Security

Who is your cloud server service provider and where do you store our data?

eyworks apps are backed by AWS Cloud Infrastructure. We host customer data in the London Data Center distributed across multiple Availability Zones.
Our Infrastructure is built over multiple availability zones and is designed in line with Amazon’s “Well Architected” Security principles to ensure that we achieve maximum security and performance from their environment. This is backed up by Amazon’s 99.99% uptime service level agreements to ensure that the platform is highly available.

How is our data transferred from the tablet to your servers and to our parents and how is this protected?

All communication between the tablets/servers/browsers is through HTTPS and encrypted using industry grade SSL Certificates which encrypt data in transit using SHA-256 & RSA hashing algorithms. You will see the green bar in the browser indicating HTTPS (encrypted) communication.

Will our children's details (name/photo) appear on Google's search results?

No, the names of children/practitioners, etc. are all stored in secure databases which are not accessible to any search engine. All access to nursery data is protected by user IDs and passwords preventing any search engine from crawling them.

How long is the data of the children stored?

When a child leaves the nursery, you have the option to make their profile inactive.
On eylog once a child profile is made inactive, it is moved to the inactive child list and becomes read-only meaning you cannot add any new content such as observations or daily diaries. 60 days after the profile has been made inactive, all media associated with this child will be deleted. Anytime before the profile is deleted, you (and the parents depending on your system settings) can download the entire learning journey, accident sheets, medicine forms, etc to keep a back up. We also offer special, paid formats of the learning journey such as download links and mugs in eymemories!
Inactive eymanage profiles are retained indefinitely unless you specifically request us to delete them. This is done so as to maintain the historical financial data which is required for some nurseries for reporting & legal purposes.

Is our data backed up?

Yes, all data is regularly backed-up by the AWS automatic backup mechanism. The backups are incremental so that they can be restored to a point in time if any disasters happen that results in data loss. There are a fixed number of previous backups saved at any given point in time and the older ones are over-written as new back-ups are created. Access to these back-ups are available only to the core team.

Are you GDPR Compliant?

Yes, eyworks apps for nurseries are compliant to the extent required on or before 25th May 2018 and will continue to comply on an ongoing basis. You can learn more about eyworks and GDPR at www.eyworks.co.uk/gdpr

Do you offer a Data Processing Addendum (DPA)?

Yes, eyworks offers a Data Processing Addendum (“DPA”) in which we commit to protect your data in accordance with GDPR. A signed copy of the DPA can be received by emailing to dpo@eyworks.co.uk.

Do you have any accreditations in relation to Data Security?

To provide world-class security and we ensure our platform meets key industry standards. eyworks is certified against IASME standards for Information & Cyber Essentials backed by the UK Government. Additionally our service provider AWS is ISO 27001, 27017 and 27018 certified. We monitor our infrastructure using external and internal vulnerability scanning. We perform regular audits and security assessments with independent and globally recognized security assessment firms.