Things you need to accept before using the system:
Should anything go wrong — and we do our utmost to ensure it doesn’t — matrep can only accept liability up to the value of the fees paid for the current subscription. No liability is accepted for lost working time.
No guarantee of availability can be provided. matrep’s availability depends on a working connection from you to our servers. We will do our best to ensure a reliable and continual service notifying you via email of any significant planned or unplanned downtime at our end. The bits of the Internet between us and you are out of our control, though.
section removed as no new accounts are being accepted
Under the GDPR definitions, we are a data processor and you, the school, are the data controller.
We do not collect any personal information ourselves: everything that we hold has been provided by you. We provide the ability to store:
All of that data is held securely within our system and required for its effective operation; you (staff admin accounts) have the ability to examine, edit and delete any of that data at any time. The only outputs from the system are:
Access requests are your responsibility as a data controller. Any access requests for pupil or staff data that we receive will be passed on to our primary contact with the relevant school: we will not directly provide any data unless obligated by the appropriate authorities. Staff can see and edit all of their data at any time whilst logged in. A member of staff cannot directly delete their account as that would destroy associated report data: the school admin will (with our support) first need to re-associate that data with an alternative staff member. The school admin can directly delete any pupil data from the system; and can request deletion of any parent / guardian account which we will process within 48 hours.
Management of consent is also your responsibility as data controller. When setting up the school account, you will be entering personal data for yourself, other staff members and pupils, many of whom will be under the GDPR consent age and require parental consent — please ensure that the arrangements you have made, or will make, are broad enough to cover the use of our system. By entering this information, you acknowledge that you have obtained and are managing the necessary consent for this data.
We will automatically delete school accounts (pupils, staff, reports, structural data etc) three months after subscription expiry if no renewal is made unless otherwise advised by the school. Other deletions, notably including pupils who are no longer with the school, are your responsibility.
In the unlikely event of a data breach, we will notify our key contact within the school within 72 hours to establish mitigating actions on a case-by-case basis.
The system will store two cookies on your computer. These do not contain personal information and are essential to the operation and security of the system:
Additionally, if your browser provides HTML5 local storage, the system will use that facility to implement a persistent cache of spell-check word results for improved speed.
We reserve the right to change any of these terms and conditions at any time. All initial school admins (those who set a school up) for whom we have a valid email address will be notified of any changes in advance.