Legal

Privacy Policy

Last updated: 31 May 2026

1. Who we are

DEEP Education (“we”, “us”, “our”) is the data controller for personal data processed through the AI Literacy Audit Tool at ailiteracyaudit.com. We are a trading name of DEEP Professional Ltd, registered in England and Wales (company number 16052380).

2. What data we collect

We collect and process the following categories of personal data:

2.1 Account information

  • Email address (used as your login identifier)
  • Name (optional)
  • Password (stored only as a one-way cryptographic hash — we never store or see your actual password)
  • School name, region, and country
  • Your role within the school (e.g. principal, headteacher, head of department, consultant)
  • School profile information you provide, such as phase, age range, curriculum, regulatory framework selections, website, department, and subject area where relevant

2.2 Documents you upload

  • School policy documents, departmental documents, schemes of work, assessment materials, teaching and learning documents, and individual documents submitted for audit analysis
  • Uploaded file buffers are processed in memory for text extraction and are not stored as original files by our application.
  • Extracted text is held server-side for up to 1 hour while you complete the upload and audit creation flow. It is deleted when the audit starts, or automatically expires if you do not start an audit.
  • Temporary per-audit document index chunks may be created during the agent council analysis so the system can retrieve relevant evidence. These are deleted after the audit results have been persisted.
  • If your school opts in to data retention, extracted document text is stored in our database for up to 2 years to support follow-up audits, progress tracking, and school profile continuity. You can withdraw this consent and delete stored text from your settings page.

2.3 Audit results

  • Dimension scores (1–5 across 9 education dimensions)
  • Evidence citations, gap analysis, strengths, and recommendations
  • Action plans and implementation guidance
  • Report synthesis summaries
  • Audit type, audit label, department, subject area, selected focus dimensions, regulatory snapshot, quality metrics, and agent/council processing events

2.4 AI provider settings

  • If your school uses bring-your-own-key access, we store your selected AI provider, model, masked key metadata, and encrypted API key. API keys are encrypted with AES-256-GCM and are never displayed back to users.

2.5 Payment information

  • Payment details (card numbers, billing address) are processed directly by Stripe and are never stored on our servers. We receive only a customer reference ID and subscription status from Stripe.

2.6 Technical data

  • IP address (used for rate limiting and security; not stored long-term)
  • A single authentication cookie (HTTP-only, secure, strictly necessary for login)

3. How we use your data

We process your data for the following purposes and legal bases:

PurposeLegal basis (UK GDPR)
Providing the audit service (document analysis, scoring, reports, action plans, and progress tracking)Performance of contract (Art. 6(1)(b))
Account authentication and securityPerformance of contract (Art. 6(1)(b))
Processing payments via StripePerformance of contract (Art. 6(1)(b))
Sending password reset emailsPerformance of contract (Art. 6(1)(b))
Retaining document text for progress tracking (when opted in)Consent (Art. 6(1)(a))
Maintaining audit logs for security and complianceLegitimate interest (Art. 6(1)(f))
Storing school AI provider settings and encrypted API keys where BYOK is enabledPerformance of contract (Art. 6(1)(b)) and legitimate interest in secure service delivery (Art. 6(1)(f))

4. AI processing & safety

Your uploaded documents are analysed by AI systems to generate evidence-based audit scores, recommendations, report narratives, and action plans. Depending on your school’s configuration, analysis may use our platform Gemini provider or your school’s own configured provider (Google Gemini, OpenAI, or Anthropic). During this process:

  • Document text, school context, region, audit type, selected frameworks, and relevant audit instructions may be sent to the active AI provider.
  • We do not send passwords or payment card details to AI providers. Account identifiers such as user email are not needed for audit analysis and are not included in audit prompts.
  • Uploaded documents may contain personal data about staff, pupils, parents, or governors. Schools should avoid uploading unnecessary personal data wherever possible.
  • The agent council breaks analysis into specialist steps including document intelligence, dimension review, evidence validation, quality assurance, synthesis, and action planning. These steps improve consistency, but audit outputs remain AI-generated and should be reviewed by responsible school staff before decisions are made.
  • We log AI call metadata such as provider, model, token counts, latency, estimated cost, and outcome. We store hashes of prompts and responses for observability, not the full prompt or response text in AI call logs.
  • Provider API data is not used for model training by default according to the provider materials linked below. Provider abuse monitoring and retention periods may still apply under their terms.

Relevant provider information:

  • Google Gemini API paid services are covered by Google’s Cloud Data Processing Addendum, and Google states in its Gemini API terms that paid service prompts and responses are not used to improve products.
  • OpenAI states that API inputs and outputs are not used to train or improve OpenAI models by default. See OpenAI data controls.
  • Anthropic states that commercial/API inputs and outputs are not used to train models by default. See Anthropic’s commercial product guidance.

5. Who we share data with

We share data only with the following third-party sub-processors, each under appropriate data processing agreements:

Sub-processorData sharedPurposeLocation
Google (Gemini API)Document text, school context, provider metadataAI-powered audit analysis and synthesisEU/US
OpenAI (where configured by your school)Document text, school context, provider metadataAI-powered audit analysis and synthesisUS/EU
Anthropic (where configured by your school)Document text, school context, provider metadataAI-powered audit analysis, grounded citations, and synthesis where enabledUS/EU
StripeCustomer ID, payment metadataPayment processingUS (with EU data residency)
ResendEmail addressPassword reset and notification emailsUS
HetznerStored application and database dataDatabase and application hostingGermany (EU)

We do not sell your data. We do not use any third-party analytics, advertising, or tracking services. Our anonymous analytics (see section 9) are fully self-hosted — no data leaves our servers.

