Terms and Conditions for Code Editor for Education
- Introduction
- Code Editor for Education (CEFE) gives added classroom management functionality to Raspberry Pi Account holders who are teachers in schools.
- CEFE is designed for formal educational institutions responsible for the education of young people (such as schools and formal further education institutions). For safeguarding reasons, all registrations are subject to a manual verification process and we reserve the absolute right to accept or reject an application to register.
- You will need a Raspberry Pi Account to access CEFE. Access is managed through Raspberry Pi Accounts.
- CEFE is part of the Raspberry Pi Foundation’s Code Editor platform.
- CEFE will allow you to set up student accounts on behalf of students at your school, monitor their use of the platform, give live feedback and keep their projects.
- IMPORTANT Where you are an Owner you are agreeing to these terms on behalf of the school named by you in the registration process (the School).
- Your agreement to these terms
- By using the site you agree to be bound by these terms and conditions, including the following terms:
- Terms & Conditions for Raspberry Pi Accounts; and
- CEFE Data Processing Agreement
- The Terms form a legal contract between you and us regarding your use of the site. If you do not agree to the Terms you may not use the site.
- Any new features or tools which are added to the current platform shall also be subject to the Terms.
- You can review the most current version of the Terms at any time on this page. We reserve the right to update, change or replace any part of these Terms by posting updates and/or changes to our website. It is your responsibility to check this page periodically for changes. Your continued use of or access to the site following the posting of any changes constitutes acceptance of those changes.
- Where you are an Owner you hereby warrant that you are authorised to agree to these terms on behalf of the School.
- You have authority to set up student accounts on behalf of students at the School. These student accounts are specific to your School account.
- You are responsible for the use of student accounts. In particular, you are responsible for procuring compliance by students of these Terms (including, for the avoidance of doubt, the Acceptable Use Policy).
- Any failure to comply with these terms by you or by students users may result in action taken against your Raspberry Pi Account and/or your school or students’ accounts.
- It is your responsibility to ensure that any use of CEFE is in accordance with any internal policies and practices in place at your School.
You agree on behalf of the School that:
- By using the site you agree to be bound by these terms and conditions, including the following terms:
- Disclaimer of Warranty
- You acknowledge that you are using CEFE at your own risk. CEFE is provided "as is," and, to the extent permitted by law, the Raspberry Pi Foundation hereby expressly disclaims any and all warranties around fitness for purpose or the accuracy or completeness of any information contained therein or provided by us. We provide no statement or warranty that CEFE will be uninterrupted or that there will be no failures, errors or omissions or loss of transmitted information.
- Limitation of Liability
- To the extent permitted by law, the Raspberry Pi Foundation shall not be liable to you or any third parties for any direct, indirect, special, consequential or punitive damages of any kind, regardless of the type of claim or the nature of the cause of action.
- Protection of personal data
- If any personally identifiable information is provided to us as part of CEFE then the terms of the CEFE Data Processing Agreement in the Annex shall apply.
- Please refer to our Privacy Policy for more information on how we will manage and process personal information.
These Terms were last updated on 17 June 2024
Annex - CEFE Data Processing Agreement
- Parties
- This Data Processing Agreement (DPA) is between the School (as defined above) and the Raspberry Pi Foundation.
- Definitions
- For the purposes of this DPA, the following words and expressions shall be defined as follows:
- Student Account Users means the learners for whom student accounts are created by the School.
- Student Account User Data means the data provided by the Controller to the Processor as part of its use of the Platform as set out in Schedule 1.
- User means a user of the Platform.
- Controller means the School.
- For the purposes of this agreement, “Data Subject”, “Data”, Personal Data and “Personal Data Breach” shall have the meanings given to those terms in the UK Data Protection Legislation from time to time;
- Data Protection Legislation means any applicable UK Data Protection Legislation, European Union legislation relating to personal data, and all other internationally equivalent legislation and regulatory requirements relating to the use of Personal Data (including, without limitation, the privacy of electronic communications);
- Data Subject Request means a request made by a Data Subject to exercise any right(s) of Data Subjects under Data Protection Legislation in relation to any of the Shared Personal Data or concerning the processing of such data;
- Platform means CEFE.
- Processor means Raspberry Pi Foundation.
- UK International Transfer Addendum means the International Data Transfer Addendum issued by the Supervisory Authority of the United Kingdom under s.119A(1) of the UK Data Protection Act 2018, incorporated into this Data Sharing Agreement by reference.
- For the purposes of this DPA, the following words and expressions shall be defined as follows:
- Compliance with legislation
- The parties will comply with all applicable requirements of the Data Protection Legislation. This clause is in addition to, and does not relieve, remove or replace, a party's obligations under the Data Protection Legislation.
