoringdataaboutachild’sattendance(line1258).

• AnnexD:TapestrySubprocessors:WehaveaddedApple,GoogleandAmazonasourforthcomingappswillofferpushnotificationsandthosenotificationsgoviathemakerofthephoneortablet’soperatingsystem.BecausewearetheDataProcessorforthisdata,youneedtoconsenttousingthesesub-processors.YoucanprovideyourconsentbyenablingpushnotificationsinyourTapestryControlpanel.Ifyoudonotprovideconsenttheonlyfunctionalitythatwillbemissingispushnotifications(line1402).

• AnnexE:BillingandSupportData:WehavechangedouremailproviderfromFastmailtoZohoMail.BecausewearetheDataControllerforthis,consentisnotformallyrequiredfromyoutomakethischange(line1453).

2018 May 1 LinenumbersmentionedinthissectionarethelinenumbersmarkedonthePDFcopyofthe2018May1versionofthiscontract.

Tapestry Data Protection • Addasectionpointingoutwheretofindinthiscontractthestandardtermsrequired

inadataprocessingagreement(lines303-323)• AttempttoclarifythewordingdescribingthatviewingTapestryfromoutsidetheEU

meansdatawillbetransferredoutsidetheEUtogettoyou(lines351-358)• Rephrase“WhatdataisplacedintoTapestry?”tomorecloselymatchthelanguageof

subjectmatter,natureandpurpose,etc.thatisusedindataprotectionlegislation(lines360-375)

• RemoveBursarfromthelistofexamplesofwhocaninstructus(line520).• Confirmthatifsomeonewhoisn’tauthorisedtriestoinstructustodosomething,we

willtellyouaboutit.(lines525-526)• Clarifywhat‘written’instructionmeans(lines530-540)• Addedasection“Instructionswedoanddon’taccept”(lines541-562).• Confirmthatourstaffwhoprocessdataareappropriatelytrainedindataprotection

(line568).• Thetoolstoallowdownloadofuser’sdataarenowavailable(line581).• Removesection“[NOTYETIMPLEMENTEDWedoprovidesomeexampledocuments

onrisksthatyoucancustomisewhencarryingoutyourownassessments.]”–wehaveprovidedsomeguidanceinourforum,butnotyetexampledocuments(line617).

Tapestry Security • Removetheword‘reset’fromlinks(line847).• ClarifythewordingthatconfirmsconnectionsbetweentheTapestryappsandour

serversareencrypted(line938).• Changeemailtoreachforkeepingintouchaboutsecurity.Inurgentcaseswewould

callifwehaveappropriatecontactdetails(line1013).

Tapestry Privacy • Removetheword‘usually’.Ourcustomersarealwaysthedatacontrollers(line1176)

Tapestry Sub Processor • RemovethereferencetoCrashlytics,theforthcomingversionsoftheTapestryapps

willnolongerusethissub-processor(line1153).

2018 March 12 (Second Draft) LinenumbersmentionedinthissectionarethelinenumbersmarkedonthePDFcopyofthe2018March12draft.

Across all sections • Fixedtyposandimprovedsomewording.• Adjustnumberingthatoccursbecauseofotherchanges.• Makelinkstoemailsandwebsitesclickable.

A note on this draft • Mentionthelistofchanges(line163).• Fixdates(line174).

Overview • Clarifythatwedosometimescallpeopleback,andofferpaid-fortelephonesupport

sessions(lines189-192).• StateexplicitlythatweareGDPRcompliantandthiscontractcontainstherequired

clauses(lines212-215).• Statethatthelimitonliabilityisreciprocal(lines268-269)• Clarifythatsomeliabilitiesaresetinlawandwearen’tattemptingtooverridethem

(line268).Inparticular,inrelationtoliabilitiesfrombreachesindataprotectionlaw(lines270-275).

