School Agreement And Data Processing Terms

Last updated: 5 June 2026

These school-specific terms apply when a school, teacher, school administrator, system, diocese, network or similar education organisation uses Daily Maths Review for school-managed students, school-managed classes, school trials, paid school plans, school reporting or student seats.

During the public beta, public school payments are disabled. School plan, DMR Testing, Live Review, export and advanced reporting buttons may route to register interest or pilot contact, but they must not start Stripe Checkout, an app-store purchase or a billing portal unless a later deployment explicitly enables payments.

They sit alongside the Terms of Use and Privacy Policy. If a signed school agreement, purchase order, privacy addendum or data processing agreement says something different, the signed document controls for that school to the extent of the conflict.

1. School Consent Authority

The school confirms that it has authority to use Daily Maths Review for its classes and students. This includes any notices, parent or carer communications, consents, staff approvals, procurement approvals and lawful basis required by the school, education department, sector policy or applicable law.

The school is responsible for deciding which staff may create classes, invite students, assign work, view student progress, export data or manage billing. A person who buys or activates a school plan confirms they are authorised to act for the school.

The school should not enter student information that is not needed for the educational use of Daily Maths Review. School-managed student records should use first names, initials, nicknames or classroom names. Unless a reviewed workflow specifically requires it, do not enter student email addresses, parent email addresses, exact birth dates, home addresses, phone numbers, location, health information, government identifiers, photos, audio, video, raw answer content or other sensitive information.

Daily Maths Review will not offer public student discovery for school-managed records. Parent-side student search, public student profile URLs, roster lookup, autocomplete, student email lookup and existence confirmation are not permitted. Parent-school linking must use school-approved request workflows and parent-safe views only.

2. Permitted Educational Purpose

Daily Maths Review may process school-managed student data only for the permitted educational purpose of providing and supporting maths review, practice, assignments, tests, progress records, class planning, student participation, teacher reporting, school administration, billing, security, reliability, support and legally required records.

Daily Maths Review may also use de-identified, aggregated or statistical information to understand reliability, activity coverage, feature usage, curriculum coverage and product quality, provided it does not identify a student, teacher or school.

Daily Maths Review will not sell school-managed student data, use it for student advertising, add student accounts to marketing lists, reuse it for marketing, build unrelated student profiles, or use identifiable school-managed student data to train general artificial intelligence models without the school's written instruction or consent. In short: no marketing reuse of school-managed student data.

3. Student Data Ownership And Control

The school controls school-managed student data. Daily Maths Review does not claim ownership of student names/initials, class membership, assignments, attempt metadata, correctness, progress, test records, teacher-entered class information or exports supplied by or generated for the school.

The school gives Daily Maths Review permission to host, process, copy, transmit, display, back up, secure and analyse school-managed student data only as needed for the permitted educational purpose, service operation, support, safety, security, legal compliance and agreed retention.

Daily Maths Review owns the platform, code, design, templates, question systems, activity registry, reports, generated activity structures and service materials, but that ownership does not transfer ownership or control of school-managed student data.

4. Student Data Boundaries

  • School-managed student data is separate from teacher marketing, parent marketing and general website promotion.
  • Parent or independent student accounts do not automatically receive access to school-managed student data.
  • School-managed student records should be viewed only by authorised school staff, authorised school administrators, the relevant student where applicable, and Daily Maths Review support or technical staff who need access to provide the service.
  • Daily Maths Review may disclose school-managed student data to service providers listed in the Privacy Policy, to a replacement provider at the school's instruction, where required by law, or where needed to protect students, schools, users or the service from harm.

5. Staff Access And Removal

The school is responsible for adding, reviewing and removing school staff access. Staff accounts must not be shared. When a staff member leaves the school, changes role, no longer teaches the class, or should no longer see student data, the school must remove or request removal of that access promptly.

If the school cannot remove access using available account tools, it should contact Daily Maths Review through the contact page. Daily Maths Review will take reasonable steps to help remove or limit access after verifying school authority.

6. Security Responsibilities

Daily Maths Review will take reasonable technical and organisational steps to protect school-managed student data from misuse, interference, loss, unauthorised access, unauthorised modification and unauthorised disclosure.

