Legal Stuff

OnwardsandUpwards is the trading name of Escendency Limited, registered in England & Wales with company No. 05053362.

The following information was updated on 14 January 2021.

Terms and Conditions

Please refer to our opens in new window Terms & Conditions document, available for download.

Data Protection (GDPR)

Under the terms of GDPR our school subscribers are the ‘Data Controllers’ in OnwardsandUpwards. As a subscriber you have complete charge of all your data, what to store and for how long and to delete as required.

We, as Data Processors, are responsible to ensure your data is kept safe on your behalf.

NB: See our Terms & Conditions section 44.

Definitions

What is GDPR
The General Data Protection Regulation (GDPR 2016/679) aims to harmonise data protection legislation across EU member states, enhancing the privacy rights for individuals. It applies to organisations processing Personal Data which have an establishment within the EU and also those organisations which operate outside the EU but offer goods or services to, or monitor the behaviour of, individuals in the EU. The GDPR is applicable from 25 May 2018.
What is a Data Subject
A data subject is the individual to whom personal data relates.
What is a Data Controller

A data controller is the party that collects data and is responsible for how it is processed and used.
With regard to the OnwardsandUpwards system the data controller is the licensee (school)

What is a Data Processor

A data processor stores the data on behalf of the data controller
With regard to the OnwardsandUpwards system the data processor is the licensor (Escendency Ltd)

What is a Superuser

A superuser is a person authorised by the data controller to request an action with regard to the data belonging to the data controller.

How does this impact OnwardsandUpwards Customers?

2. Preparation for GDPR

We have consulted with our hosting provider and GDPR legislation and we are satisfied that we comply with the legislation to the best of our knowledge.

3. Nature and purpose of the data processing

As data processor, OnwardsandUpwards provides the facility to the data controller to store and retrieve information as they see fit. That data belongs to the data controller and is under their control.

4. Technical and organisational security measures to protect personal information

The OnwardsandUpwards software has been built to current industry standards security, whereby all permissions must be granted rather than assumed. Two factor authentication is provided for further security.
All personal data is held on our hosting provider's secure servers.
Data controllers are encouraged to use secure and unique passwords.
Data controllers are advised not to share any data, that could identify an individual, externally to the OnwardsandUpwards system.
Employees of OnwardsandUpwards agree to, and are committed to, a duty of confidence.

5. Acting on the instructions of the controller

The data controller will supply OnwardsandUpwards with the names and email addresses of its superusers. OnwardsandUpwards will only act upon instructions from those designated superusers unless required by law to do otherwise.

6. Assisting the data controller to exercise their rights under the GDPR

OnwardsandUpwards will assist the data controller in all cases to manage their data in compliance with GDPR regulations including the management and removal of personal data.

7. Destruction or return of data
(a) All data belonging to the data controller will be destroyed and/or returned to the data controller on request or upon the termination of the contract between licensor and licensee unless directed otherwise.
(b) All data backups (including data belonging to the data controller) expire after 1 month of initial backup.
(c) Data deleted by the data controller is no longer held on Hyve's secure servers apart from scheduled backups - see 7(b).

GDPR Checklist

Our GDPR Checklist (revised 10/5/2018) is available for download:

opens in new window GDPR Checklist

Also refer to GDPR in section 44.0 of our Terms & Conditioned (above).

Liability & Indemnity Insurance (Escendency Ltd)

opens in new windowProfessional Indemnity

opens in new windowPublic & Products Liability

opens in new windowEmployer's Liability

opens in new windowCyber Certificate

Top