Class2Class.org – Connecting Classrooms for a Better World

Data Processing Agreement

How We Handle Your Data

At Class2Class, we prioritize your privacy and ensure that all personal data is handled with the utmost care. This document provides an overview of how we process and protect your data, aligning with our commitment to transparency and compliance with data protection regulations, particularly the GDPR.

1. Your Data Rights

As a user, you have the following rights regarding your personal data:

  • Right to Access: You can request information on the data we hold about you.
  • Right to Rectification: You can request corrections to any inaccuracies in your personal data.
  • Right to Erasure: You have the right to request the deletion of your data.
  • Right to Restrict Processing: You can ask us to limit how we use your data.
  • Right to Data Portability: You can request your data in a commonly used format for transfer to another service.
  • Right to Object: You can object to the processing of your personal data under certain conditions.

2. How We Process Data

We collect and process personal data only for specific, lawful purposes. Here’s how we handle your data:

  • Purpose: We collect personal information to provide and improve our services, support communication, and ensure legal compliance.
  • Types of Data: We may process basic personal information such as names, contact details, and other relevant data related to your use of our platform.
  • Legal Basis: We process personal data based on your consent, contractual necessity, and legal obligations.

3. Data Security

We employ a range of technical and organizational measures to protect your personal data from unauthorized access, loss, or damage. These measures include:

  • Encryption of sensitive data during transmission and storage.
  • Access Control to ensure that only authorized personnel have access to your data.
  • Regular Security Audits to evaluate the effectiveness of our security measures.

4. Sharing Your Data

We may share your personal data with trusted partners or service providers who help us deliver our services. However, we ensure that:

  • Any third parties we share data with are subject to strict data processing agreements.
  • We only work with partners who meet our high standards for data protection.

We will never sell or share your data with unauthorized third parties.

5. Data Retention and Deletion

We retain personal information for 90 days to 2 years after account termination, or as needed for:

  • Record-keeping/reporting
  • Legal compliance
  • Enforcement of legal rights
  • Fraud prevention
 
Once the data is no longer needed, we will securely delete or anonymize it.

 

6. Sub-Processors and Third-Party Transfers

We use trusted sub-processors to help deliver certain services. We ensure that:

  • These sub-processors comply with the same data protection standards that we uphold.
  • Any transfer of personal data outside of the EU/EEA is subject to appropriate safeguards in accordance with the GDPR.
 

Here is the list of GDPR guidelines for each of our subprocessors

 

7. How to Contact Us

If you have any questions about how we process your data or wish to exercise your rights, please don’t hesitate to contact us:

8. Updates to This Policy

We may update this policy from time to time to reflect changes in our data processing practices or to comply with legal requirements. Any updates will be posted on this page.