TENJIN PERSONAL DATA PRIVACY
1. Introduction to Tenjin Technology
Tenjin Technology ('Tenjin') develops web applications for the purpose of
supporting accounting and finance education. Tenjin is typically engaged by
a client in order to make the Tenjin application (the 'Application')
available to the client's registered students ('individuals') for the
purpose of formative self-assessment and revision of relevant subject matter
2. Personal Data and Privacy
Personal data comprise information relating to an identifiable living
individual. This policy sets out the principles that each of the client
and Tenjin adhere to when processing personal data and sets out the
operational aspects of the data processing activities.
3. What personal data points are typically collected and processed?
(a) In order for Tenjin to be able to fulfil its role as instructed by the
client, personal data may be processed by each of the client and Tenjin.
Tenjin may receive the following personal data automatically from the client
when a client-registered individual accesses Tenjin through the client
student portal (for example a Moodle course page).
• Individual's Moodle username (for example 'sam.jones');
• Individual's display name (for example 'Sam Jones').
(b) Tenjin may process this personal data on the first occasion to create an
account for the individual and to keep a record of the subsequent
self-assessment and revision activities undertaken by that individual. The
self-assessment and revision activities of the individual that may be
recorded by Tenjin on behalf of the client are as follows:
• Date and time of on-screen quiz generation or PDF file download;
• Subjects for which on-screen quizzes are generated or PDF files
• Question reference numbers included in each generated on-screen quiz
or PDF file download;
• Types of questions included in each generated on-screen quiz or PDF
download (for example, multiple-choice or short computational or long
• Whether an on-screen quiz is generated in 'learning' mode or 'exam'
• Actions taken by the individual in an on-screen quiz as follows:
o Whether a question is viewed (Yes or no);
o Whether a question is attempted (Yes or no);
o Whether an attempt is correct or incorrect (Yes or no);
o Whether the hint is viewed (in 'learning' mode) (Yes or no);
o Whether a 'similar question' is selected (in 'learning' mode) (Yes or no);
o Whether the solution is selected (in 'learning' mode) (Yes or no);
o Option selected for multiple-choice type questions ((a), (b) or (c));
o Values input for short computational questions.
(c) Individuals have the possibility to contact Tenjin directly through the
'contact us' tab. In this circumstance, the individual's email address and
potentially other personal data are communicated by the individual directly
A cookie is a small amount of information that may be stored on an
individual's device. Cookies are used to make it easier for an individual to
stay logged in to the Application. Further information about cookies is
included on the Cookies page
4. What are the typical purposes of the collection and processing of
(a) The client may communicate personal data to Tenjin in order to
facilitate access to the Application and for Tenjin to present relevant
subject matter to each individual. An individual may be authorised to use
the Application solely by reference to the information that may be
communicated by the client.
(b) With regard to personal data points that may be generated by individuals
through use of the Application, the client may apply a range of data and
learning analytics techniques.
(c) Tenjin may process personal data in order to implement a fair usage
policy in respect of PDF file downloads. Each individual is typically
limited in terms of the number of revision questions that may be downloaded
during any continuous 24-hour, 7-day or 30-day period. For this purpose,
Tenjin may process personal data in order to maintain a historical record of
PDF downloads by each registered individual.
(d) Tenjin may process personal data when an individual communicates
directly with Tenjin through the 'contact us' tab.
5. What is the typical legal basis of the processing of personal
By law, each of the client and Tenjin may only process personal data where
there is a legal justification to do so. In accordance with that law, each
of the client and Tenjin may process personal data in relation to the
Application because it may be necessary for the purposes of the legitimate
interests of the client and Tenjin.
(a) The client may process personal data in order to facilitate authorised
access to the Application for each registered individual.
(b) Tenjin, in its capacity as a data processor on behalf of the client, may
process personal data in order to facilitate data and learning analytics
that are undertaken by the client.
(c) Tenjin may process personal data in order to implement its fair usage
policy in relation to PDF file downloads. It may be necessary to process
personal data in order to enforce this policy.
(d) Tenjin may process personal data when an individual communicates by
means of the 'contact us' tab. This processing may be necessary in order to
be able to respond to the individual.