The school is responsible for using strong staff passwords, protecting staff devices, managing class codes carefully, creating student passwords only for Daily Maths Review, not reusing school or personal passwords as student passwords, and telling Daily Maths Review if an account, class code, export or student record may have been accessed without authority.

No internet service can guarantee absolute security. Each party must act promptly to reduce risk if it becomes aware of a security or privacy issue affecting school-managed student data.

7. Providers And Overseas Processing

Daily Maths Review may use third-party providers to host, secure, email, bill, analyse and support the service. The current provider list and countries or regions are described in the Privacy Policy.

Daily Maths Review may update providers as the service changes. Where a material new provider is likely to process identifiable school-managed student data for a materially new purpose, Daily Maths Review will update the Privacy Policy or this agreement and take reasonable steps to make the change visible to affected school contacts.

8. Deletion, Export And Return

The school may request export, correction, deletion or de-identification of school-managed student data through available account tools or the contact page. Requests must include enough information to verify the school, class, account and authority of the requester.

Daily Maths Review will take reasonable steps to support verified school export and deletion requests. Unless a signed agreement says otherwise, Daily Maths Review aims to acknowledge verified requests within 5 business days and complete technically practicable export, deletion or de-identification within 30 days.

Deletion may not immediately remove information from backups, provider logs, security logs, billing records, legal records or de-identified aggregate statistics. Those records will be handled under the Privacy Policy retention schedule and applicable legal requirements.

9. Incident Notice

If Daily Maths Review confirms an incident that materially affects the confidentiality, integrity or availability of school-managed student data, it will notify the school contact without undue delay and, where practicable, within 72 hours after confirming the incident affects that school's student data.

The notice will include the information reasonably available at the time, such as the nature of the incident, affected data categories, affected classes or users where known, steps already taken, recommended school actions and expected next updates.

Daily Maths Review will work with the school on notification obligations, including any notification to affected individuals, parents, carers, education authorities, regulators or the Office of the Australian Information Commissioner where the Notifiable Data Breaches scheme or other law requires notification.

The school must also notify Daily Maths Review promptly if it becomes aware of an incident involving Daily Maths Review accounts, class codes, exports, staff devices or school-managed student data.

10. Access, Correction And Parent Requests

For school-managed student data, the school is usually the first contact for parent, carer or student access and correction requests because the school controls the class relationship and education record context.

Daily Maths Review will provide reasonable support for verified school requests to access, correct, export, delete or explain school-managed student data where the school cannot complete the request using account tools.

If Daily Maths Review receives a direct request about school-managed student data, it may ask the requester to contact the school, notify the school where appropriate, or verify authority before taking action.

11. Paid School Plans And End Of Service

During the public beta, public school plan purchases are not active. Schools can register interest or arrange a reviewed pilot, but no public payment flow should begin from the website while payments are disabled.

Paid school plan billing, renewal, cancellation and refund terms are covered by the Terms of Use, checkout information and any signed school agreement. Payment status does not give Daily Maths Review ownership of school-managed student data.

When a school plan ends, the school should export any records it needs and request deletion or de-identification if required by school policy. If the school does not request deletion, Daily Maths Review will handle records under the Privacy Policy retention schedule.

12. Confidentiality

Each party must treat non-public information received from the other party as confidential where a reasonable person would understand it to be confidential. This includes school-managed student data, school billing records, security information, private support messages and non-public product or technical information.

Confidential information may be used only to provide, receive, secure, support, pay for, administer or comply with legal obligations connected to Daily Maths Review.

13. Compliance And Review

Each party is responsible for complying with laws, policies and procurement requirements that apply to it. The school should review Daily Maths Review against its privacy, cyber security, procurement, child safety and record-keeping requirements before a broad student rollout or paid school plan.

Daily Maths Review may update these terms as the platform, providers, law or school features change. Material changes will be posted on this page with a new date, and reasonable steps will be taken to make material school data changes visible to affected school contacts.

14. Contact

For school agreement questions, data processing questions, export requests, deletion requests, access removal, security concerns or incident notices, contact Daily Maths Review through the contact page.