EDClass logo

EDClass

www.edclass.com

EDClass is an online platform that provides one-to-one live support from UK-qualified teachers for students learning remotely. Students are fully safeguarded when online and can take advantage of thousands of pre-made lesson content and learning pathways to enhance their understanding of a topic.

Registered name EDClass

Application name EDClass

Organisation type Private Limited Company

Year of incorporation 2020

Website url www.edclass.com

Registration number 12612936

Email address [email protected]

Vat number 358315781

Main activity Online education supplier with sophisticated safeguarding measures

Registered address Aston House Campbell Way
Dinnington
Sheffield
England
S25 3QD

Sales enquiries telephone 01909 568338

Customer support email address [email protected]

Customer support opening hours
  • monday 08:00 - 17:00
  • tuesday 08:00 - 17:00
  • wednesday 08:00 - 17:00
  • thursday 08:00 - 17:00
  • friday 08:00 - 17:00

Sales enquiries email address [email protected]

Sales enquiries telephone 01909 568338

Application name EDClass

Application uses personal data Yes

Application overview EDClass is an online platform that provides live support from UK-qualified teachers for students learning remotely. Students are fully safeguarded when online and can take advantage of thousands of pre-made lesson content and learning pathways to enhance their understanding of a topic.

Built for schools Yes

How this application supports schools EDClass can be used for numerous reasons. Schools can use it to help raise or maintain their attendance for those students not attending or at risk of exclusion. The platform can also be used to aid intervention, behaviour repair and assign homework for students. Progress of students can also be tracked with continuous assessment throughout teaching and learning. Students are also fully safeguarded remotely and have live support from UK-qualified teachers.

Application sold to Only schools can buy the application

Application accesses data from the MIS Yes

Consent required from parent, child or other user No

Application uses personal data not collected from MIS No

Application collects data that isn't required No

Application meets ico's children code 2021 This application isn't required to meet the code

Application developed in-house or externally In-house

Country of development England

Test data used during development Yes

Cyber Essentials Achieved

5th April 2022

Cyber Essentials plus Not held

Cyber Essentials accreditation covers the whole organisation Yes

ISO27001 Not held

SOC 2 Type ll Certification Not held

PCI DSS Not held

Other accreditations
  • ISO 9001
    Achieved
    12th December 2022
  • ISO 21001
    Achieved
    12th December 2022
Data security contact

Policy queries email address for customers [email protected]

Data processing agreement https://edclass.com/documents

Data protection policy https://edclass.com/documents

Data breach response process https://edclass.com/documents

Service level agreement https://edclass.com/documents

Information security policy https://edclass.com/documents

Staff working from home data security policy https://edclass.com/documents

Staff bring your own device security policy https://edclass.com/documents

Application password policy https://edclass.com/documents

Application business continuity plan https://edclass.com/documents

Privacy notice/policy and data protection policy reflect gdpr 2018 Yes

Test data used during development Yes

Policy review interval Annually or in line with government legislation and law changes

Information commissioner's office registration number ZA783019

Staff data protection training interval Annually

Staff cyber security training interval Annually

Staff with access to customer data undergo employment screening, e.g. dbs checks Yes

Enhanced DBS checks in line with Safer Recruitment policy

Customer data storage location Within EEA

Cloud services used
  • Amazon Web Services (AWS)

Third-party/subcontractors have access to customer data No

Third-party privacy policies made available to customers No

Third-party incident response plan exists Yes

Customer data retained for research or testing purposes No

Customer data is used for advertising or targeting purposes, directly or via third-parties No

Customer data is encrypted when traversing public or unprotected networks Yes

Customer data is encrypted at rest Yes

Data backups are encrypted Yes

Portable devices are encrypted No

n/a

All web services are secured with reuptable trusted authority certificates Yes

Users can access/discover users from other schools/organisations in the application No

Application protects against brute force password attacks Yes

User accounts are approved before being created Yes

Yes. New staff accounts are created and then permissions are given to the new member of staff as appropriate. This is decided on the role they are doing and the level at which they are working. Only certain members of the team hold admin accounts and they have all the permissions available

All users have unique usernames and passwords Yes

User account removal process exists Yes

Staff user accounts employ role-based access control Yes

The right of rectification Through their school

The right to erasure Through their school

The right to restrict processing Through their school

The right to be informed Through their school

The right of access Through their school

The right to data portability Through their school

The right to object Through their school

Network vulnerability scan interval More frequently than annually

Internal networks are protected by firewalls Yes

Default device passwords are changed Yes

Critical/high-risk firmware and operating system updates are applied within 14 days Yes

Potential risks for data subjects
  • no risks

A risk assessment strategy is in-place Yes

An information security asset register exists Yes

The information security asset register is checked at least annually for accuracy Yes

A risk assessment is conducted at least annually Yes

Physical security of business premises' conducted regularly Yes