Are you GDPR compliant?

This article covers the compliance of GDPR and our policies on the protection of personal data.

Olivia avatar
Written by Olivia
Updated over a week ago

We understand the importance for schools to only use platforms that are compliant with the latest data protection regulations. You can read our privacy policies and compliance with the latest general data protection regulations (GDPR) in our Terms and conditions.


Because user privacy is critically important at Seneca, we do like to confirm a few important points in this article that your school's data protection officer might specifically ask for.

In most cases we’ll help your school to transfer personal data, which makes us a data processor. We’ll have legally binding agreements with the school regarding how we process your personal data. The school will be responsible for deciding how and when personal data is collected and used, and provide you with information on how it does so.

If you deal with us directly and we receive data from you, we’ll be responsible for deciding how and when your data is collected and used. In that case, we’ll be the data controller and our privacy policy will apply.

  • Data is stored securely within the European Union using 256bit AES encryption (more specifically in Dublin).

  • Personal information is not sold to any third parties.

  • We allow students to use Seneca anonymously without sharing any personal data if they wish.

  • Students can manage their personal data at any time using the settings page in their account.

  • Personal data is used only for the specified purposes of running Seneca. Student email, first name, last name, year group and school are collected from students.

  • Seneca uses some de-identified information for internal research and to know how our uses interact and use the platform.

  • We act as a ‘data controller’ – on behalf of students. We only act on students' behalf; all data belongs to the student.

  • Teachers can request access to a student's learning data from the student by inviting them to classes. 

  • A student can manage which teachers have access to their learning data. They can do this at any time in settings page for each of the classes they choose to join.

  • If a user does not login to their account for 6 years their account will be deleted and all personal data will be removed from our systems. 

  • A user can delete their account at any time by getting in contact via our web chat in the corner of this page. After receiving an account deletion request a users account and all personal data associated with it will be deleted within 30 days.

  • We are accredited by the UK Government-backed Cyber Essentials Accreditation

    We are registered with the Information Commisioner's Office, you can find details of this registration here.

Did this answer your question?