GDPR Compliant Data Security
Industry-leading data protection and security measures designed specifically for schools. Full GDPR compliance with transparent data handling practices.
GDPR Compliance
Built from the ground up with data protection at its core
Your Data Rights
Right to Access
Request access to your personal data and understand how it's being processed.
Right to Rectification
Correct inaccurate or incomplete personal data we hold about you.
Right to Erasure
Request deletion of your personal data when it's no longer necessary.
Right to Portability
Export your data in a structured, machine-readable format.
Data Protection Officer
Our dedicated Data Protection Officer ensures full GDPR compliance and is your point of contact for all data protection matters.
Security Measures
Multi-layered security protecting your sensitive data
End-to-End Encryption
All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption.
Access Controls
Role-based access controls with multi-factor authentication and regular access reviews.
Data Backup
Automated daily backups with point-in-time recovery and geographic redundancy.
Monitoring & Logging
24/7 security monitoring with comprehensive audit logs and anomaly detection.
Penetration Testing
Regular third-party security assessments and vulnerability testing.
Incident Response
Comprehensive incident response plan with 24-hour breach notification procedures.
Security Certifications
Industry-recognized security and compliance standards
ISO 27001
Information Security Management
Cyber Essentials Plus
Government-backed cybersecurity
SOC 2 Type II
Data security and availability
GDPR Compliant
Full data protection compliance
How We Process Your Data
Transparent data processing with clear legal bases
Data We Collect
Account Information
Name, email, role, and authentication data for platform access.
Safeguarding Data
Incident reports, concerns, and related safeguarding information.
Usage Analytics
Platform usage patterns to improve functionality and security.
Communication Data
Support requests, feedback, and platform communications.
Legal Basis for Processing
Contractual Necessity
Processing required to provide our safeguarding services.
Legal Obligation
Compliance with safeguarding and data protection laws.
Legitimate Interest
Platform improvement and security monitoring.
Consent
Marketing communications and optional features.
Data Sharing & Transfers
Limited, secure data sharing with appropriate safeguards
No Data Sales
We never sell, rent, or trade your personal data to third parties.
UK Data Residency
All data is stored and processed within the UK with no international transfers.
Secure Processors
Carefully vetted service providers with strict data processing agreements.
Questions About Data Protection?
Our Data Protection Officer is here to help with any questions about how we handle your data or to assist with exercising your rights.