Emerge Data Sharing Agreement

Table of Contents

What is Emerge?

Groupcall Emerge is an App which enables schools to have an up-to-the-minute copy of their MIS data instantly and securely available in the palm of their hand. Emerge is installed across an estate of approximately 10,000 devices in the United Kingdom.

Emerge is the solution for users to access information when and wherever it is needed i.e. in an emergency where the school system may be down or access to the school is restricted, thus ensuring staff and student safety is paramount at all times.

Emerge comprises of two elements or ‘pieces’ of software. The Emerge Device software (the App) and the Emerge Server software installed in the school or in a local authority.

1) Emerge Device Software:

This is the app that will need to be installed on each of the devices that will run Emerge.  The Emerge Device Software communicates with the Emerge Server to receive and send MIS information.

2) Emerge Server Software:

The Emerge Server Software talks to your MIS system extracting student and staff information that it then 'sends' to devices running the Emerge App. The Server software is known as the 'Groupcall Management Console' (or sometimes the 'Emerge Management Console' depending on your version - they are the same thing, just labelled differently!)
The data is sent to devices via the 'Groupcall WebService'; this WebService is used by Emerge and other Groupcall products for secure data movement.

 Emerge Server Software


This document explains the safeguarding and security of data shared with Emerge and its applications. This document forms our Data Sharing Agreement (DSA) with you. In order to use Groupcall Emerge your organisation should understand and accept this agreement.

Emerge Data Movement Overview

The Groupcall Emerge Management Console operates in a layer above the Management Information System (MIS Emerge interfaces with the MIS through Groupcall Xporter.

Emerge data movement overview

Click image to expand.

Emerge Transfer and Use of Personal Information

Groupcall Emerge securely caches Personal Information.  Datasets cached by Emerge include:
Maximum available datasets
Students Staff
  • Forename
  • Surname
  • Date of Birth
  • Contacts
  • Siblings
  • Address
  • Medical
  • Behaviour
  • Timetable
  • Attendance
  • Photo (see Data Security section for more information)


  • Forename
  • Surname
  • Date of Birth
  • Address
  • Home Telephone
  • Mobile
  • Home Email
  • Next of Kin
  • Work Telephone
  • Timetable


The above table shows the maximum available datasets that can be accessed using Emerge. The level of access to these datasets will depend upon user privileges as determined by the school. This applies to the latest release of Emerge and may vary with previous versions.

By accepting this DSA you, as the Data Controller, agree to Groupcall acting as Data Processor of the aforementioned Personal Information for use in Groupcall Emerge.

It is for schools to ensure that, as Data Controllers, they have the ability to share data using Groupcall Emerge and that they consider there to be appropriate measures in place to ensure that the data is held securely and confidentially, including staff awareness and device policies.

For a more detailed explanation of what constitutes Personal Information and the roles and responsibilities of people responsible for data, please see our Data Privacy Summary.

Groupcall has taken all reasonable measures to ensure the safety and security of data in Emerge, including Personal Information.  We have processes in place, in line with ITILv3 guidance for Continual Service Improvement, to ensure that all reasonable measures are taken to maintain compliance with relevant parts of the 1998 Data Protection Act.

Use of Data

The Use of Data policy is provided for schools to ensure that, as data controllers they have the ability to share data, and that they consider there to be appropriate measures in place, ensuring that the data is held securely and confidentially.

This document sets out how Groupcall supports these objectives.

Groupcall and its suppliers will be acting as ‘data processors’ as defined by the 1998 Data Protection Act. Groupcall has taken all reasonable measures to ensure the safety and security of the personal information, and continues to review these measures on an on-going basis.

Emerge Data Security

This section provides details of the management of data security in relation to the use of Groupcall Emerge.

Data is transported bi-directionally between the Emerge Service and school MIS. Emerge then communicates securely with registered Emerge enabled devices.  All data is secured in motion using industry standard encryption.

Groupcall Emerge accesses the school MIS system using credentials that you provide to it and cannot access it without them.

Emerge enabled devices use industry standard AES-128 bit encryption to secure data at the user and device level.

Device cached Emerge data falls into two categories: Encrypted and Shared Non-Encrypted.

Encrypted: All Personal Information data is secured using industry standard encryption.

Shared Non-Encrypted: Data that is not deemed to be Personal Information is not encrypted to ensure maximum performance and the ability to share this cached data between users of the same device.  Photographs are an example of data that can be shared between users of a device.  A photo is not deemed to contain Personal Information, as it cannot be associated with encrypted Personal Information such as ‘name’ on its own.  Performance is maximised, as the photographs do not need to be downloaded for every user of the same Emerge enabled device.

All devices running Emerge have their own unique device identifier. This is used to register the device within the Emerge Management Console that resides on the school’s MIS system. Every time an Emerge device connects to the server to collect data, the username and password are seamlessly validated. Furthermore, the system locks automatically when inactive and can only be accessed again using a PIN code.

