Privacy & Security
At School-Day, we care deeply about privacy and data security. We are committed to ensuring compliance with Canadian privacy guidelines and school district policies as well as being transparent with the collection, use, sharing, disclosure and security of your data.
In the course of providing our services, we receive or collect limited personal information directly from our clients (schools and school districts), directly from parents/guardians and automatically from browsers or mobile devices when users visit the School-Day site with the sole purpose of providing a digital administration software solution for schools.
1. Information received from schools and school districts
We have binding agreements with our clients to ensure adherence to privacy guidelines and school district policies. All consented information we receive from schools and school districts is pursuant to and governed by the following legal acts and is used only for the intended purpose of which it was collected.
- Education Act;
- Municipal Freedom of Information and Protection of Privacy Act;
- Personal Information Protection and Electronic Documents Act.
We receive very limited personal information from schools and school districts for the purposes of providing our services such as:
- School Board
- School Name
- Student Name
- Student Identification Number
- Student Grade
- Student Classroom
- Teacher Name
2. Information collected from parents/guardians
We collect very limited personal information from parents/guardians only for it’s intended purpose of providing our services.
To use our services, parents/guardians voluntarily create a School-Day account. Parents/guardians go through a Secure-Match process to obtain access to their student and our available services. This requires the parent to:
- Enter their own basic identifying information such as; first name, last name, email address and password;
- Choose to opt-in or opt-out of receiving communications as pursuant to CASL;
- Add their student
As such, account holders are responsible for the maintenance of their account and under no circumstances is School-Day involved with the creation, revision or deletion of such accounts.
3. Information automatically collected
School-Day automatically receives and records information from our browser or your mobile device when you visit our site or use certain features, such as your IP address or unique device identifier, cookies and data about which pages you visit and how you interact with those pages in order to allow us to operate and provide our services. This information is stored in log files and is used by us to keep the site secure and analyze how our services work for our users.
4. Information uses
We use very limited personal information to facilitate our services. School-Day is an online digital administrative service for use by district administrators, school office administrators, teachers and parents/guardians. The information we receive from schools, school districts and parents facilitate the administration of electronic:
- a. Payments
Enter their own basic identifying information such as; first name, last name, email address and password
- b. Payment History
Payment and transaction history are used by schools and school boards for the purposes of reconciliation and accounting functions.
- c. Forms
Digital permission is used to provide informed consent for field trips.
Information is provided by parents as requested by the school.
- d. Parent Conference Booking
Appointments booked facilitate parent teacher interviews.
- e. Communication
Real-time and summary notifications are provided to parents.
5. Sharing and Disclosure
We respect your privacy. School-Day will not disclose your name or email address to any third party. It is important to note that your child’s school district may utilize School-Day purchase reports and details for their internal audit processes. Any transactional information found on the School-Day site is only used for administrative purposes and is governed by privacy guidelines and school district procedures.
The security of your personal information is important to us. We follow industry standards to protect the personal information submitted to us, both during transmission and after it is received. For example, all data is encrypted, all activity takes place in a secured SSL environment and all data is stored in a Canadian Data Centre. School-Day uses a custom Access Control List (ACL) that ensures the legitimacy of all users trying to access the system. Each user requires a username and password to access School-Day, and in addition, every session uses a timed token to prevent Cross-Site Request Forgery (CSRF) attacks.
7. Retention of data
We have guidelines in place for retaining personal information. School-Day has a retention schedule to ensure your information is kept only for a limited time and then destroyed.
Items posted in the system are kept for the current year plus one year (C+1). A mutual date is determined in collaboration with the school and school district upon which previous years records are destroyed.
All financial records, such as purchase, and transaction history are kept for the current year plus six years (C+6) as recommended by the Canada Revenue Agency.
8. Access to information
Account holders have access to their personal information contained within their account and are responsible for maintaining the accuracy of this information. Users can at any time update their account details in their settings profile.
Should you have any questions regarding the privacy of your personal information or have requests for information please contact School-Day’s Client Relations Lead Paula Wilhelm at email@example.com.