6. International transfers

Our database is hosted on servers in Germany (EU). Where data is transferred to sub-processors outside the UK/EU (including AI providers, Stripe, and Resend where applicable), we rely on Standard Contractual Clauses and the UK International Data Transfer Agreement as appropriate.

7. Data retention

  • Original uploaded files: Processed in memory for extraction and not stored as original files by our application.
  • Pending extracted text: Stored server-side for up to 1 hour while an audit is being created, then deleted when the audit starts or when it expires.
  • Temporary document index chunks: Created only where needed for agent retrieval during analysis and deleted after audit results have been persisted.
  • Document text (opted-in): Retained for up to 2 years from the audit date, then automatically deleted. You can delete stored text at any time.
  • Audit results: Retained for the lifetime of your school account. Archiving hides an audit from the dashboard but does not erase the underlying audit record. Audit records are deleted when the relevant school/account data is deleted, subject to any legal, tax, security, or fraud-prevention records we must keep.
  • Account data: Retained until you delete your account.
  • Password reset tokens: Expire and are deleted after 1 hour.
  • Audit logs: Retained for up to 7 years for compliance purposes.
  • Report share links: Deleted automatically when their expiry date passes.
  • AI readiness quiz submissions: Retained for 18 months from the date you submitted the quiz, then automatically deleted. You can also request immediate deletion at any time using the self-service link in your confirmation email or by visiting /quiz/erasure. The retention window covers the typical sales cycle for international schools; we do not encrypt the column because the realistic threat model (server-environment compromise) would also expose any encryption key. Reducing how long the data sits in the table is the more meaningful protection.

8. Your rights

Under UK GDPR and the Data Protection Act 2018, you have the following rights:

  • Right of access (Art. 15): Request a copy of all data we hold about you. Use the “Download My Data” button in your account settings.
  • Right to rectification (Art. 16): Update your account information at any time, or contact us to correct any inaccuracies.
  • Right to erasure (Art. 17): Delete your user account from your account settings. If you are the only member of a school account, the school and its audit data are deleted with your account. If other members remain, your membership is removed and shared school records may remain available to those members. If you submitted the AI readiness quiz without creating an account, request deletion of that record at /quiz/erasure — we email a confirmation link (24-hour expiry) and delete the record only after you click it. Limited records may also be kept where required for legal, tax, security, or fraud-prevention reasons.
  • Right to data portability (Art. 20): Download your data in a structured, machine-readable JSON format from your account settings.
  • Right to restrict processing (Art. 18): Contact us to restrict how we process your data.
  • Right to withdraw consent: Where processing is based on consent (e.g. document text retention), withdraw consent at any time from your settings page with no impact on past processing.
  • Right to object (Art. 21): Object to processing based on legitimate interest by contacting us.

To exercise any of these rights, use the self-service tools in your account settings or send us a message.

9. Cookies & analytics

We use a single, strictly necessary authentication cookie to keep you signed in. This cookie:

  • Is HTTP-only (not accessible to JavaScript)
  • Is sent only over HTTPS in production
  • Contains only an encrypted session token — no personal data
  • Expires after 30 days of inactivity

We do not use advertising cookies, or any third-party tracking cookies. Because our cookie is strictly necessary for the service to function, consent is not required under UK PECR regulations, though we inform you of its use via our cookie banner.

9.1 Anonymous analytics

We use Umami, a self-hosted, open-source analytics tool, to collect anonymous pageview data. Umami:

  • Does not use cookies
  • Does not collect or store any personal data (no IP addresses, no fingerprints)
  • Runs entirely on our own servers in Germany (EU) — no data is sent to third parties
  • Complies with GDPR, PECR, and ePrivacy regulations without requiring consent

This data helps us understand which pages are visited and how users navigate the site, so we can improve the service. It cannot be used to identify individual users.

10. Children’s data

The AI Literacy Audit Tool is designed for use by school staff (teachers, leaders, and administrators), not by children. We do not knowingly create accounts for children. However, school documents may contain information about pupils. Where that happens, the information is processed as part of the uploaded document text for audit analysis and may be retained only if your school has enabled document text retention. Schools should remove or minimise pupil-identifying information before upload wherever practical.

11. Security

We protect your data with the following measures:

  • All connections encrypted with TLS (HTTPS enforced)
  • Passwords hashed with bcrypt (12 salt rounds)
  • Database hosted in a private network on EU servers
  • Bring-your-own AI API keys encrypted with AES-256-GCM
  • Rate limiting on authentication endpoints
  • Prompt injection detection on uploaded documents
  • AI prompt and response logs stored as hashes, not full text
  • Temporary upload text expiry and post-audit document index cleanup
  • HTTP-only secure session cookies
  • Stripe webhook signature verification

12. Changes to this policy

We may update this privacy policy from time to time. Material changes will be communicated via email to registered users. The “last updated” date at the top of this page indicates the most recent revision.

13. Complaints

If you are not satisfied with how we handle your data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s supervisory authority for data protection.

14. Contact

DEEP Education (trading name of DEEP Professional Ltd, company number 16052380)

For data protection enquiries, general questions, or to exercise any of your rights, please use our contact form or email us directly at education@deepprofessional.com.

← Back to home