gdpr ab_1200

The team at ArborBridge is hard at work ensuring that our practices are GDPR-compliant. GDPR, or the General Data Protection Regulation, goes into effect on May 25, 2018. It is a new set of laws aimed at enhancing the protection of EU citizens’ personal data and increasing the obligations of organizations to deal with that data in transparent and secure ways. The GDPR applies not only to EU-based businesses, but also to any business that stores or processes data of EU citizens.

We want you to know that we are fully committed to complying with the requirements of the GDPR and place utmost importance on the privacy of your personal data.

Our legal and policy experts have closely analyzed the requirements of the GDPR and are continuing to monitor best practices for implementing the requirements of the GDPR. We have already made changes to our Privacy Policy, contracts, and other policies to ensure that we are in full compliance with the GDPR before May 25, 2018. We are dedicated to ensuring that your personal data is protected.

Here's what you, as an ArborBridge client, need to know about the GDPR and your rights.

Consent
When you are about to submit your personal information, we will ensure that you have given your full consent to disclose that data. We are also required to provide evidence that our processes are compliant and followed in each case.

Right to be forgotten (or erasure)
This allows you to request that personal data be erased when it is no longer needed.

Right to data portability
This allows you to demand a copy of your data in a common format.

“Right to be forgotten (or erasure)” and “Right to data portability” both make it easier for you to request that any information stored should be deleted or that information that has been collected should be shared with them.

Access requests
You have the right to request access to your data. The timescale for processing an access request is a 30-day period.

 


 

We are committed to maintaining transparency with our clients. Below is an exhaustive list of the personal data we at ArborBridge collect:

IP address Gender Academic textbooks Answer sheets
Parent name Graduation year Previous tutoring Tutor analysis
Parent phone School Scores of previous exams Device information
Parent email Time zone First language Browser information
Address Available times Tutor notes re: the tutoring session  
Student name Scheduling conflicts Testing accommodations  
Student phone Referral contact Test scores  
Student email Academic subjects Test subjects  

 

To efficiently run ArborBridge, we store information with the following third-party servers.

Amazon Web Services (cloud-based hosting):

  • All information listed above

Less Annoying CRM:

  • All information listed above except IP address, device and browser information

Google Analytics (compatibility and performance metrics):

  • IP address
  • Device information
  • Browser information

Mandrill (email service):

  • Email address
  • Lesson notes
  • Test results

 


 

Starting Friday, May 25, 2018, you have the right to access or request to delete any of the personal data listed above from ArborBridge records. If you wish to access this data or remove it entirely from our records, please fill out the form below and we will get back to you in 1–2 business days.

If you have any questions about the GDPR, we're here to help. Contact us at info@arborbridge.com for more information.