Data protection and privacy
Find out more about how Skolon deals with GDPR, and read our various terms and conditions and our privacy and data protection policies.
How Skolon complies with GDPR
Skolon was built to facilitate personal data processing for schools and municipalities in connection with digital tools and learning resources. The basic functions required for personal data processing under GDPR are therefore already built into the platform for all users. There’s also a data visualisation tool to make it easier for schools to process personal data.
Basic personal data processing functions
Skolon includes basic functionality for the systematic working methods required to ensure compliance with GDPR.
Secure syncing and transfer of personal data – Skolon’s APIs ensure the secure, controlled transfer of personal data, from basic systems to individual school tools.
Restricted data sharing – Skolon’s system automatically restricts the sharing of personal data to only those services that the individual user actually uses, even if they have been made available to the whole school.
Continuous testing – all integrations are tested and quality checked on an ongoing basis, fully automatically.
Data sharing visualisation – each user can easily see and administer their own user data.
Data overview and management – administrators can easily review and administer all personal data contained in the platform.
Skolon’s data visualisation add-on allows administrators to review and manage all user data at different levels, even more easily.
The add-on provides a clear overview of which user data is held by which suppliers, all in one place. It’s also easy to stop data from all tools. With just one click, you can also get ready-made reports detailing which users’ data is held by which suppliers, thus enabling you to comply with reporting obligations.
Skolon’s data processing agreement for schools
Skolon has drawn up a GDPR-compliant data processing agreement (DPA) to help schools that use Skolon to comply with the regulation. We also sign DPAs based on the standard templates produced by bodies such as the Swedish Association of Local Authorities and Regions for schools that want to use these. The agreement ensures Skolon’s commitment to users and schools to comply with GDPR requirements. If you have any questions about this agreement, please get in touch with your Skolon contact.
Skolon’s security work
Protecting our users’ security and privacy is one of our most important tasks. We therefore work continuously and methodically with data protection and security.
The Skolon platform is built according to the latest industry standards when it comes to storing, processing and communicating sensitive information, such as personal data and passwords. For example, we use SSL/TLS and one-way hash algorithms.
The Skolon platform and its various APIs are continuously security tested and evaluated.
Protection is implemented with systematic, organisational and technical measures to ensure privacy, confidentiality and accessibility.
Data is stored in the EU, and we only use well-established subcontractors who comply with current standards within the field. All data is backed up at several different locations.
We have policies and security procedures for aspects such as:
- Information security
- Incident management
- Risk analysis
- Software updates
- Secure device configuration and management
- Software development
- Learning and training
Skolon’s employees are bound by non-disclosure agreements and only process the data required by their work.
Policies and documents
Personal data processing in connection with using the Skolon platform is governed by a data processing agreement between the customer (the school) and Skolon. There are also a number of additional policies, as follows:
Data protection contact