This document forms a Data Sharing Agreement between Groupcall Limited (Groupcall) and your school or other education establishment (you, your) for the transit and protection of your school MIS data using Groupcall Xporter-on-Demand (XoD) When you share data with Groupcall third party partners (partners) using Groupcall XoD, Groupcall securely caches your school data within European data boundaries to provide responsiveness and to minimise any impact on your MIS platform. All sensitive and personally identifiable data is encrypted. This agreement outlines how Groupcall protects your data within XoD, but you will also need to consent to specific partner agreements regarding the movement of your school data to those partners when you choose to allow it.

Data Movement Overview

Groupcall Xporter-on-Demand is an automated self-service solution to securely collect and deliver data to one or more selected partners – such as homework systems, behaviour management software, and so on. Enabling XoD for your school opens up easy sharing of your school dataset with over 70 partners.

XoD operates an AES encrypted hot/warm/cold Cloud-based caching layer within European data boundaries to provide responsiveness and to minimise impact on your MIS platform. XoD proactively caches a core high-frequency access dataset within the platform (defined later in this document), and will also cache other data that fulfils both of these requirements:

  1. You allow one or more partners to access the data areas.
  2. One or more partners actually request access to those data areas.

The Xporter-on-Demand platform meets security requirements for the protection of your data because:

  • All personal data is stored AES encrypted at rest.
  • Xporter-on-Demand operates inside of European data boundaries.
  • Xporter-on-Demand utilises the Microsoft Azure cloud platform, which is certified for the storage of personal data.
  • Groupcall carry out periodic vulnerability scans of our platforms.
  • Groupcall are ISO27001 certified.

For school-hosted MIS products such as Capita SIMS .net and Advanced Learning Facility, Groupcall use our on-premise Groupcall Xporter agent to facilitate secure data movement between an on-premise MIS and the Xporter-on-Demand cloud platform; this includes AES encryption of personal data.

For cloud-hosted MIS products such as RM Integris G2 and ScholarPack, Groupcall XoD can either follow the on-premise model as above using an Xporter agent, or you can supply XoD with a specific set of MIS credentials and we will make cloud-to-cloud transfers to ensure fast and reliable service delivery without reliance on your school broadband connection and with much faster support escalation assistance. You can choose either option.

The on-premise Xporter agent will transmit health and performance information to Groupcall on a periodic basis to allow proactive monitoring of installation health and to generate anonymised trending statistics to further improve the service. This includes local server information such as operating system details, server specification, resource utilisation, and networking information.

In instances where your Xporter agent is identified to be in a faulted state the same monitoring service will also transmit error logs to Groupcall servers and allow authorised Groupcall staff to send remedial instructions to your Xporter agent installation to request that it check for and apply updates, re-attempt connection to your MIS or to the XoD platform, restart the Xporter service, or carry out other changes to your Xporter agent configuration required to restore service.

Transfer and Use of Personal Information

Groupcall Xporter-on-Demand facilitates the extraction of data between MIS and partners. The extent of Personal Information shared with these systems will depend upon each partner’s requirements and you must consent an explicit DSA to that effect with each partner. XoD will not allow transfer of data to a partner unless you specifically given permission via the XoD web UI that allows sharing to occur, Groupcall call this a Consent.

A Consent in XoD allows a specific list of data areas to be read/written from your MIS for a specific partner that you gave Consent to. When you give consent, the permission for movement of data within the scope of that Consent is perpetual until you, the partner, or Groupcall withdraws it. When you revoke permission for a partner you must specify an end date for that sharing and XoD will cease allowing access by the partner from that date. If you revoke permission retrospectively then data access may continue for up to 72 hours.

Withdrawing Consent for movement of a specific list of data areas to be read/written by a specific partner does not end your commercial relationship with that partner. If you do withdraw consent for data transfer for a specific partner then you need to also remember to instruct them to cancel any service(s) or contract(s) that you have in place and ensure that they dispose of your school’s data in line with the partner’s specific data sharing agreement that you initially Consented to.

Groupcall XoD proactively caches an encrypted set of data when you enable it; this is to ensure responsiveness and to minimise any impact on your MIS platform. This data includes:

  • Details of your school: including Headteacher name and contact details
  • Details of your school pastoral and timetable structure: including year groups, registration groups, house groups, teaching groups, timetable structure and lessons.
  • Details of your students: including identifiers, names, photos, contact details, addresses, summary attendance statistics, SEN and demographics.
  • Details of your staff: including identifiers, names, photos, contact details, addresses, birthdate, gender, and employment start and end dates.
  • Details of student contacts: including identifiers, names, relationship to student(s), contact details and addresses.

Groupcall does not transmit this data to any partner unless there is a Consent in place specifically covering the data areas requested. For example, while student demographics are proactively cached with at-rest encryption, they will not be released to any partner unless there is an active Consent in place for that partner that includes the “StudentDemographic” permission.

Groupcall Support Personnel & Data Security

The support team at Groupcall are able to resolve or advise you on any technical issues that you encounter while using Groupcall products, however they are unable to advise on any other issues affecting partner products and in such instances you should refer to the support arrangements for that specific partner.

If you have an on-premise Xporter agent deployed then it may be necessary for a Groupcall support technicians to view the issue with you, in order to diagnose it fully and offer a solution. In circumstances where support technicians need to view the issue with, you they may use remote access tools to view your computer with you, in which case you should remain at your computer and supervise the entire session. All of our remote sessions allow you to retain control and allow you to terminate the session at any time. If your issue escalates and further technical specialists are required, then additional Groupcall staff may join the remote session.

If your issue is a platform issue or requires changes to your account configuration, then Groupcall staff may perform such configuration on your behalf from our secure management platform without requirement for remote access. This will not include carrying out any Consent on your behalf.

You are reminded that you should avoid sending personal information, such as student/contact records, to Groupcall directly, for example via email. You certainly should only send such information when supported by strong encryption, if there is an explicit requirement to do so. Groupcall staff will advise the most secure method for transfer if there is such an explicit requirement.

Data Lifecycle

Your data’s point of origin remains in the source MIS system and is transported via Groupcall XoD based upon agreed rules, in-line with 3rd party specification.

Due to the caching nature of the XoD platform, some data changes in your MIS may take up to 24 hours to propagate to partners. If this presents an issue for you in a specific matter, please do contact Groupcall support for assistance and to expedite a cache refresh of all appropriate data. If your school MIS is inaccessible, XoD may return data from our encrypted caches in the interests of service continuity.

The XoD platform automatically disposes of expired cache data from the platform when it is 30 days out of date. Any fresher data supplied to XoD will overwrite existing data of the same type for your school. In practice the maximum cache validity in XoD is 7 days (for photos) and so our automatic disposal policy means that any data held by Xporter-onDemand will be automatically and permanently purged from our storage a maximum of 37 days after you cease to use the platform or after all partner(s) cease accessing an area of your data.