Imi is part of the sparkearlyyears group and as such, is registered and works within the regulations of the Data Protection Act (1998 and 2010) and also reflects the GDPR (2018).
We may ask for certain information and it is for you to choose to give to us to enable us to process the information to set up your Imi software and to ensure we are able to provide a quality ongoing service. From time to time, it may be necessary to receive important information from us.
If you contact us directly by email or through our websites then we will store and process the information you provide, again to provide a service to you.
Information given to us is not shared with any other party outside our company. All information held is in the strictest confidence.
From time to time, we may gather information via surveys. We use this information to improve our service or to gain statistical information to promote the software. In all cases the source is never disclosed.
The data on your Imi software is protected by a secure password system. Passwords, considered to be ‘strong’ have to be given to you. You are able to share the password with other family members and have the opportunity to change your password at any time.
Personnel of spark cannot access your data. The information is stored on secure servers within the UK with Microsoft Azure. Information within your software is requested to serve the purpose of supporting your child’s learning and development within the Early Years Foundations Stage (EYFS) via the various features and to store this information to be downloaded and enjoyed at a later date. The software only requests data to meet these aims. You decide what data to enter, what photographs to upload. You also have the opportunity to download and distribute information from the software as you wish. You may also add extra information about observations and change, delete and correct what you have uploaded. The data belongs to you and we will delete all your data on request by emailing email@example.com
Any breach in security in relation to data held must be reported to us, within 72 hours.
The information you enter is not used for any other purpose. It is not downloaded by us and is not shared with a third party. We do not share it, sell it or use the detail for advertising purposes as it is your data. It is all stored securely as per our security policy.
In our role of Data Processor we may monitor statistical data such as the frequency of use over a period of time, which is for general marketing purposes and to ascertain the amount of storage space currently used to predict future storage requirements. Should this information be used in a public manner it is anonymously given and in a generalised format.
Child records and all associated achievement and reporting records are deleted automatically when the child reaches the age of eight, together with all photographs.
Sensitive data in transit between client browsers and server is encrypted by SSL. Data is encrypted at rest by Transparent Data Encryption (TDE) using AES and 3DES. Cookies are used, but are deleted automatically after one hour if unused. In the unlikely event of any Data Breach, we would inform you immediately. All complaints in relation to Data Protection should be made to Catherine Lyon, Data Protection Officer (firstname.lastname@example.org).