Privacy Policy

General

When using SchoolIs platform you confide us with your personal information. The purpose of privacy policy is to explain what data is collected, why it is collected and what we do with it.

SchoolIs respects the privacy of every individual who uses our product and services. This privacy policy demonstrates our commitment to your privacy and outlines the information we may collect about you. SchoolIs reserves the right to modify this privacy notice by updating the contents on this page.

Personal Information

This is information which you provide to us which personally identifies you, such as your name, email address or other data which can be reasonably linked to such information by SchoolIS, such as information we associate with your SchoolIS profile.

SchoolIs does not share, sell or transfer personal data to anyone other than as described below. Broadly, we collect personal data for the purposes of providing our services and tasks incidental to that purpose, which is the electronic processing and administration of academic information of students enrolled in their school. We will not provide personal information to third parties except when we have the express permission of the Parent or under the limited circumstances listed under below.

Collecting data

User data is submitted to our platform in three ways:

  • directly by the users
  • by representatives authorised by the users (e.g. the school SchoolIS administrators and faculty obtains data and then uploads it to our platform)
  • via an integration with a third-party system

Data typically enters our systems via “student information systems” independently maintained and controlled by our customer schools. We import data from third-party systems only under direct instruction from our customers.

The lawful basis for collecting personal data

GDPR specifies six lawful basis for collecting personal data:

  • Consent
  • Written contract
  • Legal obligation
  • Vital interests
  • Public tasks
  • Legitimate interests

For most schools, the legal basis for data collection relates to either legal obligations as learning institutions, or to legitimate interests.

Most of the bases require that the data processing is necessary, i.e. if you can reasonably achieve the same results and purpose without processing data, then you do not have a lawful basis.

Personal data retrieved

We may collect personally identifiable data, such as e-mail addresses of those who communicate with us via e-mail and information volunteered by users (such as survey information and/or site registrations). We also collect your name, school, gender, date of birth and e-mail address when you register on a Website. A billing address and credit card information will be required for primary account administrators. By using a student account, Students and parents may send personal information including directory information such as their first and last name, email address, nationality, place of birth, language, national ID, and parents’ names and contact details to Schools.

Sharing information with third parties

SchoolIS obtains information on voluntary basis, and that information will not be provided to any third parties by us except when we have the express permission or under the limited circumstances:

When the school or users has given their express permission in writing or recorded automated process giving us authority for personal data and/or information to be shared publicly.

If it is necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of the Terms of Service or Terms of Use, or to comply with any legal requirement such as, but not limited to, complying with a subpoena or cooperating with law enforcement agencies.

If we are directly or indirectly acquired by another company or merged with another company. In this event, we will notify all Subscribers or users that such an event has taken place so that they can decide whether they are prepared to have their personal data transferred or will become subject to a different privacy policy.

Under special circumstances, such as to comply with subpoenas or when a Subscriber or user’s actions violate the Terms of Service or Terms of Use.

We do not share, sell or transfer personal data to anyone other than as described. Broadly, we collect personal data for the purposes of providing our services and tasks incidental to that purpose, which is the electronic processing and administration of academic information of students enrolled in the customer school. We will not provide personal information to third parties except when we have the express permission of the Parent or under the limited circumstances listed above. We take steps to prevent our customers from sending data to third parties without complying with data protection regulations. However, it is important that our customers themselves implement safeguards to ensure that data transfer occurs in adherence with regulation.

Cookies

Cookies are small text files that are placed on your computer or mobile phone when you browse websites.

We use cookies that are required for the operation of our website/application. They include, for example, cookies that enable you to log into your school’s Schoolis platform.

Cookies on SchoolIs:

  • Make our service work as you'd expect
  • Save you having to login every time you visit the site
  • Remember your settings during and between visits
  • Improve the speed/security of the site
  • Help you get to what you need faster

We do not use cookies to:

  • Collect any personally identifiable information (without your express permission)
  • Pass data to advertising networks
  • Pass personally identifiable data to third parties
  • Pay sales commissions

You may block cookies by updating the relevant settings on your device or browser to allow you to refuse the setting of some or all types of cookies. However, if you use your browser settings to block all cookies (including strictly necessary cookies) you may not be able to access all or parts of our website.

Data deletion request

A data deletion request is valid only if the lawful basis of the processing is Consent (see above), or if the original purpose is no longer valid. We strongly recommend that our schools implement clear processes for evaluating these kinds of requests. If a data subject is granted the right to be deleted, SchoolIs will, either through our software or our support services, help execute these rights and confirm the deletion.

SchoolIs deletes personal data when instructed by our customers, or if the contract between us and the customer is terminated. The procedures around deleting customer data upon termination of service should be provided in writing.

An instruction to delete a user in our services can either be manually performed in the platform by a customer representative or upon request to our support team.

When users are deleted in our systems, there are safeguards in place to prevent errors leading to an irreplaceable loss of data. In many cases customers will have to manually confirm the deletion of customer data, including personal data.

Providing personal data that we store on a user when requested

Our users have strong rights to transparency, information, and data access. Any data subject can request a copy of all personal data stored, provided that it does not adversely impact other users, or if the data is not already directly available.

Please note this is not an absolute right. There are laws in place that require you to protect the data subject and others from accessing certain kinds of information. We strongly recommend that our customer schools implement a clear process for evaluating this kind of request. If our customer school grant a data subject the right of access, we will, either through our software or our support services, help execute these rights.

Our systems were built for transparency across all stakeholder groups, so the majority of data stored about a user is directly accessible via the individual user profile.

Providing personal data that we store on a user when requested directly by a user (e.g. student, parent, teacher)

Under GDPR, the data subject (user) rights is between him and the controller (our customer schools). Any data subject requests from end users to SchoolIs will be handed over to the customer school. SchoolIs will cooperate in good faith with customers to ensure they can exercise the rights of the data subjects in a prompt manner.

Data breach notification

Depending on the nature of the data breach, our customers might be required to promptly notify both the users affected and the supervising authorities. SchoolIS is required to notify its customers when becoming aware of a data breach, and to help them in fulfill obligations in notifying users.

GDPR for customer schools outside the EU

The EU has no legislative power over jurisdictions outside EU. GDPR does not offer any rights or freedoms to data subjects located outside the EU, and does not put obligations on non-EU customers that do not process data on EU/EEA data subjects.

However, SchoolIS provides the same services and same level of security to all our customers. In other words, no matter where your school is located, you will benefit from our approach to security of personal data under GDPR.

Links to other websites

SchoolIs may link to other websites but is not responsible for the accuracy of the content on external sites nor does it imply endorsement of their views. We encourage you to review the privacy policies of websites you choose to link to from ours so that you can understand how those websites collect, use, and share your information.

Security

Whenever users submit personal information (such as contact info) via online forms or registration, upon submission that information is encrypted via the highest level of SSL available. Servers that store personally identifiable information are in a secure environment.

Use of Text and Images

If you would like to publish information that you find on our website, please send your request to This email address is being protected from spambots. You need JavaScript enabled to view it.. Downloading any photos of students or community members from our website is not authorized. Information about using our logo is available by contacting This email address is being protected from spambots. You need JavaScript enabled to view it..

Contact Information

If users have any questions or suggestions regarding our privacy policy, please contact us at: This email address is being protected from spambots. You need JavaScript enabled to view it..


Marleo d.o.o. za informatiku, trgovinu i usluge

Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
Drežnik 21, 10257 Brezovica, Croatia.

Data center in Germany