AllYearbooks Limited Privacy Policy

Note: please also see our Terms of Use
Last updated: 8th April 2019

What is GDPR?

The GDPR is the General Data Protection Regulation which will replace the Data Protection Act. Its purpose is to ensure that organisations have strict polices and practices in place for managing and handling personal data. We have conducted a full audit and updated our privacy policy to include some additional information.

At AllYearbooks Limited, considering the nature of the service we offer, we take privacy concerns extremely seriously. Customers who have specific privacy concerns or GDPR questions are encouraged to speak to a member of the AllYearbooks staff by phone or email.

You can view further information on GDPR on the Information Commissioner's Office (ICO) website.

AllYearbooks Limited is registered with the ICO as required since 16th June 2006 registration number Z861788X.

We still to continue to follow good practice as we have always done:

  • Use personal information fairly and lawfully
  • Collect only the information necessary for the specific purpose
  • Ensure it is relevant, accurate and up to date
  • Only hold as much as you need, and for as long as you need it
  • All the subject of the information to see it on request and
  • Keep it secure

We have outlined below how we will endeavour to comply with GDPR.

Information and who we are

For the purpose of data protection laws, AllYearbooks Limited, company registration - 5137269. Our registered address is The Colour Laboratory, Lelant, St Ives, Cornwall, TR26 3HU is the data processor. Our role is to keep your data safe and provide a platform to do so leaving you the control of the overall project.

Why do you collect information from me?

The information that you provide to us is in order for us to allow you to create yearbooks, we will not be selling, leasing or sharing your data with anyone other than those involved in producing your yearbook. However, the information we provide is critical for your order.

During your yearbook journey you will receive emails from our customer support team, as well as our prompt emails which are sent out to try and keep you on track – for these emails there is always a way for you to unsubscribe, in which we will remove you from our mail list and if you are an editor in the book we will remove you also. If you have a preference of how you would like to be contacted please just let us know.

Anytime you are using the site and you are uploading images or anything to our site we use Secure Socket Layer technology – which in short is standard technology for keeping an internet connection secure and safeguarding any sensitive data. Using SSL technology ensures all data sent between the web server and the browser remains encrypted. This can be identified by the little padlock and the word secure in the browser bar – if you click this you will see – Connection is secure. Along with some options for settings and to see further information about cookies.

How do we use cookies?

We use cookies to provide and improve our services, by using our site, you consent to cookies.

Where is data stored securely?

We take active measures to secure your data. Our servers are hosted in the UK by Microsoft and all data is fully encrypted in transit and in storage. Email correspondence may be stored outside of the EU however we ensure this is transferred securely.

How long is data stored?

We hold your contact information on our CRM internally from the point you are a customer with us, the data that we save is your name, school name, email address of our contact and our correspondence with you whilst you have been a customer. This information relates to the editors and teachers who organise the book. Not the non-editorial students. (Except where those students may be discussed by teachers or editors in emails and other correspondence).

With reference to your yearbook anything that is uploaded will be locked from the point of being sent to print.

Once your yearbook has been printed (or abandoned) we will keep all the information online for that yearbook for the following academic year – in case of that information and ideas from it would be useful. Following that (up to 6 months longer) your yearbook and all the information in it will be deleted from our servers. In addition, we keep backup copies of your information in our offices to refer to previous yearbooks.

Each year we have a transition period this is in September in which we remove data. We keep a copy of your yearbook cover should you wish to use the same design again for the following year.

All yearbook images, text and data is deleted at the transition period.

Do we use third parties?

We use a third party to print our yearbooks, we have been working with this company for over 10 years so we do see them as an extension of our team. We have in place with them a File Storage and Privacy Policy which outlines how files will be stored and the security and confidential measures that are put in place to keep PDF files safe. We also have a Non-Disclosure agreement which outlines the printing purpose.

The information shared with our printers, is name, delivery address and the yearbook PDF.

We use a third party for payment management, the information shared with stripe is to collect payments to fulfil financial payments securely.

The website uses Sendgrid to fulfil mail services.

The other third parties that we use are Olark, for our website chats, Google Analytics are used to collect details of visitor behaviour patterns, we do this to find out things like how many visitors visit the site and to focus on user experience. The information is not used to identify anyone.

Can I be deleted, the right to be forgotten?

As part of GDPR everyone now has the right to be forgotten, if you do have a member in the yearbook that following printing would like to be forgotten please do call us to discuss how we can deal with your specific request, we will endeavour to do this in a timely fashion. We do keep copies of information for backup purposes.

Data processor

We are the data processor our role is to provide a platform for you to design and create a yearbook, we have a fantastic team of yearbook advisors here to help. Any information you collect you can upload via the system. Included in our terms of use - we include information on member conduct, we have different access set up for different levels of interaction within the site. Each of these levels of functionality are built in to give you full control when creating your yearbook – in the General Settings tab in your yearbook you can see what options you have that you can switch back on that are by default switched off for all new accounts as of 15th June 2018.

What is OK to include?

Creating a yearbook is fun, and can still involve all students, we are here to help and if you have any questions please do get in touch. We offer help in the profile questions section of the yearbook designer and on our blog to make creating your yearbook easy and as hassle free as possible.

As the data controller it is up to you what you would like to include, you can decide. If you have any questions then please call us and we can do our best to advise perhaps on what other schools and PTA’s are doing.

Hopefully we have answered any questions you have, however If you do have any specific questions please do send them to rebecca@allyearbooks.co.uk.