Borna Group Ltd has taken extensive steps to ensure that our business is GDPR compliant. All Policy for edu.simsb.com is administered by Borna Group Limited and after viewing them; if you have any questions you can contact our Data Protection Officer:ICO@bornagroup.co.uk
As Our company is aware that organisations who process personal data of people in the EU need to be compliant with General Data Protection Regulations (GDPR) - hence we are committed to ensuring our business is GDPR-compliant. Data privacy is an important human right, and in this data-driven world, more than ever, data protection is something that all companies should be paying close attention to. As well as ensuring GDPR compliance, Borna Group Ltd already has in place extensive data security measures that meet industry standards.
Note: Personal data (information that relates to an identified or identifiable individual) is not shared with any third parties. We act as processor and the institution whose data we are processing acts as the data controllers.
By visiting the Borna Group Website, or by using this Service, you would have accepted the privacy practices describes in this doccument. Our Users have the right to object to the processing of their Personal Data. We will not pass on your personal information to any third party except as defined in this document.
We are Borna Group Limited, Address: 71-75 SHELTON STREET, COVENT GARDEN, LONDON WC2H–9JB - VAT Number:312 8124 38. You can contact us at our address, or by email:firstname.lastname@example.org.
Any enquiries about our use of your personal data can be addressed to our Data Protection Officer:ICO@bornagroup.co.uk. Note:The Information Commissioner's Office does not required Borna Group Limited to have a Data Protection Officer.
Borna Group Limited offers Software as a service, delivering an online application suite to Educational Institutions. Once an Institution is granted access to our software suite, only they as an administrator are able to access and view their client inputed data. The administrator after having log in to their institution; can grant access to their users who could only see the information that they have consent for and no one elses data.
All access to our software suite is through the Hyper Transfer Protocol Secure - Secured and Encrypted; the same protocal used by banks. Therefore, accessing our software suite over the internet can not be eavesdrop on transmittion and can not be accessed by third parties.
Also Institutional user passwords are stored securely as a one way Hash (a one way encrypted 32 Hex digit value) that can not be decrypted, making our system extreemly secure. If a password is forgotten it can not be retrieved and will have to be re-created through a two step email verification/validation process. The Institution client data (in the database) uses robust data security to protect data including secure connections, authentication services, fine-grained authorization and controls and data encryption, making the data very safe and secure.
Information in relation to parents and students will be collected by the Instructor or by his or her assistants on the Instructor’s behalf. This might be achieved by providing information verbally, whether face to face or by telephone, completion of paper documents at the time of signing up with the Institution
The Instructor will require the following information about the student:
Information which will be required from parents/legal guardians:
The Instructor will not seek any further personal information in relation to parents or students without gaining specific authority.
The Instructor will not take or publish photographs of students or publish students’ names without your consent as the parent/legal guardian.
All the information given is only available to the Institution and the Parents/legal guardians given through our site and all is password protected.
This organisation will not use these informations on the Institutions behalf but rather use to process information on the Instructor's behalf. This will be for the efficient and effective administration and running of the business and provision of the study programme, such as book-keeping, accounting, training and so on.
When using our software services, a number of cookies are created by us and by third parties to allow the website to function. The created cookies are listed in the table bellow. The collected information about users will help make the user experience safe, better and possible.
Some of these cookies are strictly necessary for our website to function correctly and we do ask for your consent to place these on your computer. By accepting and giving concent, you will be able to sign in to our software suite. These cookies are shown in the table below:
By using our services, informations collected (displayed in the table bellow) are stored on users computer or phone as cookies and a session variables, authenticated cookies (displayed in the table bellow) to persist state information between page requests are stored as part of the existing session data.
An HTTP cookie (also called web cookie, Internet cookie, browser cookie, or simply cookie) is a small piece of data sent from a website and stored on the user's computer by the user's web browser while the user is browsing. Cookies were designed to be a reliable mechanism for websites to remember stateful information (such as items added in the shopping cart in an online store) or to record the user's browsing activity (including clicking particular buttons, logging in, or recording which pages were visited in the past). They can also be used to remember pieces of information that the user previously entered into form fields, such as names, addresses, passwords, and credit-card numbers.
