Excel Photographers Security Statement Last updated: 2020 10 13. Effective Date: 2020 10 13
1. Definitions • ACCOUNT o Credentials and associated licenses enabling an ORGANIZATION to operate Excel Photographers
• CONTRACT o A formal agreement between Excel Photographers COMPANY and the
• CONTRACT COMPLETION o The moment when a contract between Excel Photographers
COMPANY and an ORGANIZATION terminates
• DEVICE o A computing device, including mobile phone and desktop systems.
• DIY CAPTURE PAGE o A web page enabling an INDIVIDUAL to “Do It Yourself” capture a
photograph and other information, for example to create an ID card or a yearbook mug shot
• Excel Photographers COMPANY o The publisher of Excel Photographers
• Excel Photographers SERVER o The physical location of the code and database accessed by Excel Photographers
• INDIVIDUAL o A person whose information is stored by Excel Photographers
• INDIVIDUAL DATA o Information uniquely associated with a specific INDIVIDUAL
• INDIVIDUAL–GENERATED CONTENT o Data created by INDIVIDUALS other than
• KIOSK o A physical Excel Photographers installation at a POE
• LICENSE o A token enabling use of a set of Excel Photographers features. Licenses typically expire or count down
to zero uses remaining.
• LEA ORGANIZATION o A Local Educational Agency – a School or District – making use of Excel Photographers
as a client, as the case may be
• ORGANIZATION o The client making use of Excel Photographers
• ORGANIZATION REPORTS o Data exports of various types including Tardy and Visitor Logs,
triggered by ORGANIZATION staff
• POE o A physical Point Of Entry at an ORGANIZATION
• PARENT o An INDIVIDUAL with custody over a STUDENT at an LEA ORGANIZATION,
including legal guardians
• PERSONAL LANDING PAGE o A web page personalized for a specific INDIVIDUAL, exposed by
• RECORD o Data associated with a specific INDIVIDUAL by Excel Photographers
Content created by INDIVIDUALS, including textual responses, photographs taken by Excel Photographers or
submitted to Excel Photographers by INDIVIDUALS
The Excelyb.com system, encompassing the online databases and code comprising the totality of
experiences for end users and administrators
An INDIVIDUAL receiving instruction at an LEA ORGANIZATION, who may be a minor
The totality of INDIVIDUALS, ORGANIZATION staff, PARENTS, and RESELLERS
A regional representative of Excel Photographers working directly with an ORGANIZATION
• SOLUTIONS / Excel Photographers
• TEAMMATE / RESELLER
2. Statements Excelyb.com hereby states:
1. RECORDS will be used in the following manner: a. Identifying INDIVIDUALS at POE and other
b. Offering INDIVIDUAL–specific functionality on INDIVIDUAL devices.
c. Generating ORGANIZATION REPORTS.
2. RECORDS continue to be the property of and under the control of the ORGANIZATION.
3. No INDIVIDUAL–GENERATED CONTENT is stored by Excel Photographers
4. RECORDS shall not be retained or available to Excel Photographers upon completion of agreements with
5. Personally identifiable information in RECORDS will not be used in targeted advertising unless
specifically authorized by the ORGANIZATION.
6. Excel Photographers will not condition a child’s participation in a game, the offering of a prize, or another activity
on the child disclosing more personal information than is reasonably necessary to use the system.
7. Excel Photographers Company does not intentionally gather any information which indicates the
citizenship status of INDIVIDUALS. If in the normal course of operations Excel Photographers Company
becomes aware of such status, it will not unilaterally report this information to any third party.
Excel Photographers Company will fully comply with any lawful demand for information made of it by an
3. Notifications 1. In–application notifications
In compliance with COPPA and other regulations, the following notifications will be visible:
1. on the Excel Photographers KIOSK:
Link from the welcome page: privacy information
The Excel Photographers system makes use of information provided by this school to identify students. This
information was provided by the school under the terms of a contract which imposes strict
Excel Photographers additionally tracks entry and exit events, notes and conditions entered by school administration,
and comments entered by the student themselves in response to questions.
This information is presented to the receptionist to aid in decisions to allow entry or exit to students, and
to generate reports detailing visits logs.