Annex A: Tapestry Data Protection • Providemoredetailonwheredataisstored(lines308-330).• Confirmthatwewon’tchangewheredataisstoredwithoutyouragreement(lines

309-311).• ReferencethePrivacyPolicyforafullerexplanationofwhatdataiscoveredbythis

dataprocessingagreement(line345).• Confirmthatwewillgetyourwrittenconsentbeforechangingoursub-processors

(line363).• Confirmthatwewilltellyouifwebecomeawareofabreach(line375,line527,lines

578-582).• SuggestcarefulconsiderationofthelawfulbasisforaddingdatatoTapestry(lines

384-387).• Expandontheimplicationsoftherighttobeinformed(lines439-451).• Clarifywedon’tlicenseyourdata(line469).• Clarifywhocantellyoutorestrictprocessingofdata(itisn’tus)(line474).• Clarifywhocaninstructus(lines480-493).• Confirmthatweusesub-processorsinawaythatiscompliantwithdataprotection

lawandpointtotheAnnexforadescriptionofhowwewillseekyouragreementifwewishtochangethem.(lines505-507).

• Clarifythatwewillhelpyouto‘lock-down’youraccountifyoususpectabreach(line531-534).

• Clarifythatyouhavetonotifythedataprotectionregulatorinthecaseofabreach(line539).

• Clarifywewon’tdeletedataifwearenotallowedtobylaw(lines562-563).• Clarifythatwemaypartiallyorentirelylockdownyouraccountifwesuspectabreach

(lines583-587).• AddaFAQonBrexit(lines601-605).

Annex B: Tapestry Security • AddVATnumber(line637)• Confirmthatwhendataisdeletedfromourbackups,itisnolongerrecoverablebyus

(line714).• Addareminderaboutwhattodoifyoususpectapasswordoremailaccounthasbeen

compromised(lines795-803).• Clarifywhenandhowwemightstoredataonourlocaldevices(lines824-829).• Providemoredetailonwhatourpenetrationtestscover(lines906-912).• Confirmthatweareinsured(lines969-972).• MakeourTLS1.0supportmoreobvious(lines987-991).• Clarifythatyoucan’tforcepasswordchangeseveryXdays(lines1078-1083).• Confirmwehavedifferentiateddataaccesspolicies(lines1095-1101).

Annex C: Tapestry Privacy • ClarifythattheDataControllerwillneedtoaddmoreinformationtofulfilasubject’s

righttobeinformed(lines1106-1113,lines1153-1154).• Giveexamplesofwho‘you’mightbe(lines1120-1121).• Clarifythatwemaycontact‘managers’registeredwithTapestryusingthecontact

detailstheyhaveenteredifwehaveaquestionorconcernabouttheassociatedTapestryaccount(lines1165-1167).

• ClarifywealsocollectyourIPaddressifyouuseourphoneortabletapp(line1182).• Confirmthatwedonotsharedataaboutyourcomputerortablet(line1193).• ClarifythattheDataControllerwillneedtoprovidethelawfulbasis(line1194-1197).• Removetroublesomereferencetowhoownsdata:keepingthefactthatwedon’t,but

notclaimingthatyoudo(line1199-1200).

Annex D: Tapestry Sub-processors • Confirmthattheyareunderawrittencontractwithus(line1266).• Confirmthatweusetheminawaythatisconsistentwiththiscontract,andgive

examplesinrelationtocommonquestions.(lines1271-1279).• Removereferencestosub-processorswehavenoweliminated(line1288).• Explainhowwewillseekyourwrittenconsentifweneedtoaddorchangesub-

processors(lines1290-1299).

Annex E: Billing and support data • Explicitlystateourlawfulbasisforprocessingdata(line1322).• RemovereferencetoUnitedHosting-wenolongerusethem(line1330).• Clarifythatwewouldsharedatarelatingtoanaccountwithotherrepresentativesof

thataccount.(lines1334-1339).• Clarifythatwedouseyourdatatoimproveourservice(line1341).

Annex F: Use of our discussion forum • Explicitlystateourlawfulbasisforprocessingdata(line1405).

2018 January 5 (First draft) • Firstpublicdraftofnew,moredetailed,contract.

[1] Deleted FSF 4/18/19 1:36:00 PM

... [1]

deleted: contract for the tapestry online learning journal€¦ · 01/05/2018 · standard...

Documents