Dr Frost Learning

Definitions

Company or DFL means Dr Frost Learning, UK registered charity #1194954
Customer means a school, group of schools (e.g a multi academy trust), or any single independent learner.
Platform means the online maths learning platform provided by The Company
Services means functionality provided by The Platform

UK GDPR ∞

Under the UK GDPR a Customer using the Platform is considered "data controller" of their data and the Company is a "data processor".

What personal data is stored?

The only Personally Identifiable Information (PII) stored by the Platform is a user's full name and email address.
For students we may also store a year group, where provided, and a unique ID number in cases where accounts are imported from a school MIS via Wonde
Full names are used only for display purposes on the Platform and are not shared with any other system or third party.
Email addresses are use to identify individual users for login purposes and are also not shared with any other system or third party.
The Platform also stores data on tasks and assessments attempted by each user for the purposes of providing Services but non of these data contain PPI pertaining to the user.

Who can access data?

Teachers can access assessment data of any student within the school. Teachers also can administer student accounts in a limited way (mainly updating student details and managing class memberships).
Multi-Academy Trust (MAT) administrator accounts can access and manage data across schools within their trust.
Platform administrators, who are DBS cleared employees of DFL, can view and manage data from all Customers of The Platform to ensure the smooth running of the platform.
Students can generally only see their own data but may, on occasion, be able to view names and other information relating to their classmates

Data Retention and Your Data Rights

Student accounts can be removed by teachers at their school. This is a "soft" deletion so it can be reversed until such time that the account is permanently removed by our inactive accounts process (see below).
Teachers may also delete other teachers. Again this is a "soft" deletion.
Schools and users may request to have accounts permanently deleted via email to [email protected].
DFL will automatically remove inactive accounts where the user has not logged in more than 2 years.

Cookies

Cookie Source	Purpose	Necessary or Optional?
Google Load Balancing	Managing network traffic between user devices and DFL servers in order to provide The Services	Necessary
Sentry	An error monitoring tool to help DFL improve The Customer experience of The Service	Necessary
PostHog Analytics	PostHog analytics help us continually improve the Dr Frost platform and we appreciate your support in allowing these cookies. We use this data internally and never share it with third parties for commercial purposes though we may occasionally share limited anonymised data for the express purpose of assessing Dr Frost's impact on improving educational outcomes.	Optional

Fair Usage Policy

DFL is committed to the Platform being used for constructive learning purposes but we reserve the right to either temporarily or permanently suspend either teacher or student accounts for any misuse of the Platform including but not limited to:

Use of automated scripts/bots to repetitively answer questions.
Causing or, through negligence, enabling a Denial of Service (DoS/DDos) attack.
Excessive patterns of repetitive question answering behaviour. Users will receive warnings where they repeatedly answer a large number of consecutive questions of the same type. The user account may be automatically suspended if warnings are ignored.

When a student account has been suspended, it may only be reinstated at the request of a teacher at that student's school, and not via the student or their parent directly.

ICO Data Protection Complaints

Our ICO (Information Commission Office) number is ZA739389. You have the right to make a complaint to the ICO on any data protection matter. This can be done by visiting www.ico.org.uk. We'd be grateful if you could discuss the matter with us first to we can resolve the issue where appropriate.

Further Information About Safeguarding or Data Protection

Please contact [email protected] for any further queries.

NCSC Cloud Security Principles Response ∞

What follows is DFL's response to the National Cyber Security Centre's Cloud Security Guidance. It is intended to help organisations understand how DFL protects their data.

Principle 1: Data in transit protection

The Platform uses a minimum of TLS 1.2 used for all site traffic between user device and Platform endpoints.

Data in transit internally to DFL systems can only travel via Virtual Private Cloud (VPC) which is not accessible externally except by a small number of admin users over SSL tunnel.

Principle 2: Asset protection and resilience

Data are physically located in a Google Cloud secured data centre in the UK.

DFL does not use any PII for marketing purposes, machine learning, AI or any purpose other than providing The Services. The Platform database uses “encrypted at rest” data storage.

DFL does not store user data on any other physical medium and user data never leaves the Google Cloud data centre except for transmission in the provision of The Services.

Principle 3: Separation between customers

DFL is not able to provide physical separation of user data or compute. Information about other users in a given school or trust organisation is only available to other users in that organisation. This separation is provided in software only and not at a physical or hardware level.

Principle 4: Governance framework

DFL’s technical governance structure includes:

CEO and Data Protection Officer: Dr. Jamie Frost
Chief Technology Officer: Mr. Gareth Jones

The CEO/DPO regularly reports to the board on risk and governance issues. DFL has adopted the IRGC Risk Governance Framework and maintains a risk register in accordance with that framework.

Principle 5: Operational security

DFL will take all reasonable measures to address any vulnerabilities within a reasonable period of time. To that end, we use an automated build process to maintain up-to-date patch levels on the Virtual Machines that host The Platform.

Principle 6: Personnel security

DFL limits access to user data to a small number of support and development staff. All staff are required to have multi-factor authentication enabled on their administrative accounts.

All DFL employees are subjected to DBS checks.

Principle 7: Secure development

DFL is continually improving its development workflow and uses an automated release process to provide an auditable trail of software released through development and production environments.

All configuration is managed in source control or Google Cloud Platform Secrets Manager wherever appropriate.

Principle 8: Supply chain security

No customer data is made available to third parties for any commercial purpose ever. We may, however, occasionally share limited anonymised data with for the express purpose of assessing Dr Frost's impact on improving educational outcomes.

Principle 9 & 10: Secure user management, identity and authentication

DFL offers authentication via Google and Microsoft O365 SSO and strongly recommends that users utilise this wherever possible.

Principle 11: External interface protection

The only external interfaces available to access DFL systems are the Google Cloud service console and direct database access over SSL tunnel to a specific bastion server.

Both are only accessible by a small number of DFL employees and use Google Cloud RBAC to limit permissions only to what is needed for each individual. Multi-factor authentication is enforced on all DFL Google Workspace accounts.

Principle 12 & 13: Secure service administration and auditing

The Platform records actions taken by school staff, such as user deletion, class data imports, changes to class membership and so on. This audit data can be viewed by any teacher at that school on the "Audit Log" tab of the settings page.