GDPR Compliance

The new General Data Protection Regulation (GDPR) represents an evolution of the existing Data Protection Act 1998. GDPR came into effect on 25th May 2018.

The GDPR applies to data 'controllers' and data 'processors'. As a school, you are the Data Controller in respect of the personal data you store on Insight. As a Data Controller, it is your responsibility to ensure compliance with data protection laws and to ensure that your contracts with any data processors comply with the GDPR.

Equin Limited, the company providing Insight, is the Data Processor in respect of the personal data you store on Insight. We are responsible for processing personal data on your behalf and are required to maintain records of personal data and processing activities, as well as making sure your data is securely protected.

Our GDPR Compliance

Your data is stored securely as detailed in our Privacy Notice, which details what personal data we store, how and why we store it, and how long for.

Our Terms of Service detail our contractual relationship. Under GDPR, any processing of personal data, by a Processor (that's us), should be governed by a contract or terms and conditions with certain provisions included.

Our GDPR-compliant Terms of Service, drawn up in consultation with our legal advisers, guarantee you the right protections and controls over your data. Your school will be asked to formally agree these terms when you first start a trial or when you renew your subscription.

Data Processing Agreements

While we completely understand why schools produce DPAs, unfortunately we feel we have to take the position that we can't sign bespoke agreements with each customer. At time of writing, that would involve potentially taking legal advice on, reviewing and signing 1600+ different agreements, which would then be extremely difficult for us to hold ourselves to if the terms materially differed between them

Our terms of service contain all the necessary data processing clauses under GDPR, so we believe there shouldn't be a need for a separate agreement in ordinary circumstances. If you have any particular concerns then of course we're happy to try to address them.

We are currently seeking legal advice on changing our terms in order to separate out the data processing clauses into a dedicated DPA, since that's something lots of schools do seem to expect to see.

Company Information

Equin Limited, established 2007, is the provider of Insight, a Software as a Service product.

Company Number: 06347232

ICO data protection reference: Z1904040

Name of Data Protection Officer (DPO): Christopher Inman

Email address of DPO: dpo@equin.co.uk

Telephone Number: 020 3393 4005

Postal Address: Unit 6482, PO Box 6945, London, W1A 6US

Registered Office Address: Unit 7 Plantation Store, Foundry Lane, Hayle, Cornwall, TR27 4HD


How did we do?


Powered by HelpDocs (opens in a new tab)