InVentry and the UK GDPR
Helping our Customers (Education)
With you being the controller for the data processed within your school, we understand that the data within your InVentry unit is important to you. Although the system provided is supplied by InVentry Limited, the data remains within your control. In the same way you would put data into Excel or Word on your own computer does not make Microsoft a processor, the addition of data to your InVentry system and the processing it undertakes does not make InVentry a processor. However, in certain circumstances InVentry will become a processor and this will be explained later in this document.
The system installed on site has been developed to reflect the requirements of the DPA2018/UKGDPR, in particular:
- Articles 12 – 23 – Rights of the data subject
- Article 32- Security of Processing
We have taken measures to ensure that all data within the system is always secure and safe. These include;
- Data housed on the InVentry system within your premises is encrypted at a database level using 256-bit encryption.
- Data located in the Cloud copy (if appropriate) is encrypted at the same standard.
- Ability to manage access to the user console and supporting interface.
- Ability to customise the visitor/staff interface.
- The ability to delete data in a managed manner
- Ability to seek consent when required
- Data is transferred using TLS 1.2/HTTPS
The information that InVentry captures when visitors, staff and students sign into your site is your data, and as such, the system allows you to choose what this is and how it is managed. However, we would advise that you consider the data being processed in line with the requirements laid down in UKGDPR with regards to the principles relating to data processing described in Article 5. It is worthwhile noting that this is one you make as the controller of data on your site. We would recommend that this retention period should reflect the school’s policy on data retention using the guidance issues by the following organisations:
- The IRMS toolkit can be found at: https://irms.org.uk/page/SchoolsToolkit
- Data Protection: A toolkit for schoolshttps://www.gov.uk/government/publications/data-protection-toolkit-for-schools
- The DfE attendance guidance can be found at: https://www.gov.uk/government/publications/school-attendance
In all the above instances, the information held within your InVentry system is under your local control on a PC within your network, and subject to your own data protection and handling policies.
Lawfulness of Processing
‘Lawfulness of processing’ is at the heart of GDPR and schools must ensure that this is complied with, but you don’t have to rely just on consent. Schools can process data without necessarily asking for consent to do so, other grounds include;
- Processing is necessary for compliance with a legal obligation to which the data controller is subject;
- Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
So, for example;
- Section 537A of the Education Act 1996 – requires schools to maintain attendance records:
- The Regulatory Reform (Fire Safety) Order 2005 England and Wales – Requires an emergency evacuation plan that includes ensuring all those on site are safe accounted for.
Both above provide legal grounds for processing data or in performance of a task acting in the public interest using an InVentry system.
InVentry Limited as a processor
There are five occasions where all or some of the information from your InVentry system would be processed by InVentry Limited, all of which involve processing data whilst not on your site or within your network.
The first of these is where your system includes a cloud version to support the service delivered. As part of the latest version of InVentry, a cloud copy of up to the whole system database is taken to enable specific services such as full MIS integrations to be performed more efficiently. This is down to more providers now using cloud based services and not on-premises.
The second of these would be when using InVentry Anywhere. InVentry Anywhere is a subscription based licensed service that takes visitor and staff information, when requested by the organisation, from your system for the purposes of emergency evacuation such as fire or the Trip Management service. The information is uploaded to the InVentry Anywhere cloud server (hosted within the UK) using SSL/HTTPS and updated each time a visitor or staff member signs in our out. Visitor and staff (other than app log in details) information is purged from this server at 23:59:59 each evening as it is no longer required or accurate or in the case of Trip management, on the closure of the trip. This reflects Principle D – ‘Accurate and, where necessary, kept up to date’ of Article 5 in GDPR.
The third occasion where your data is processed by InVentry Limited would be for fault finding and service desk support, this is part of your maintenance licence. Before accessing your system, consent will be sought including an agreed time. There may be times where we need to take a copy of the data on your system to test it within our offices. Before removing data in any form, as before we will seek your consent to do so, either verbally or written and take all steps to minimise its collection. This data is subject to a stringent internal policy and procedure ensuring that ownership of the data is recorded, these include:
- Where images of data are required, they are clipped to reduce the amount of data captured.
- Permission to download an organisations database can only be authorised by a senior service desk member of staff.
- All data is deleted and removed from our internal servers, of which those used for customer data storage are not backed up, and records once the fault has been fixed and this is recorded.
The next is if the organisation chooses to use the badge making service. The data submitted in this process is a decision for the controller, based on their requirements. When the data is submitted, it is uploaded to and downloaded to our office from our secure cloud severs where it is stored for a maximum of 24 hours via HTTPSs. Once the badge order is confirmed and dispatched, we retain the data for 51 days to ensure correct completion of the order.
The last is if you choose to use the SMS/Email option for notifications of visitor arrival and email notifications If you opt for this, the mobile number is shared with a service provider who is compliant with the requirements of UKGDPR and solely for this purpose. The retention periods for this service is outlined in our data sharing agreement.
Anonymous Data
InVentry Limited collects anonymised data to allow for future developments to the software along with providing insights and metrics to help you improve how you use your InVentry system within your organisation. This data includes:
- Number of visitors per day
- Number of staff signed in per day
- Number of pupils signed in or out per day
- Database size
- Name of current MIS system (if applicable)
- Geographical location of InVentry system
- Hardware details of InVentry system
More details can be found at https://bit.ly/3PKa9OO
If you have any further questions, do not hesitate to get in touch with us via dpo@inventry.co.uk
- Visitor House, Gelderd Road, Gildersome, Leeds, LS27 7JN
- info@inventry.co.uk
- 0113 322 9253
- www.inventry.co.uk