WerAreWe Ltd. acts as a “data processor” (a term defined in UK law) on behalf of your school.
Your school is what’s known as the “data controller.”
Schools enter into a contract with WerAreWe to use our software to help improve pupil safety. In order to do this, they have to confirm to us that they have your permission to store data about you and your fellow pupils.
This data is normally:
- Your name
- Your email address
- Your year group
- Your current location, (out of a list of named locations your school sets up)
- Your location history for such period of time as the school decides it needs
- Whether you are using WerAreWe through our webapp, or an app for your phone / tablet. [We need this to determine which features are available to the school in terms of them being able to contact you in an emergency / live security threat.]
In some cases, this data additionally includes:
- Your mobile phone number (we do not “autodetect this”, but some schools prefer to store the information in a part of the WerAreWe system that staff have access to.)
- A profile photo, uploaded by a member of your school staff, to help staff recognise you. (This photo is not visible to you or other pupils.)
- Accounts are created for you (and edited / deleted) by a member of your school staff. Our platform automatically allocates you a random password, which is sent to you by email. You can change this password. Neither we, nor your school staff have access to this password through our platform. [It is possible that your school might have access to all email sent to a school email system, though.]
You should be aware that, because your school has this location history for many pupils, they can use WerAreWe to carry out “contact tracing”, to see who has been in the same location as whom at different times.
Because schools set their own list of locations, only visible to the school, it’s not possible for us to generate “contact tracing” reports across multiple schools.