Pupil Progress and your school (or your child’s School) are responsible for data protection of your (and your child’s) Personal Data in relation to The App, in slightly different ways.
In terms of data protection legislation, the School is called the “Data Controller” and Pupil Progress is called the “Data Processor”. What this means is that the Personal Data that The App uses is held by the school, and then the School has contracted with Pupil Progress to provide The App service and has shared the data with Pupil Progress (after fully assessing Pupil Progress’s data protection policies and processes) for that purpose. Pupil Progress only uses your (and your child's) data for the purpose of providing The App Service.
Broadly speaking, this means that the School is responsible for providing appropriate, accurate and up-to-date data to Pupil Progress which they have a lawful right to share, and Pupil Progress are responsible for using this data appropriately.
Both Pupil Progress and the School must keep your (and your child’s) data safe and secure at all times, and both must act within all data protection legislation at all times.
Where Schools have decided to activate The App following their data protection assessment as part of their responsibilities as Data Controller, they will then authorise Pupil Progress to configure The App for the school, set up Parental User and Student User accounts, and provide login details.