Each of the client and Tenjin take care to be able to conclude that:
(a) the interests pursued by each in the context of the Application
are legitimate interests that are solely related to the provision of a
high-quality educational experience to registered individuals;
(b) the processing of personal data is necessary (in that it is
targeted to apply only to the stated legitimate interests and is a
proportionate way of achieving the stated legitimate interests);
(c) the fundamental rights and freedoms of an individual are not
compromised by the legitimate interests of either the client or Tenjin. In
this regard, the client and Tenjin give due consideration to the nature of
the data processed, the expectations of an individual in an educational
environment and the likely impact of the processing of personal data on an
6. For how long is personal data typically held?
Personal data points that may be processed in connection with the
Application may be held for up to one year after the end of the academic
year in which the personal data points are first processed. An academic year
commences at the beginning of September and ends at the end of the following
For example, 'Sam Jones' uses the Application on one or more occasions
during the 2017/2018 academic year - personal data points relating to 'Sam
Jones' are therefore processed during the 2017/2018 academic year. These
personal data points may be retained up to the end of the 2018/2019 academic
year, at which point the personal data points would be anonymised. Once
anonymised, the Application activity data points are no longer be associated
with an identifiable individual. Therefore, after an anonymisation process,
Application activity that was previously associated with 'Sam Jones' is no
longer associated with 'Sam Jones'.
Anonymised Application activity data points may be retained either by the
client or by Tenjin on behalf of the client for archive, research and
statistical analysis purposes.
Personal data points sent to Tenjin as a result of communication
through the 'contact us' tab are retained by Tenjin only for as long as is
required to address the subject matter of the communication. Once the
matter is resolved or forwarded to the client, the personal data points
are permanently deleted.
7. What are an individual's rights in relation to personal data?
(a) Right to information and access
An individual has the right to request access to the information about him
or her that is held by the client or by Tenjin on behalf of the client. On
request, the client will provide the individual with a copy of the personal
data points that have been generated in connection with the Application.
This information is provided in a convenient electronic format.
(b) Right to rectification
The client will rectify any noted inaccuracies in relation to an
individual's personal data following a request by the individual concerned.
(c) Right to object to processing
An individual has the right to object to processing of personal data in
connection with the Application on grounds relating to his or her particular
(d) Right to restrict processing
An individual has the right to request the restriction of personal data. In
this case, personal data points would be stored by the client or by Tenjin
on behalf of the client but would not be processed in connection with any
aspect of the Application.
(e) Right to erasure
An individual has the right to request erasure of personal data points
that arise in connection with his or her use of the Application.
(f) Right to make a complaint to the Data Protection Commission
An individual has the right to make a complaint to the Data Protection
in order to ensure that his or her rights are fully
8. Is personal data shared with third parties?
The Application is hosted on a Microsoft cloud platform. Personal data that
are processed as a result of accessing or using the Application are stored
on the Microsoft cloud platform and in accordance with the terms and
conditions of Tenjin's subscription to
Microsoft Online Services
Other than in connection with Tenjin's subscription to Microsoft
Online Services, only the client or Tenjin on behalf of the client handle
personal data that is processed in connection with the Application.
9. What data security measures are typically in place to protect
Each of the client and Tenjin take appropriate technical and organisational
measures to protect personal data points that are transmitted, stored or
otherwise processed in connection with the Application against accidental or
unlawful destruction, loss, alteration, or unauthorised disclosure or
In general, personal data points are encrypted in storage and during
transmission to and from client and Tenjin servers. Authorised access to the
Application requires an individual to be logged in to the client's student
portal by means of a username/password combination.
Any data files transferred between the client and Tenjin that contain
personal data are password protected as a matter of standard policy. Any
data files containing personal data that may be temporarily stored on a
Tenjin portable device are password protected and encrypted.
Prior to introducing any technologies that are relevant to the processing of
personal data in connection with the Application, both the client and Tenjin
on behalf of the client undertake all necessary impact assessments.
Whereas the client and Tenjin strive to protect each individual's
personal data, including through use of encryption and other measures, it
is not possible to guarantee the security of any internet communication or
transmission. If any individual has reason to believe that interactions
with the Application are not secure, please notify Tenjin by using the contact details
the bottom of this page.
Where an individual is provided with, or has chosen, a password that enables
access to certain parts of the application, the individual is solely
responsible for keeping that password confidential.
In the event of any breach of client's or Tenjin's systems impacting
on the security of an individual’s Application-related personal data, the
client will inform the affected individuals at the earliest opportunity
describing the nature of the breach, the possible consequences and the
measures being taken to remedy the situation in accordance with client
procedures and applicable law.
10. What about site links to third party sites?
The Application site may contain links to third-party resources.
Individuals should note that these third-party sites may have their own
personal data and privacy policies. Neither the client nor Tenjin accept
any responsibility or liability in connection with those third party
personal data and privacy policies.
11. Contact details
should be directed to:
Bazwaldo Limited T/A Tenjin Technology
c/o Leahy O'Riordan Chartered Accountants
1-2 Marino Mart
Email: Use the form on the 'contact us' tab or email directly to 'firstname.lastname@example.org
The website for the Data Protection Commission is https://www.dataprotection.ie
In the event that there are any changes to this personal data and privacy
policy for the Application, an updated version will be posted on this page
and all individuals will be notified of the updated version by means of the
This version is dated May 2018.