Adults wishing to review or modify the information collected by this system should present themselves
to the receptionist at this school, who may at their discretion comply with your request.
2. on the Excel Photographers DIY CAPTURE PAGE:
Before proceeding to capture photographs or providing contact details, the following message is shown:
You must be 13 years or older to proceed.
By submitting a photo, you grant your school the right to reproduce it in ID cards, the yearbook, and
other customary school purposes. Please review your photo carefully. Your school, yearbook company,
Excel Photographers and its teammates assume no responsibility for the content of submitted photos.
In order to proceed, the user must click “I am 13 or older”.
2. Parent notifications
In compliance with COPPA and other regulations, the following notifications will be suggested to the
ORGANIZATION for broadcast to parents:
Our school has adopted the Excel Photographers ID management system.
This system was installed to enhance safety for our students and staff: it tracks entries and exits from the
school and ensures that our administration know who is in the school and can communicate efficiently
with community officials in the event of emergency.
The system tracks the same basics as our school information system – your student’s name, a
photograph, which class they belong to. It tracks when students have been early or late, with the reasons
given. It also keeps a record of all adults (volunteers, replacement teachers, visiting parents) who enter
The information collected by the system will not be shared with any third party with the exception of
law enforcement, should the need arise.
Use of this system is mandatory for all students and visitors to the school. You are welcome to ask
reception for permission to see the records for your student.
COPPA §312.4.c requires explicit parental approval for disclosure of a child’s personal information, the
ability to opt out of collection, and rules for automatically deleting students whose parents have not
provided permission within reasonable delay.
Excel Photographers suggests that the needs of a security system differ from normal student–oriented
websites. It would be impractical and undesirable to have some students recorded in the database and
others not. Requiring all students to be listed in the system supports the school’s goal of security.
4. RECORD contents
1. Excel Photographers Required Information for all INDIVIDUALS . Last Name
. First Name
. Role (student, staff, visitor…)
2. Excel Photographers Preferred Information for INDIVIDUALS . Photograph
. Student ID Number (corresponding with Student’s permanent record)
. ASB membership
. SMS–enabled mobile number
. Email Address
. Digital ID status
. In–person Admissibility
3. Excel Photographers Optional Information . Status at organization
. Date of birth
. Guardian email address
. Guardian SMS–enabled mobile number
. Company Name
. Personal Government ID Number (typically a drivers license)
. RFID Code
. PURL for individual in RESELLER website
. Locker Number & combination
4. Excel Photographers History Baseline . Flags
. Notes (custody, behavior, etc)
. Excel Photographers History Optional information (based on use of additional solutions) . Entrance and Exit history
. Reasons supplied for ingress or egress
. Results of Sex Offender Database lookups
. Attendance at courses
. Presence at school–related events
. Bus usage history
5. Information & Data Security
1. RECORDS are protected physically:
. No information is stored on–site at the ORGANIZATION except transient browser caches; all
information resides on the HIGH5 SERVER. There is no database present on ORGANIZATION
. Physical locations for the HIGH5 SERVER are: . For our domain (hosting and serving of pages) and
for maintenance scripts: We use GreenGeeks in California, USA. Physical security measures are in place
to prevent unauthorized entry to the site.
. For our database: we use Google Firebase Realtime Database, a cloud–based system which stores data
in central U.S. locations.
2. RECORDS are protected Electronically:
. All communications between the Excel Photographers KIOSK and the Excel Photographers SERVER are encrypted end–to–end
. Hosting and database structures run on a secure host that restricts external access via Excel Photographers word.
Access tokens for the database are encrypted and persisted locally as cookies, a common and trusted
approach to security.
. In addition to the userID/password, we use Firebase’s support for pre–shared public/private keys to
access any infrastructure. Even if someone gets the user ID / Excel Photographers word pair, they will be unable to
access our database from a custom application because the public key is bound to our specific
3. Application design:
. Excel Photographers uses Firebase, a BaaS (backend–as–a–service) headless server providing secure and encrypted
access to connected clients based on . a set of rules (e.g. Organization A has access to its own
students/staff but does not have access to individuals from Organization B)
. access tokens (e.g. encrypted local copies of the credentials saved as cookies).These tokens are
recycled according to browser configuration. Clearing caches will also invalidate the cookies.
