Website Data Policy
The way users’ data are handled by organizations that receive data from users, particularly digitally, has been the subject of much controversy in recent years, and in response the European Union (EU) has adopted into law guidelines assuring users’ rights over their online data. These guidelines, now the law for any organization that collects data of any EU citizen, whether located in the EU or not, are called the “General Data Protection Regulation (GDPR)”. At KPPCS we gather a minimal amount of data from visitors to our school website, and we are not interacting with the EU. However, we feel that it is best practice to have in place a policy on how such data will be handled, which will also meet the requirements of the EU GDPR.
While Kona Pacific PCS will rarely if ever collect data on any EU citizens unless they are for some reason living in Hawaii, with their children either dual citizens of the EU and US, guest students from the EU, etc., we totally agree with the EU / GDPR principles of Privacy by Design (PbD) including minimizing data collection and retention, and gaining consent from consumers when processing data.
The only data we will collect on our school website is required student and parent enrollment information, personally-identifiable information (PII) related to website purchases (e.g., school shirts) and the receiving of fees and gifts, and similar data.
We will never share any data we gather.
1. We will minimize the data we collect (especially PII) from our students, parents, and others who access our website.
2. We won't share this data.
2. We won't retain personal data beyond its original purpose.
3. In compliance with FERPA, we already give students and parents access and ownership of student records. We will also give others who access our website and leave PII access and ownership of their data, including the “right to be forgotten” (i.e., have their data permanently removed when they are no longer connected with the school).
Date Originally Adopted: 10/29/2020