1.Who we are
The Governance Toolkit is operated by RDT Systems Limited (trading as Choice Voting), a company registered in England (company number 08708849). We are the data controller for the personal data collected through the Toolkit.
- Registered address: Lytchett House, 13 Freeland Park, Wareham Road, Poole, Dorset, BH16 6FA
- ICO registration number: ZA462087
- Contact: [email protected]
2.What data we collect
When you create an account, we collect:
- Your name
- Your email address
- Your school or organisation name
- Your role
- How you heard about us
When you use the Toolkit, we collect:
- Data you enter about your governance board (governor names, skills, terms of office, training records, meeting notes, DBS check status, declarations of interest, etc.)
- Usage data (which tools you use, when you log in, features accessed) via PostHog analytics
We also collect:
- Technical data (IP address, browser type, device information) via server logs and Cloudflare
- Referral source data (UTM parameters, referring URL) to understand how people find the Toolkit
3.How we use your data
We use your personal data to:
- Provide and maintain your Toolkit account
- Store and display the governance data you enter
- Send you important service notices (such as security alerts or terms changes) via Resend
- Understand how the Toolkit is used so we can improve it (via PostHog analytics)
- Understand where our users come from (marketing attribution)
- Protect the service from abuse and security threats (via Cloudflare)
We do not:
- Sell your personal data to anyone
- Share your data with advertisers
- Send you marketing emails unless you have opted in
- Use your governance data for any purpose other than providing the Toolkit service
4.Lawful basis for processing
We process your personal data on the following legal bases:
- Contract: Processing your account data and governance data is necessary to provide you with the Toolkit service (Article 6(1)(b) UK GDPR)
- Legitimate interests: Processing usage analytics and technical data to improve and secure the service (Article 6(1)(f) UK GDPR). Our legitimate interest is maintaining a reliable, secure, and improving service. We have assessed that this processing does not override your rights and freedoms, particularly as we minimise the data collected and do not use it for profiling or marketing
- Consent: Marketing communications are only sent where you have opted in (Article 6(1)(a) UK GDPR). You can withdraw consent at any time
5.Marketing communications
We will only send you marketing communications about Choice Voting products if you explicitly opt in. You can unsubscribe at any time by clicking the unsubscribe link in any marketing email, or by contacting us at [email protected].
Service notices (security alerts, terms changes, important updates about the Toolkit) are not marketing and may be sent regardless of your marketing preferences, as they are necessary for the performance of the service.
6.Data you enter about others
When you enter personal data about governors (names, skills, contact details, training records, DBS check status, declarations of interest), you are acting as data controller for that data. You are responsible for:
- Having a lawful basis to process that data (typically legitimate interests for governance administration, or a condition under Article 9 of UK GDPR where special category data is involved)
- Informing the individuals concerned that their data is stored in the Toolkit
- Responding to any data subject access requests
We process this data on your behalf as a data processor. We will only use it to provide the Toolkit service to you. See our Data Processing Agreement for full details of our processor obligations.
7.Sub-processors
We use the following third-party services to operate the Toolkit. Each processes limited categories of data on our behalf:
- Vercel Inc. (United States) — Application hosting and deployment. Processes request data and may cache content at edge locations globally.
- Resend Inc. (United States) — Transactional email delivery. Processes email addresses and message content for account notifications, password resets, and service notices.
- Cloudflare Inc. (United States) — DNS, CDN, DDoS protection, and web application firewall. Processes request metadata (IP addresses, headers) at edge locations globally.
- PostHog Inc. (United States) — Product analytics. Processes usage data and anonymised interaction data to help us understand how the Toolkit is used.
Each sub-processor is bound by a Data Processing Agreement. We maintain an up-to-date list and will notify you of any material changes.
8.Where we store your data and international transfers
Our primary application is hosted by Vercel. Sensitive governance data (governor names, contact details, DBS records, declarations of interest, and related records) is encrypted at rest using AES-256-GCM encryption derived from your account password before it leaves your browser. This means our hosting provider and sub-processors cannot read your governance data, even if their infrastructure were compromised.
Some of our sub-processors are based in the United States. Where personal data is transferred outside the United Kingdom, we ensure appropriate safeguards are in place, including:
- The UK Extension to the EU-US Data Privacy Framework, where the recipient is certified
- UK International Data Transfer Agreements (UK IDTAs) or the UK Addendum to EU Standard Contractual Clauses, where applicable
- Data Processing Agreements with each sub-processor
Encrypted governance data is not transferred outside the United Kingdom in readable form. International transfers are limited to operational data (email addresses for transactional emails, request metadata for security and CDN services, and anonymised usage analytics).
9.How we protect your data
We take the security of your data seriously:
- RDT Systems Limited is Cyber Essentials certified
- All data is encrypted in transit (TLS/SSL)
- Sensitive governance data (governor names, contact details, DBS records, declarations of interest, and related records) is encrypted at rest using AES-256-GCM encryption derived from your account password. Your encryption key is never stored on our servers, meaning we cannot read your governance data even if our infrastructure were to be compromised
- Access to production systems is restricted and logged
- We conduct regular security reviews
- Cloudflare provides DDoS protection and web application firewall services
10.How long we keep your data
- Account data: retained while your account is active. If your account is inactive for more than 12 months, we may contact you before deleting it.
- Governance data: retained while your account is active. Permanently deleted within 30 days when you delete your account.
- Server logs and technical data: retained for up to 12 months.
- Marketing attribution data: retained for up to 24 months.
- Analytics data (PostHog): retained for up to 24 months in anonymised form.
- Backup copies: deleted in accordance with our standard backup rotation schedule, which does not exceed 90 days.
11.Your rights
Under UK data protection law, you have the right to:
- Access the personal data we hold about you
- Correct inaccurate data
- Delete your account and associated data
- Export your data in a portable format
- Object to processing based on legitimate interests
- Withdraw consent (where processing is based on consent)
- Restrict processing in certain circumstances
- Lodge a complaint with the ICO
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.
12.Cookies
The Toolkit uses essential cookies to keep you signed in and maintain your session. We do not use third-party advertising cookies.
For full details of the cookies we use, including how to manage your preferences, see our Cookie Policy.
13.Children's data
The Toolkit is designed for use by school governance professionals, not by children. We do not knowingly collect data from anyone under 16. If you believe a child has created an account, please contact us so we can remove it.
14.Changes to this policy
We may update this policy from time to time. If we make material changes, we will notify you via the email address on your account at least 14 days before the changes take effect. The "last updated" date at the top of this page shows when the policy was last revised.
15.Complaints
If you are unhappy with how we handle your data, you have the right to complain to the Information Commissioner's Office (ICO):
16.Contact us
For any data protection queries: