Last modified: 16 June 2023
Our Services may be purchased by providers of educational services, such as individual tutoring businesses, tutoring centers, schools, education authorities, etc. (collectively referred to as “Organizations” in this Policy).
In this policy, a “User” is defined as any person making use of Sabboura’s Services, including employees and students of Organizations that have purchased Sabboura’s Services. In each case, we may have to collect “User Data” (here defined as any personal information or data pertaining to any User, that is collected by, or on behalf of, Sabboura) in order to provide our Services. This Policy covers how Sabboura handles User Data as a data processor when providing Services.
We are committed to upholding the rights of users as defined under the United Kingdom General Data Protection Regulation (GDPR), and by following these Privacy Principles:
We consider all User Data that we collect to be strictly confidential. In general, we do not use such data for any purpose other than improving and providing our Services to the User. Our collection, use and sharing of User Data is governed by our contracts with the Organization that has purchased our Services.
If your access to Sabboura’s Services is provided to you by an Organization, then the Organization is the data controller for any User Data uploaded or accessed by the Services. The Organization is responsible for ensuring it has a legal basis for processing this data. Sabboura may process this data on the Organization’s behalf, as a data processor.
In order to provide our Services effectively, there are a number of pieces of information (User Data) that Sabboura needs to collect and store.
By subscribing to our Services you consent to Sabboura storing and processing the following information about you:
Organizations are responsible for ensuring that any information they upload to the Services is accurate. Administrators, teachers, and tutors that use Sabboura Services may also generate User Data. For example, Sabboura Services may track learner assignment scores, responses to interactive exercises, grades, and more. This data can be compiled into reports in some Sabboura Services. Sabboura is not responsible for disclosure of such data by Users.
For more information on what data will be collected by specific Sabboura Services, please contact email@example.com.
We collect the information that forms your User Data when:
We do not sell any User Data. We also do not share any User Data with any third parties not directly involved in the delivery of the Sabboura service, unless required to by law.
Sabboura may release User Data if it has a good faith belief that access, use, preservation, or disclosure of such information is reasonably necessary to:
We use anonymised aggregated data to analyze how our Users interact with our Services in order to improve them and to come up with new Services. When we do this we ensure that all direct identifiers to any person are removed, meaning the data is no longer considered personalized for the purposes of data privacy regulations.
When you purchase access to Sabboura’s Services, or when we contact you for marketing purposes, we act as a data controller. Following the European General Data Protection Regulation, we are required to inform you of the legal basis for handling your User Data. We may use User Data:
When we handle User Data on behalf of an Organization, the Organization is the data controller and will establish the legal basis for handing your User Data. If you have any questions regarding this, please contact the Organization that has provided you with the use of Sabboura’s Services on your behalf.
We may use the contact details provided by Users of our Services to inform Users about other Services on offer from Sabboura, unless the User chooses to opt out.
Marketing communications will not be sent to any User that has opted out of receiving them. Users may opt out from receiving marketing communications at any time. All marketing communications sent by Sabboura will contain an “Unsubscribe” link at the end of the communication.
Securing your User Data is very important to us. We take appropriate security measures to protect against unauthorized access, and to verify your identity before granting your account access or making corrections to your information.
We advise you to create and maintain a strong password to help ensure the security of your account, and to never share it with others. We also urge you to only use our Services via secure networks, and to maintain up to date internet security and virus protection on the devices from which you access our Services. Please change your password immediately if you suspect there has been a data breach or if you have security concerns, and contact us on firstname.lastname@example.org.
Organizational customers and their Users must not misuse any User Data accessible through the Services, or collect User Data either manually or in a semi-automated or automated manner.
We will keep your User Data for as long as you are a Sabboura customer and for any duration after this time where your data is required for processing in order to fulfill our Services, unless the law requires or permits longer.
Your information, including personalized User Data, may be transferred to (and maintained on) computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those from your jurisdiction. This includes areas outside of the European Union. To ensure GDPR compliance, Sabboura has standard contractual clauses in place where necessary. For example, companies in the U.S. are registered with Privacy Shield.
In the event that a dispute arises with regards to the international transfer of data, you agree that the courts of England and Wales shall have exclusive jurisdiction over the matter.
We provide Services that may be aimed at Users under the age of 18. We take the utmost care to only request the information necessary to provide our Services from these Users.
If you are under the age of 18 and have any questions regarding your User Data and how it is used by our Services, we recommend you contact your parent or legal guardian, or the Organization through which your access to our Services has been set up.
You may have rights in certain regions such as the European Economic Area in relation to your User Data. This includes the right to update and correct your personal information, to obtain a copy of your data upon request, and erasure of your data if it is no longer essential for us to retain it in order to fulfill the purposes for which it was collected. You may also request to restrict the processing of your data, in which case we may no longer be able to offer you our Services.
If you have access to Sabboura Services through your Organization and you have queries or concerns, then please contact the administrator for the Organization. We will consider and act upon any request in accordance with any applicable data protection laws.
If your access to Sabboura Services was purchased by yourself and you are unhappy with our privacy practices, you may have the right to complain to the Information Commissioner (if you are based in the UK), or to your local data protection supervisory authority.