W
e take keeping your data safe very seriously, our security measures are extensive and follow industry best practice.
Safety, security and privacy has been thought of throughout the design of HomeEdCompanion app and the trust that we are given to keep this data safe is important to us.
Firstly, the main account holder is the parent or carer (from now on called the 'customer') who must be over 18.
When we create an account it is the customer's name and email we use.
The customer can then create 'learner' accounts.
We use minimal personal information about a learner.
Customer's are able to use a nickname for their learner rather than their actual name if preferred.
The portfolio document will allow the nickname to be changed locally when downloaded later.
The following security measures are also in place:
* The back-end services network perimeter is protected by a firewall as well as a web application firewall
* The applications back-end data is encrypted at rest
* The communications between back-end services and the databases used are encrypted
* The communications between the application on the phone and the back-end services are also encrypted
* Customers authenticate using the industry standard for this type of application (oAuth2’s authorisation code flow with proof key for code exchange (PKCE))
* Customers will be required to provide a strong password when registering with the application
* Customers of the application will have the option to enable two-factor authentication
* A ridged patching strategy will be employed to keep the software used by the application and back-end services up to date.
* The application is scanned for vulnerabilities in the application code and in any third-party dependencies used.
* Separation between development, test and production environments is in place
* No customer data will be used in development or testing
* A suite of automated tests are run against any changes to the application code that ensure the integrity of customer data
* The team have decades of experience in running internet facing applications.
We are constantly reviewing and updating our security measures as necessary and will update this page as new security capabilities are added.
You are entitled to:
* Request copies of and/or access to your personal information.
Any requests for subject access data must be done via email (info@homeedcompanion.com) and include the account username and email linked to the account.
* Request that your data is amended or updated where incorrect.
* Request that your personal data is deleted.
Any requests for data deletion must be done via email (info@homeedcompanion.com) and include the account username and email linked to the account. Deleting data within the HomeEdCompanion app is irreversible and will no longer be accessible. This will happen within a month of request. A subscription must be cancelled first prior to permanently closing an account. The auto-renew subscription must be cancelled too prior to closing an account. Requesting to close an account will not automatically refund or cancel a subscription. The customer must double check the correct account is being deleted. Any data stored with third-party companies will also be deleted or anonymised.
* Request that we stop sending you direct marketing.
* Upon subscription cancellation, data will remain in the system until the customer chooses otherwise for up to one year after a subscription becomes inactive. In the event of an account cancellation, the account will remain active until the end of the current billing period.
iTunes
If you subscribed through iTunes, you can cancel your subscription within the iTunes platform.
Google Play
If you subscribed through Google Play, you can cancel your subscription within the Google Play platform.