Trust Center
Our commitment to privacy, security, and transparency for schools, counselors, students, and families.
Last updated: [11‑Aug‑2025]
Student record rights supported; disclosures limited to legitimate educational interest or consent.
Data subject rights supported; SCCs/DPAs in place for processors.
Parental consent workflows for under‑13 users; no targeted advertising.
Hosted on audited infrastructure with SOC 2/3 and ISO 27001 certifications.
Security Overview
- Encryption at rest (AES‑256) and in transit (TLS 1.2+)
- Role‑based access control (RBAC) with MFA for admin access
- Quarterly access reviews & least‑privilege by default
- Incident response with 72‑hour GDPR notification window
- Data retention & secure deletion schedules
- Annual vendor re‑assessment and policy review
Subprocessors & Vendors
Last review: [11‑Aug‑2025]We work with carefully vetted service providers bound by Data Processing Agreements (DPAs). Each supplier is reviewed at least annually for security and privacy posture.
| Vendor | Purpose | Data Categories | Region | DPA | Certifications | Last Review |
|---|---|---|---|---|---|---|
| Amazon Web Services (AWS) | Hosting & database | Account & usage metadata | US/EU | Yes | SOC 2/3, ISO 27001 | 2025‑07‑01 |
| Bubble.io | Application platform | App data processing | US | Yes | Built on AWS; security features | 2025‑07‑01 |
Want to be notified of subprocessor changes? Email support@schooligio.ai
Data Rights & Requests
To request access, correction, deletion, or portability of your data, or to withdraw consent, contact us. Schools can request our DPA or security documentation using the links above.
