Privacy & Security

All data transmitted, used, or stored by School-Day is governed by the Municipal Freedom of Information and Protection of Privacy Act (MFIPPA) as well as the Personal Information Protection and Electronic Documents Act (PIPEDA).

Our entire system has been built to be secure as all data is encrypted and all activity takes place in a secured SSL environment. School-Day uses a custom Access Control List (ACL) that ensures the legitimacy of all users trying to access the System. Each user requires a username and a password to access School- Day, and in addition, every session uses a timed token to prevent Cross-Site Request Forgery (CSRF) attacks.

School-Day has also designed its authentication system to ensure parents opt-in to the program. All parents must sign up and agree to terms of use prior to volunteering any information. The System also asks users to agree to electronic notifications from the schools, and provides them with the ability to opt-out of these notifications, and delete their account entirely at any time. This process also means schools communicating with parents through School-Day are in compliance with CASL legislation.

It is important to note that we do not hold or store any personal data. School-Day loads only basic administrative data provided by the District such as Classroom, Teacher and Grade level for organizational and administrative purposes. Data is transmitted through secured channels, and is stored in an encrypted environment.

All payments on the System are transacted on the PCI compliant forms of the provider chosen by the school district. At no time does School-Day store or have visibility over Payment Card information, increasing security for all users.

If you have further questions regarding School-Day’s Privacy and Security policy, please contact our Client Relations Representative at paula.wilhelm@school-day.com.