You’ve no doubt heard that, on May 25th, the Europe-wide data protection regulation, known as the ‘GDPR’, came into effect.
The new law:
We strongly support the new law.
The good news is that we have always taken the privacy and security of data very seriously, so we have not had to change much about how we work.
But the new law does require data processing contracts to contain particular words. So, if you have not done so already, please take a look at our new contract. This goes into detail about how we work and how we keep data secure and private. It should answer many of the questions you might have.
The customers who pay for us (schools, nurseries, child-minders, educators and similar educational organisations) are data controllers for the data they add to Tapestry. We are their data processors.
The good news is that this means that, even if we wanted to, we can't do anything with the data on Tapestry without an instruction from our customer. The data is private.
But it does mean that some duties fall upon our customers, and some fall upon us. We need to work together to be GDPR compliant overall.
If you are a child-minder, or run a school or nursery, and haven't already, we strongly urge you to learn about your responsibilities as data controller. A good starting point is the Information Commissioner’s Office. We've also assembled some resources on the FSF forum.
If you are someone whose data is stored in Tapestry and just want a few key facts. They are:
If you are someone whose data is stored on Tapestry and have a question that relates specifically to that data, please contact the person or organisation who added the data (the school, nursery, child-minder etc). If they need help in answering your question, they can forward it on to us. We have to do it this way because we, as a data processor, have to make sure that any instructions we get are authorised by our customers.
For any other questions you can reach us at:
The Foundation Stage Forum Ltd
1, Southdown Avenue