Cookies perform essential functions in the modern web. Perhaps most importantly, authentication cookies (in our case Session cookies) are the most common method used by web servers to know whether the user is logged in or not, and which account they are logged in with. Without such a mechanism, the site would not know whether to send a page containing sensitive information, or require the user to authenticate themselves by logging in. The security of an authentication cookie generally depends on the security of the issuing website and the user's web browser, and on whether the cookie data is encrypted. Our systems uses encryption of highest level.
|Accepted_GDPR_Cookie||Borna Group Ltd||User Accepted Policies - To allow Log In to the Software Suite||1 Month||Necessary|
|CTimeZone_Session||Borna Group Ltd||Preserves Users Log In Time Zone across page requests - To get correct Date and Time||Session- Log out||Necessary|
|CCountry_Session||Borna Group Ltd||Preserves Users Country across page requests - To get correct Date and Time||Session- Log out||Necessary|
|InstIDD_Session||Borna Group Ltd||Preserves Institution ID for Useracross page requests||Session- Log out||Necessary|
|RecPerPage_Session||Borna Group Ltd||Preserves Users View number of records per page across page requests - To display number of records||Session- Log out||Necessary|
|StatusBy_Session||Borna Group Ltd||Preserves Users View Status type of records per page across page requests - To display Status type of records||Session- Log out||Necessary|
|OrderByGuardian_Session||Borna Group Ltd||Preserves Users preference for sorting records across page requests||Session- Log out||Necessary|
|OrderByStudent_Session||Borna Group Ltd||Preserves Users preference for sorting records across page requests||Session- Log out||Necessary|
|OrderByTermClasses_Session||Borna Group Ltd||Preserves Users preference for sorting records across page requests||Session- Log out||Necessary|
|OrderByTeacherType_Session||Borna Group Ltd||Preserves Users preference for sorting records across page requests||Session- Log out||Necessary|
|InstSignInDate_Session||Borna Group Ltd||Preserves Users preference initial date across page requests||Session- Log out||Necessary|
|InstSecondDate_Session||Borna Group Ltd||Preserves Users preference Second date used in reports across page requests||Session- Log out||Necessary|
|InstStartTime_Session||Borna Group Ltd||Preserves Users preference Start Class Time used across page requests||Session- Log out||Necessary|
|InstEndTime_Session||Borna Group Ltd||Preserves Users preference End Class Time used across page requests||Session- Log out||Necessary|
|KUSubject_Session||Borna Group Ltd||Preserves Users preference to display Subject records across page requests||Session- Log out||Necessary|
|KUSection_Session||Borna Group Ltd||Preserves Users preference to display Section records across page requests||Session- Log out||Necessary|
|KULevel_Session||Borna Group Ltd||Preserves Users preference to display Level records across page requests||Session- Log out||Necessary|
|Search_Session||Borna Group Ltd||Preserves Users preference Search String across page requests||Session- Log out||Necessary|
|Google Analytics||Monitoring and aggregate analysis of website traffic through Google Analytics.||1 year||Necessary|
The General Data Protection Regulation (GDPR) lists several legal grounds for the lawful processing of Personal Data, and requires us to only process Personal Data if we satisfy one or more legal grounds. We rely on a number of different legal grounds for the processing of Personal Data:
Processing is necessary for the performance of a contract to which the Institution is party, It is necessary for us to process Personal Data and information about the business that a User represents, for the performance of the contract between us and the Institution, and to provide our Services.
Data processing is necessary to:
If a User chooses not to give some or all the aforementioned information, this may affect our ability to provide our products and services to them.
Under certain circumstances, we may process Personal Data to comply with our legal obligations, for example to investigate, detect and prevent fraud.
When you sign up for our free trial plan, we ask for your name, address, contact number, centre name, preferred username, and your email address.
Prior to registration, We ask for your consent (by clicking Accept) to use your name or centre name and email address to email you the login credentials which contains information about how you can access our software products and services
and other information which we feel might be of relavent and of interest to you.
You can withdraw your consent at any time and unsubscribe to emails, and we will stop sending you the information on product news and updates.
Borna Group Ltd does not have access to any of the Institutions client Data unless the Institution's Administrator would create log in credentials for us to view their data (for troubleshooting purposes)
Except as described in this Policy, we will not disclose the Personal Data that we collect or store on the Service to third parties without the consent of the Institution.
By law, you can ask us what information we hold about you, and you can ask us to correct it if it is inaccurate. If we have asked for your consent to process your personal data, you may withdraw that consent at any time. If we are processing your personal data for reasons of consent or fulfilling a contract, you can ask us to give you a copy of the information in a machine-readable format so that you can transfer it to another provider. If we are processing your personal data for reasons of consent or legitimate interest, you can request that your data be erased. You have the right to ask us to stop using your information for a period of time if you believe we are not doing so lawfully. To submit a request regarding your personal data by email, post or telephone, please use the contact information provided above in the Who Are We section of this policy.
Data stored on our systems is removed upon your withdrawal of consent or your request to terminate your contract. Performed at two levels:
Upon your request and expression of consent, we collect the following data for the purpose of providing services to you. Your data is not used for any other purposes or shared with third parties. It is removed upon your withdrawal of consent or your request to terminate your contract.
We are constantly improving our security programme to address the increasingly sophisticated threat landscape and reduce the likelihood of data breaches. We reviewed our existing documented procedure for our Data Breach Response Process, as well as our Business Continuity and Emergency Response process. These processes will help us to comply with the notification obligations under GDPR.
Borna Group Limited: edu.simsb.com.