Groupcall strongly recommend that your school have additional security policies in place to include the use of devices containing school data inside and outside of school premises.

Furthermore, we recommend that you incorporate additional device security measures that enable you to remotely wipe, disable and locate a device.  Apple’s iCloud includes all of these features and there are a number of apps available for Android and Windows from the respective app stores.  Groupcall takes all reasonable steps to secure Emerge data, but as you would expect, does not have access to a device’s underlying Operating System.

Groupcall Support Personnel & Data Security

The Support team at Groupcall are able to resolve or advise you on any technical issues that you encounter while using Groupcall products, however they are unable to advise on any other issues affecting Groupcall Partner products and in such instances you should refer to the support arrangements for that specific Groupcall Partner.

Often it is necessary for a Groupcall support technicians to view the issue with you, in order to diagnose it fully and offer a solution. In circumstances where support technicians need to view the issue with, you they may use remote access tools to view your  computer with you, in which case you should remain at your computer and supervise the entire session.  All of our remote sessions allow you to retain control and allow you to terminate the session at any time.  If your issue escalates and an additional support technician is required, then additional Groupcall staff may join the remote session.

If your issue is a platform issue or requires changes to your account configuration, then Groupcall staff may perform such configuration on your behalf from our secure management platform without requirement for remote access.

You are reminded that you should avoid sending personal information, such as student/contact records, to Groupcall directly.  You certainly should only send such information when supported by strong encryption, if there is an explicit requirement to do so.  Groupcall staff will advise the most secure method for transfer if there is such an explicit requirement.

Emerge Updates

Once installed, the Emerge Server Software requires no further maintenance intervention (provided that Xporter maintains accessibility to the pre-requisite URLs e.g. after a proxy server change etc) as required updates are released and applied via the in-built mechanisms.

App updates are pushed to devices through the standard device update release mechanisms.  Updates can include bug fixes, security enhancements and feature developments – some of which may not take full effect until an Xporter script update has taken place.

To further maintain the integrity, performance and functionality of the software, Groupcall adheres to the ITILv3-based release management cycle. Usually in the case of a major update, you will be informed prior to this taking place. Some script updates take place from time to time to enable new App features.

Exhaustive testing together with thorough documentation and rollback support give you and us peace of mind!

Emerge Data Lifecycle

Your data’s point of origin remains in the controlling system.  Data is cached in Groupcall Emerge for an agreed time period – this may vary for the different datasets.  If the Emerge app is not accessed for a set period of time (the default is 5 days), the encrypted data is inaccessible until the user authenticates again.

Privacy Policy

This forms part of the application process to use relevant Groupcall Products.  The Head Teacher or an authorised member of staff will agree to have read and understood the terms and conditions outlined below:

Who is responsible for managing my information?
The Groupcall Product in question is provided by Groupcall Limited (“Groupcall”) and its suppliers. We are responsible for ensuring that your data is adequately protected in relation to the operation of the Groupcall Product platform in question.

Who can i contact if i have queries about this privacy policy?
If you are already a Groupcall customer then please contact Groupcall Support. If you are a prospective customer then please contact our sales team by emailing sales@groupcall.com or call 020 8502 7344.

Will you ever update this privacy policy?
We may update this privacy policy from time to time and we will send notification to your main account contact if this is the case. For specific optional functionality within a  Groupcall Product, we may also issue appendices to this agreement.

How can i update my data?
The data in the Groupcall Product reflects the data in your school MIS system, hence to correct any inaccuracies in the Groupcall Product you should correct the data in your MIS and allow an overnight update to occur.

If it is important that data changes are shown in the Groupcall Product more urgently. For example, if a parent has been restricted from contact with their child by court order, then you can contact Groupcall Support for assistance, by emailing support@groupcall.com or call 020 8502 7344.

What information do we collect?
We collect students, staff and parental contact and grouping information such as school record identifiers, names, gender, date of birth, electronic contact details, language preference and recent attendance marks. The full information we collect is detailed under the "Transfer and Use of Personal Information" section. For each specific product's see, Data Sharing Agreements.

What is my information used for by Emerge?
The information present in Groupcall Emerge is used for the specific purposes of recording attendance, behaviour and achievement and associating students and staff to timetable information. Emergency contact details are also cached as well as any relevant medical information.

How is my information held by Emerge?
Data in Emerge is cached as either Encrypted for Personal Information, or Shared Non-Encrypted for other data, including anonymous photos.

How long will my information be held by Emerge?
Data deltas are cached in Groupcall Emerge and only remain valid for a set time period (the default is 5 days).

Emerge Browser Cookies

Groupcall Emerge is not a browser-based service and therefore does not rely upon Internet browser cookies for any functionality.

Need further help?