Archive and Deletion Policy
Educator and student data coming into the DoodleLearning platform is controlled by the school administrator, whose responsibility it is to archive students and teachers who are no longer at the school.
All data related to users who are not paying subscribers and have been inactive for a period of six months are deleted. This is an automated process.
Storage of personal data
All US customer data related to the DoodleLearning platform is stored in AWS located in the Ohio, US area including our backup servers. We follow strict rules in accordance with CCPA and use technology which is designed to protect personal data from being accidentally lost or used without permission.
Encryption of personal data
All data at rest in databases is encrypted with AES-256, which meets the stated FIPS 140-2 requirements. Keys are managed through industry and platform standard key management mechanisms (Microsoft TDE). We use TLS 1.2 during transport
Information on data subjects we collect
Educators and students require individual logins for the DoodleLearning platform. This is required in order to deliver and report upon personalised work programmes.
We collect the following information:
First name and last name or initial
Username and password
Contact information (school and school postcode, and optionally home address and postcode, where physical resources are required to be distributed)
Pupil and teacher year group and class
Pupil month and year of birth
Usage details
Device information
Special category data or criminal convictions data
We do not collect any special category or conviction data.