Test Environment - Not for production use
Trust & Compliance

Built for schools that take data protection seriously

SENScribe uses end-to-end encryption and client-side PII redaction so student data never leaves the teacher's device in readable form. Here's everything your DPO needs.

How we protect student data

End-to-End Encryption

All Student Support Files are encrypted on the teacher's device using AES-256-GCM before reaching our servers. We hold only ciphertext we cannot decrypt.

Zero-Knowledge AI

Student names and diagnoses are redacted in the browser before transmission. The AI only sees anonymous placeholders - never real identities.

EU Data Residency

All data is stored in Azure North Europe (Ireland). AI processing uses the EU data zone. No student data leaves the European Economic Area.

Teacher-Held Keys

Decryption keys are derived from a data password only the teacher knows. SENScribe cannot access, read, or share student data - by design.

Compliance Documents

Everything your school's Data Protection Officer needs to evaluate SENScribe. Download, share with your principal, or forward to your board of management.

Privacy Policy

GDPR Art. 13/14

Full GDPR-compliant privacy policy covering data collection, processing, retention, and your rights.

Privacy Whitepaper

For Principals

Technical explainer for Principals and DPOs. Covers the zero-knowledge architecture in plain English with data flow diagrams.

Data Processing Agreement

GDPR Art. 28

School-facing DPA template ready for your DPO to review. Covers processor obligations, sub-processors, and breach notification.

Data Protection Impact Assessment

GDPR Art. 35

Pre-completed DPIA for SENScribe's encrypted sync service. Covers risks, mitigations, and residual risk assessment.

Terms of Service

Legal

Service terms, acceptable use, liability, and subscription conditions for SENScribe.

Cookie Policy

ePrivacy

Details on strictly necessary cookies (authentication) and optional analytics cookies with consent management.

Accessibility Statement

WCAG 2.2

Our commitment to WCAG 2.2 Level AA accessibility and inclusive design for all teachers.

Security Measures

Technical safeguards protecting your data at every layer.

AES-256-GCM encryption at rest (teacher-side)
TLS 1.2+ encryption in transit
Passwords hashed with scrypt
Azure Cosmos DB with server-side encryption
No student PII in server logs
30-day session expiry with secure cookies
Rate limiting on all endpoints
Automated dependency vulnerability scanning

Questions about compliance?

We're happy to speak with your DPO, Principal, or Board of Management about how SENScribe meets your school's data protection requirements.

Contact UsRead Whitepaper