Privacy Policy
East Side Middle School (“we,” “our,” “us”) is firmly committed to safeguarding the privacy and protection of personal data collected through our website, eastsidemiddleschool.com. This Privacy Policy outlines the types of information we collect, our purposes for processing personal data, and the rights and choices available to individuals, ensuring full compliance with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other applicable data protection laws.
1. Commitment to Privacy and Data Protection
At East Side Middle School, we recognize privacy as a fundamental right and are committed to handling personal data with care, transparency, and accountability. We strive to adopt best practices in protecting the confidentiality, integrity, and availability of personal information collected through our online services, especially considering the sensitive nature of our educational environment.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of the eastsidemiddleschool.com website and its related services. East Side Middle School functions as the “Data Controller” under GDPR and as a “Business” under the CCPA with respect to any personal information provided by you or collected through our site.
This Policy governs all processing of personal data collected through our website and related online platforms, regardless of the medium by which users interact with us.
3. Categories of Data Processed
We may collect and process the following categories of personal data:
a. Usage Data
Includes: Internet Protocol (IP) addresses, browser type and version, time zone setting, browser plug-in types, device identifiers, operating system and platform, visited pages, session duration, and navigation patterns.
Purpose: To analyze traffic, detect fraud or abuse, enhance user experience, and manage our website’s performance and functionality.
b. Account Data
Includes: Names, physical addresses, email addresses, phone numbers, and other contact information you provide when registering for an account, filling out forms, or subscribing to our communications.
Purpose: To manage user accounts, provide services, and communicate important notifications.
c. Profile Data
Includes: User preferences, interests, class selections, volunteer registrations, behavior patterns, and interaction with school services.
Purpose: To deliver personalized content and services tailored to your preferences.
d. Communication Data
Includes: Records of correspondence, support tickets, inquiries submitted through contact forms, feedback, or other communication history.
Purpose: To respond to inquiries, provide customer support, and administer feedback processes.
e. Technical Data
Includes: Device type, hardware model, network information, software settings, screen resolution, and system configurations.
Purpose: To ensure compatibility, optimize site performance, and troubleshoot technical issues.
f. Transaction Data
Includes: Payment history, billing address, financial identifiers (processed securely via third-party vendors), and delivery or enrollment details when applicable.
Purpose: To manage tuition, enrollments, events, donations, or purchases made on the site.
g. Preference Data
Includes: Marketing and communication preferences, subscription choices, frequency and type of communications received, and expressed interest in school programs or activities.
Purpose: To manage newsletters, event invitations, and promotional content in accordance with user preferences.
4. Legal Bases for Processing
We collect and process your personal data under the following lawful bases:
– Consent: Where you have given explicit consent for one or more specific purposes.
– Contract: When data processing is necessary for the performance of a contract with you, such as participating in programs or accessing school services.
– Legitimate Interest: When it is in our legitimate interest and your fundamental rights do not override those interests (e.g., analytics, security, fraud prevention).
– Legal Obligation: When processing is required by applicable law or regulation.
5. Your Rights
Under data protection laws including the GDPR and CCPA, you have the right, subject to certain limitations:
– Access: Request confirmation as to whether we process your data and obtain a copy.
– Rectification: Have your personal data corrected or completed if inaccurate or incomplete.
– Erasure: Request deletion of your personal data when there are no overriding legal grounds.
– Restriction: Restrict the processing of your personal data under certain conditions.
– Portability: Receive your personal data in a structured, commonly used format or transmit it to another controller where technically feasible.
– Objection: Object to certain types of processing, including direct marketing or processing based on legitimate interest.
California residents may also request:
– Disclosure of categories and specific pieces of personal information collected.
– Information about sources, purposes, and third parties with whom information is shared.
– A right to opt-out of the “sale” of your personal information (note: East Side Middle School does not sell personal data).
Requests may be submitted by email to: [email protected]. We may verify your identity through reasonable means before fulfilling a request.
6. Security Measures
We implement rigorous technical and organizational safeguards to protect your data, including but not limited to:
– End-to-end encryption of data transmissions
– Role-based access controls with identity authentication
– Firewall-protected servers and intrusion detection systems
– Regular security audits and vulnerability assessments
– Staff training in data privacy and cybersecurity
– Encrypted storage and secure backup protocols
7. International Transfers
Your personal data may be transferred to and stored in jurisdictions outside your own, including locations with different data protection standards. Where applicable, we ensure such transfers comply with GDPR by implementing standard contractual clauses or verifying adequacy decisions. We take additional measures to ensure privacy and security in line with regional compliance obligations.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Policy, unless a longer retention period is required by law. Specific retention periods include:
– Usage and Technical Data: 24 months from last site visit
– Account, Profile, and Communication Data: For as long as the account remains active or until required by law
– Transaction and Payment Information: 7 years for accounting and tax compliance
– Preference Data: Until consent is withdrawn or no longer relevant
Upon expiration of retention, data is securely deleted or anonymized.
9. Cookie Policy
Our website uses cookies and similar technologies to enhance user experience and provide essential site features. Categories of cookies include:
– Essential Cookies: Enable core functionality such as security, authentication, and accessibility.
– Functional Cookies: Store user preferences and site settings.
– Analytics Cookies: Track website usage, performance, and trends using anonymized identifiers.
– Performance Cookies: Measure service quality, speed, and responsiveness.
Cookies may come from first-party (eastsidemiddleschool.com) or third-party sources (e.g., analytics partners).
10. Cookie Management and Compliance
By using our website, you consent to the use of cookies in accordance with this policy. You may update or revoke consent at any time by adjusting your browser settings or using our Cookie Preference Center (if available). Under GDPR and CCPA, you may disable optional cookies or opt out of data collection via browser tools or by contacting us at [email protected].
11. Special Protections for Children Under 13
We recognize the importance of protecting children’s privacy. Our website is designed for educational purposes and is not intended for children under the age of 13 without parental or guardian consent. Personal data from minors is collected only with appropriate safeguards and in compliance with the Children’s Online Privacy Protection Act (COPPA). Parents or guardians may review, amend, or request deletion of a child’s information by contacting us directly.
12. Policy Updates & Notifications
We may revise this Privacy Policy as legal or operational requirements evolve. Updated policies will be published on eastsidemiddleschool.com. Where material changes occur, we will take appropriate steps to notify users, which may include website banners, account notices, or email alerts, where applicable.
Users are encouraged to review this Privacy Policy periodically to remain informed about how we collect and protect their personal information.
13. Contact Us
For any privacy-related inquiries, data access requests, concerns, or complaints, please contact us at:
East Side Middle School
Email: [email protected]
Website: eastsidemiddleschool.com
We are committed to responding promptly and responsibly to all requests and inquiries related to privacy and data protection.
We take our responsibilities seriously and endeavor to maintain full compliance with the GDPR, CCPA, and other local data protection regulations. Please contact us at [email protected] if you have any questions or require any clarification regarding your data privacy.