Data Processing Agreement

This Agreement is between the subscribing school (the Controller) and Educator, operated by Ben Willis, a sole trader based in England (the Processor). The school determines the purposes and means of processing its students' and staff's personal data; Educator processes that data only to provide the service described below.

Educator processes personal data for the duration of the school's pilot or subscription. On expiry or termination, personal data is retained for 60 days to allow retrieval, then deleted in full.

• Authenticating users and managing accounts.
• Recording practice activity to drive the spaced-repetition algorithm.
• Aggregating progress for teacher dashboards, class reports and leaderboards.
• Sending service emails (homework notifications, digests).

Data subjects are the school's students and teaching staff. The data processed is: name, email address, year group, exam board, exam tier, practice activity (cards seen, correct/incorrect answers, timestamps), XP, streak count and equipped cosmetics. Educator does not process special category data, and student data is never used for advertising or sold.

• Process personal data only on the school's documented instructions.
• Ensure anyone with access to the data is bound by confidentiality.
• Implement the technical and organisational measures in section 8.
• Give 30 days' notice before engaging a new sub-processor, with the right to object.
• Assist with data-subject rights requests within 5 working days.
• Notify the school of a personal-data breach without undue delay, and within 24 hours of becoming aware where feasible.
• Delete or return all personal data at the end of the engagement (section 2).

• Establish a lawful basis for the processing and provide privacy notices to students and parents.
• Pass on any data-subject rights requests it receives promptly.
• Not instruct Educator to process data unlawfully.

Educator uses the following sub-processors. Several are hosted in the United States; those transfers are covered by the UK International Data Transfer Agreement (IDTA).

• Encryption at rest and TLS for all data in transit.
• Authentication delegated to Clerk, with industry-standard password hashing; student passwords are never visible to Educator staff.
• Least-privilege production credentials with periodic rotation.
• Changes are tested on an isolated preview environment before reaching production; production and test data are kept separate.
• Ongoing internal security review and testing; an independent external penetration test is planned, with results available to school DPOs on request once completed.

Educator will make available the information reasonably necessary to demonstrate compliance with this Agreement — including our Data Protection Impact Assessment and Record of Processing Activities, available to school DPOs on request — and will allow and contribute to audits conducted by the school or its appointed auditor, with reasonable notice and no more than once per year.

This Agreement is governed by the laws of England and Wales, and disputes are subject to the exclusive jurisdiction of the courts of England and Wales.

Questions about this Agreement, requests for a countersigned copy, or DPO documentation requests: support@educator-labs.com. Our ICO registration is in progress; the registration number will be published here once issued.