National College Support
Data Protection
Password Reset
Getting Started
Walkthroughs & Demos
How to's
My Account
FAQ's
School Management
Managing Users
Allocate Training
Uploading Your Own CPD
Reports & Usage
School Group/Trust Managers
Parents
Account Details
Technical Issues
Account/Login Issues
Technical Issues with Courses/Webinars
Error Messages
Email Issues
Orders
Membership Orders
Single Product Orders
Finance
Accreditations
Data Protection
Back to home
National College Support
Data Protection
Password Reset
Getting Started
Walkthroughs & Demos
How to's
My Account
FAQ's
School Management
Managing Users
Allocate Training
Uploading Your Own CPD
Reports & Usage
School Group/Trust Managers
Parents
Account Details
Technical Issues
Account/Login Issues
Technical Issues with Courses/Webinars
Error Messages
Email Issues
Orders
Membership Orders
Single Product Orders
Finance
Accreditations
Data Protection
Data Protection
Data privacy & GDPR information
I have a GDPR/Privacy Query
What information is captured/retained from users?
How is information disposed of?
Can information be downloaded or printed from the system? If so, in what circumstances would this happen?
How is your data stored securely?
How are computers and systems security patched and virus protected?
How do you ensure that unauthorised persons cannot access school data?
What method of encryption is used for data being transferred to the system?
How are system backups & disaster recovery managed?
How do you ensure that school data is segregated, to prevent being merged with other organisations?
Where is system data stored?
Can school data be copied and archived by unauthorised third parties, such as internet archives/robots?
Does the system have data validation in the fields, to ensure employees do not use the system for purposes other than the stated purpose?
Can the system index all data for a unique data subject?
How do you manage the risk of the system being taken offline maliciously, resulting in the service not being available or in the case of catastrophic failure?
What is the identity verification process for users of the system?
Has the system been fully tested/accredited to ensure that it cannot be compromised using technical tools?
Do you monitor unusual activity and have integrity verification on system code?
Are any components of the system installed on the school infrastructure, including the use of an app?
What are the details of the bandwidth used by the system for BAU?
How many data centres will (potentially) be used to store confidential data?
Do you maintain 120 days of log retention?
How can the users access their Data?
Do you use our data for analysis? If so, how?