Acceptable Use Policy

Acceptable Use Policy

Effective date: December 23, 2024

Teacher working through something with a student
  1. About this policy
    1. This policy is to help our users understand how to use our learning platform safely and appropriately. 
    2. This policy applies to all who use our online learning platform(s), as a condition of access. 
  2. Online behaviour
    1. As a member of the school community you should follow these principles in all of your online activities:some text
      1. The school cannot guarantee the confidentiality of content created, shared and exchanged via school systems. Ensure that your online communications, and any content you share online, are respectful of others and composed in a way you would wish to stand by.
      2. Do not access, create or share content that is illegal, deceptive, or likely to offend other members of the school community (for example, content that is obscene, or promotes violence, discrimination, or extremism, or raises safeguarding issues).
      3. Adhere to all UK laws around sharing data. 
      4. Respect the privacy of others. Do not share photos, videos, contact details, or other information about members of the school community, even if the content is not shared publicly, without going through official channels and obtaining permission.
      5. Do not access or share material that infringes copyright, and do not claim the work of others as your own.
      6. Do not use the internet to distribute malicious software, to damage, interfere with, or gain unauthorised access to the computer systems of others, or carry out illegal activities.
  3. Data Sharing
    1. There are specific principles and guidelines around sharing information, particularly sensitive or personal data. While The Data Protection Act 2018 and General Data Protection Regulations provide a framework for the protection of personal data, sharing information often involves considerations beyond individual privacy, such as confidentiality, consent, and the public interest. When sharing information you should consider:some text
      1. Lawfulness and Purpose: Information sharing should be lawful and for a specific, legitimate purpose. It should be based on legal grounds or explicit consent where necessary. The purpose of sharing should be clear and relevant to the objectives of the involved parties.
      2. Data Minimization: Only the minimum amount of information necessary for the purpose should be shared. This principle aligns with the GDPR's data minimization principle, ensuring that only relevant data is disclosed, reducing the risk of privacy breaches. 
      3. Consent and Privacy Notices: Where possible and appropriate, individuals should be informed and give consent for their information to be shared. This ensures transparency and empowers individuals to control the use of their data. Privacy notices should clearly explain how information will be shared and with whom.
      4. Confidentiality and Security: Shared information should be handled confidentially and securely to prevent unauthorised access, disclosure, or misuse. Organisations should implement appropriate security measures to protect shared data, adhering to GDPR's requirements for data security. Before using new online platforms that require data to be shared, for example but limited to, by being inputted or uploaded, a Data Protection Impact Assessment should be carried out. 
      5. Accuracy and Currency: Shared information should be accurate, up-to-date, and relevant to the purpose of sharing. Organisations should take steps to verify the accuracy of information before sharing it to avoid misinformation or errors. 
      6. Data Sharing Agreements: Formal agreements or protocols should be in place when sharing information between organisations or entities. These agreements should outline the purpose, scope, and responsibilities of each party regarding the shared data, as well as measures for data protection and security. 
      7. Data Protection Impact Assessments (DPIAs): DPIAs must be conducted when sharing information involves high risks to individuals' rights and freedoms. This helps organisations assess and mitigate potential privacy risks associated with information sharing activities. 
      8. Legal and Regulatory Compliance: Information sharing should comply with relevant laws, regulations, and industry standards governing data protection and privacy. This includes GDPR, sector-specific regulations, and any contractual obligations related to data sharing. 
      9. Accountability and Transparency: Organisations should be accountable for their information sharing practices and be transparent about how and why information is shared. They should maintain records of information sharing activities and be prepared to demonstrate compliance with data protection requirements.
  4. Using the school's online learning platform(s)
    1. Whenever you use the school's online learning platform(s) systems you should follow these principles:some text
      1. Only access the online learning platform(s) using your own username and password. Do not share your username or password with anyone else.
      2. Do not attempt to circumvent the content filters or other security measures, and do not attempt to access parts of the system that you do not have permission to access.
      3. Do not use the online learning platform(s) in a way that breaches the principles of online behaviour set out above.
      4. Remember that the school monitors use of the online learning platform(s), and that the school can view content accessed or sent via its systems.
  5. Passwords
    1. Passwords protect the School’s online learning platform(s) and are your responsibility. 
    2. Passwords should not be obvious (for example "password", 123456, a family name or birthdays), and nor should they be the same as your widely-used personal passwords. 
    3. Create passwords which are strong, using numbers, varied cases and symbols. Consider using acronyms and mnemonics. Ensure passwords are changed regularly and are not used for multiple sites.
    4. You should not let anyone else know your password, nor keep a list of passwords where they may be accessed, and must change it immediately if it appears to be compromised. 
    5. You should not attempt to gain unauthorised access to anyone else’s computer or to confidential information to which you do not have access rights.
  6. Use of online learning platform(s)
    1. The provision of access to school online learning platform(s) is for official school administration, education and communication. 
    2. Consider the content of messages or posts you make or send. Appreciate that other people may have different views from your own. Use of strong language, swearing or aggressiveness, is not allowed.
    3. Do not open email attachments unless you have received them from someone you know and trust. You must be aware of the dangers of phishing and consider these and other internet security risks whenever using school hardware and software.  This remains the case even when dealing with files from a trusted sender. All attachments may present a risk and must be treated with some caution especially if unexpected or unusual.  It is better to seek advice prior to opening if in doubt. 
    4. Do not disclose personal information including passwords to other users.
    5. Do not use programs in a way that harasses, harms, offends or insults others.
    6. Ensure that personal accounts are signed out completely before leaving equipment for others to use.