E-learning Studios takes its obligations in protecting the privacy and personal information of employees, contractors and users very seriously. Employees and contractors’ agreements are bound by the prevailing public data and privacy legislation for the countries in which they operate.
Multi-tenant public cloud services such as those managed by E-learning Studios and its subsidiaries raise complex privacy questions, with trust high on the list. Customers will only use services they trust. If you invest in a cloud service, you must be able to trust that the privacy of your information will be protected and that your data will only be used in a way that is consistent with your expectations. We have a contract with your employer that ensures this and is covered by our Terms & Conditions, Acceptable Usage Policy and Article 30 GDPR Compliance documentation.
Our systems are hosted exclusively by Microsoft and you can find out more about their security and privacy policies here: https://azure.microsoft.com/en-gb/support/legal/
You own your own data.
We define customer data as all data, including text, sound, video or image files and software, that is provided to E-learning Studios by you, or on your behalf, through your use of our systems. For example, it includes data that you upload for storage or processing and applications that you or your end users upload for hosting on our systems.
You can access your customer data at any time and for any reason without assistance from E-learning Studios. We will use your customer data only to provide the services agreed upon, including purposes that are compatible with providing those services. We will not use customer data or derive information from it for commercial gain outside of our direct relationship.
We give you authenticated and logged access to your customer data, and restrict access to it by E-learning Studios personnel and subcontractors. We also take strong steps to protect your customer data from inappropriate use or losses, and to segregate your customer data on shared hardware from that of other customers.
You are in control of your data.
Because the customer data you host with us belongs to you, you have control over where it is stored and how it is securely transferred and deleted.
Our commitment to the privacy of your customer data is backed by our use of Microsoft's Azure hosting platform and its adoption of the world's first international code of practice for cloud privacy, ISO/IEC 27018. The British Standards Institute has independently verified that Azure is aligned with the ISO 27018 code of practice for the protection of personally identifiable information in the public cloud. Adherence also provides transparency about our policies regarding the return, transfer and deletion of personal information you store in our data centres.
How we respond to government and legal requests to access data.
E-learning Studios believes that customers should control their own data, whether stored on their premises or in a cloud service. We will never disclose Azure customer data to a government, except as directed by you or where required by law.
When governments make a lawful demand for Azure customer data from Microsoft, we are principled, limited in what we disclose and committed to transparency. Altogether, this adds up to the following:
• we do not provide any government with direct or unfettered access to customer data. We release only specific data mandated by the relevant legal demand.
• If a government wants customer data – including for national security purposes – it needs to follow the applicable legal process, meaning that it must serve us with a court order for content or a subpoena for account information. If compelled to disclose customer data, we will promptly notify you and provide a copy of the demand, unless legally prohibited from doing so.
Obtaining more information and support
If you need more information about how your data is gathered, stored and used please contact E-learning Studios’s Data Protection Office, Nitin Thakrar at firstname.lastname@example.org
Data Protection Officer