Toddle & PDPL
(Personal Data Protection Law, Kingdom of Saudi Arabia)
- Products
Toddle at a glance
All your assessment needs in one place
Your assessment cycle in one place
Build customised progress reports
Build customized report cards
Track and report student well-being
Be accreditation-ready at all times
From curriculum maps to lesson plans
From curriculum maps to lesson plans
Make learning visible
Keep your entire community in sync
Attendance, timetable, calendar
Save time & elevate practices with your personal teaching assistant
Integrate with your favourite tools
Secure your school’s data
- Explore Toddle for your school
- Solutions
Data Processing Agreement
Toddle offers a Data Processing Agreement to all its users located in the KSA. This Data Processing Agreement is signed at the time of the school’s onboarding with Toddle. You can request a copy of the DPA by writing to privacy@toddleapp.com.
How Toddle Protects Your Data Under PDPL
Lawfulness, Fairness and Transparency
Toddle collects and processes your personal data only for specified, legitimate purposes outlined in our comprehensive Privacy Policy.
Purpose Limitation
We only use your data for the purposes clearly specified in the contract.
Data Minimization
We collect minimal data – only data that we need to provide you with services agreed upon in the contract.
Storage Limitation
Personal data is retained only as long as necessary to achieve the intended purposes specified in the contract.
Confidentiality and Security
We follow industry best practices to ensure that all your data is stored safely and securely. All your data is encrypted at rest and in transit.
Accountability
We are committed to complying with PDPL and maintain records of our data processing activities to demonstrate our adherence to these principles.
Data Breach Notification
In the event of a personal data breach that poses a risk to the rights and freedoms of Data Subjects, Toddle will notify the Data Controller without undue delay, and no later than 24 hours after becoming aware of the breach. We will also support the Data Controller in notifying the relevant authority, SDAIA, within 72 hours, if required.
Data Protection Impact Assessments (DPIAs)
We support Data Controllers in conducting DPIAs for processing activities that may pose high risks to Data Subjects' rights and freedoms.
Data Transfers
Our customers have the flexibility to choose where their data is hosted, with options including Australia, Ireland, Singapore, United Arab Emirates, and United States of America. All transfers of personal data to these data centers are conducted in strict accordance with the contract signed with the Data Controller and in full compliance with the requirements of the Personal Data Protection Law (PDPL).
Parental Consent
Toddle collects user data after receiving their consent. Schools are responsible for obtaining verifiable parental consent for using Toddle for children below the age of 13. If you come across an instance where Toddle is collecting information from a student without parental consent, please contact us immediately at privacy@toddleapp.com. Schools can download a sample of the Parental Consent form from here.
Your Rights Under PDPL
Right to Access
You can reach Toddle at any time to see a summary of all your personal data being processed along with the related processing activities.
Right to Correction, Updation & Completion
Toddle respects your right to have accurate and complete information. If you find that any personal data we hold is inaccurate, incomplete, or needs updating, you can request its correction, updation, or completion by contacting privacy@toddleapp.com. Users can also update their information from the Profile sections on the platform and the applications.
Right to request Destruction
If you no longer wish to use Toddle’s services and want your data deleted from our records, please contact our team, and we will delete all of your information from our records unless we are legally required to retain certain data.
Right to Restrict Processing
If you wish to limit how your personal data is processed, please reach out to our team. We will implement the necessary restrictions on processing your data in accordance with PDPL requirements.
Right to Obtain
You can request a copy of your personal data in a structured, commonly used, and machine-readable format. We will facilitate the transfer of your data.
Right to Withdraw Consent
If processing is based on your consent, you have the right to withdraw that consent at any time. Simply contact us or the Data Controller, and we will cease processing your data as per your request.
Right to Be Informed
You have the right to be informed about how your personal data is being collected, used, and processed. Toddle ensures full transparency in all data-related activities.
Contact
If you have any questions about your personal data, or if you would like to exercise any of your rights under PDPL, please contact our Data Protection Officer, Anshul Chauhan, at privacy@toddleapp.com.