- Description of the Processing
- The parties agree that the table in Schedule 1 sets out the scope, nature and purpose of processing by the Processor, the duration of the processing and the types of Personal Data and categories of Data Subject.
- Obligations of the Controller
- The School agrees and warrants that it shall comply with the Data Protection Legislation and applicable data protection guidelines under which it operates.
- RPF agrees and warrants that it shall
- process that Personal Data only in accordance with the terms of this agreement or otherwise on the written instructions of the Controller, unless the Processor is required to do so by law in which case the Processor shall notify the Controller of this in advance (unless prohibited by law from doing so);
- implement appropriate technical and organisational measures to protect against unauthorised or unlawful processing of Personal Data and against accidental loss or destruction of, or damage to, Personal Data as set out in Part B of Schedule 1;
- if required, assist the Controller, at the Controller’s cost, in responding to any request from a Data Subject;
- notify the Controller without undue delay on becoming aware of a Personal Data breach;
- if required to do so by the Controller (in writing) and acting reasonably, delete or return Personal Data and copies thereof to the Controller following termination of the agreement unless required by law to store the Personal Data (and subject to clause 7 below).
- Retention of teacher-student interactions for safeguarding reasons
- Records of any communication given by you to Student Account Users and interactions with Student Account Users given via the Platform will be retained indefinitely for legal and safeguarding reasons. This includes (but is not limited to) feedback, lesson and project content shared with Student Account Users.
- Indemnity
- The School indemnifies RPF for all liabilities, damages, and losses arising from either a breach by the School of this DPA, or from the School’s failure to comply with applicable laws.
- International Data Transfers
- The Standard Contractual Clauses are hereby incorporated into this DPA by reference. They shall be deemed to be executed on the same date as this DPA, and execution of this agreement shall be deemed to be the execution of the Standard Contractual Clauses. The information contained in Parts A and B of Schedule 1 to this agreement shall be deemed to be incorporated into Annex I and Annex II of the Standard Contractual Clauses.
- The Standard Contractual Clauses shall apply:
- where either Party transfers any Shared Personal Data that originated in the European Union (EU), or relates to data subjects located in the EU, to the other Party where that other Party is located outside the European Economic Area (EEA) and is located in a country that has not received a finding of adequacy from the European Commission; and
- as amended by the United Kingdom International Transfer Addendum, where either Party transfers any Shared Personal Data that originated in the United Kingdom, or relates to data subjects located in the United Kingdom, to the other Party where that other Party is located outside the United Kingdom and is located in a country that has not received a finding of adequacy from the UK Government.
Schedule 1
Part A: Description of Transfer
- Description of Transfer
Categories of data subjects Users and Student Account Users of the Platform Categories of personal data transferred Names of adults and young people
Usernames of young people
Email addresses of adultsThe frequency of the transfer (e.g. whether the data is transferred on a one-off or continuous basis). Transfer will initially happen on a once-off basis, however, the Controller may decide to make transfers on a continuous basis. Nature of the processing The creation, storage, and maintenance of unique Users and Student Account Users on the Platform within the School environment. Purpose(s) of the data transfer and further processing To allow Users and Student Account Users to use the Platform within the School environment. Period of data retention For as long as required to achieve the purpose as determined by the Data Controller subject to legal obligations and applicable laws.
The Processor's Retention Policy is set out in section 5 of the Privacy Policy, which shall apply in the absence of specific instructions from the Controller. - Competent Supervisory Authority
The applicable supervisory authority is the United Kingdom’s Information Commissioner’s Office in all cases, other than those where the Party transferring the data is located in:
- in the European Union, in which case the competent supervisory authority is the Data Protection Commission of the Republic of Ireland; or
- in India, in which case the competent supervisory authority is the Indian Data Protection Board.
Part B: Technical and Organisational Measures to Ensure the Security of the Data
The Controller and Processor both undertake to have in place appropriate technical and organisational security measures to:
- prevent
- unauthorised or unlawful processing of the Shared Personal Data; and
- the accidental loss or destruction of, or damage to, the Shared Personal Data.
- ensure a level of security appropriate to:
- the harm that might result from such unauthorised or unlawful processing or accidental loss, destruction or damage; and
- the nature of the Shared Personal Data to be protected.
Part C: How to contact us with your data-related questions
Please get in touch with any questions, comments, or instructions regarding your information by writing to dataprotection@raspberrypi.org or by post to:
- Data Protection
- Raspberry Pi Foundation
- 37 Hills Road
- Cambridge
- Cambridgeshire
- CB2 1NT
- United Kingdom