Assembly exists to help schools drive improvement through good use of data. Protecting the sensitive data schools choose to store in our platform is our top priority.
We are always clear and transparent in how we extract, transport and store data in our platform. We try to explain this as simply as possible.
We exist to help schools get the most out of their data, not to gain any understanding of it ourselves. We will never inspect data or mine for information, or allow others to do so.
We are commited to making sure your data is secure. This includes Secure Socket Layers for encrypted transfer, encryption of data at rest, field-level encryption for identifiable data and password protection for all end users.
One of the reasons Assembly exists is to help you connect your data to education apps where you wish to. However we will never, ever share data with anyone except where you’ve asked us to. Your data is still yours to process as you see fit.
When you choose to authorise an application, we will tell you what data that app needs access to before you decide whether you want to authorise it. We won’t share more than the minimum that it requires.
We delete data when schools leave the platform or become inactive. You are also entitled to choose to have your data deleted at any point you wish.
Decisions you make don’t have to be permanent. If you change your mind about where you want to share your data, you can simply revoke the permission in your console.
The General Data Protection Regulation (GDPR) is the legal framework that became law in May 2018 via the Data Protection Act 2018. Get up to speed on its implications by reading our our summary of the DfE's data protection toolkit and find out how we’re approaching Brexit and GDPR by reading our Brexit Continuity Statement
Our privacy statement explains how we process data in a little more detail than this summary.
Our approach to information security management systems is explained in our Information Security Policy.
For full details, please refer to our suite of privacy documents. We keep these on Github so that you can easily see any amendments we’ve made:
This explains in full detail how our platform works, and how we ensure privacy and security. This is also the document we require schools to agree to before using the platform. It explains what we require from schools if they choose to use Assembly.
This is the agreement that we require Application Developers sign up to. It covers the minimum privacy and security principles that we require from them. Just as our Terms of Service extends these to cover the Assembly platform, developers have their own policies that explain data protection in relation to their specific applicationView Developer Agreement