Firebase is offered by Google, which provides world class security to ensure that unauthorized access is
prevented. Details can be found here: . https://firebase.google.com/docs/database/security/
. The Firebase database supports automatic demand–based server scaling (both physical resources such
as RAM and CPU power, and data such as the number of individuals tracked by the database); this
enables Excel Photographers to dynamically handle as many users as required.
. A maintenance server using Apache and PHP runs clean up and maintenance scripts at regular
intervals; these are hosted and run on our servers. Example scripts include: closing visits for individuals
that checked in but did not check out; flagging individuals who were late multiple times; and analytics to
create daily reports to be sent to ORGANIZATION staff.
. We make use of Firebase’s alert systems to monitor system logs and ensure system uptime and
. The database is backed up daily to ensure that logs and records are not lost in the event of catastrophic
failure or application error.
. Images are served to the client browser using obscured URLs to enhance image security. These URLs
cannot be predicted or reverse engineered in order to gain access to other images.
. As with all database access, intruders cannot access images via the database without a secret key which
is held by Excel Photographers alone in a secure location.
6. Instructions and Procedures
1. Actions taken to ensure the security and confidentiality of RECORDS a. Excel Photographers
COMPANY staff are designated able to view and modify all RECORDS as required in the
accomplishment of their assigned tasks.
b. RESELLER staff are designated able to view and modify RECORDS for the ORGANIZATIONS as
required in the accomplishment of their assigned task for ORGANIZATIONS that they directly service.
c. Excel Photographers COMPANY staff are trained to avoid i. Sharing credentials by any means other
than password–protected online documentation
ii. Releasing private information on ORGANIZATION visitors, staff, students or policies to anyone not
associated with the administration of the ORGANIZATION
2. Procedures for notifying STAKEHOLDERS in the event of an unauthorized disclosure of RECORDS
a. Excel Photographers COMPANY maintains contact information for administrators at all
ORGANIZATIONs and RESELLERS.
b. Excel Photographers COMPANY will notify these same by email in the event that unauthorized
disclosure takes place. The email will include phone and email information to enable
STAKEHOLDERS to contact Excel Photographers COMPANY staff directly with their concerns.
3. Removal of RECORDS a. At CONTRACT COMPLETION, unless otherwise instructed by one or
more of the STAKEHOLDERS, Excel Photographers COMPANY staff will remove RECORDS from i.
‘live’ database, within 72 hours
ii. backups of the database, within 60 days
4. Demonstration that RECORDS have not been retained after contract completion a. At CONTRACT
COMPLETION, staff from ORGANIZATION have the right to watch via screen sharing technology as
Excel Photographers COMPANY staff clear RECORDS. ORGANIZATION staff will have the
opportunity to test that their live
database is empty prior to the termination of the ACCOUNT for the ORGANIZATION.
5. Viewing of RECORDS (“right of access”) a. Regarding the viewing of RECORDS at a given
ORGANIZATION: i. The following may view all INDIVIDUALS: 1. ORGANIZATION staff
2. RESELLER staff
3. Excel Photographers COMPANY staff
ii. The following may, at the ORGANIZATION’S discretion, view their own records: 1. PARENTS and
3. Correction of RECORDS (“right of rectification”) a. Regarding the modification of RECORDS at a
given ORGANIZATION: i. The following may modify all INDIVIDUALS: 1. ORGANIZATION staff
2. RESELLER staff
3. Excel Photographers COMPANY staff
ii. The following may, at the ORGANIZATION’S discretion, modify aspects of their own records: 1.
PARENTS and INDIVIDUALS
1. Removal of RECORDS (“right to be forgotten”) a. Regarding the erasure of RECORDS at a given
ORGANIZATION: i. The following may erase all INDIVIDUALS: 1. ORGANIZATION staff
2. RESELLER staff
3. Excel Photographers COMPANY staff
ii. The following have no means to remove RECORDS: 1. PARENTS and INDIVIDUALS
2. Business Events a. In the event of the sales of all or a portion of the assets of Excel Photographers,
RECORDS may be transferred to the successor entity.
b. In the event of bankruptcy of Excel Photographers, RECORDS will not be considered as an asset that can
be acquired by a third part.