Security & Compliance
Enterprise security
built in
Eduface helps institutions use AI feedback safely, following strict guidelines in privacy, and academic control.
🏫
University
📝
Student submits work
⚡
Eduface processes securely
SECURE
👩🏫
Teacher reviews
💬
Student receives feedback
Teacher-in-the-loop
Secure processing
No customer-data training
Institution-owned data
Privacy-first
Responsible AI
Responsible AI for education
AI in education needs more than GDPR. It needs transparency, human oversight, and educational alignment.
Human-in-the-loop
Teachers review and decide how feedback
is used.
Institutional control
Eduface supports institutional policies and
review processes.
Educational purpose
AI processing is limited to feedback and
related product functionality.
Context-aware feedback
Feedback can align with assignments,
rubrics, and teacher expectations.
Clear boundaries
Customer data is not used to train external
AI models.
Safe deployment
Designed to support responsible adoption
in education.
Transparency
How data moves through Eduface
01
Input
Student work is submitted.
Encrypted in transit
02
Securely processed in EU🇪🇺
Eduface runs fully on local instances in the Netherlands
Local hosting in NL (EU)
03
AI feedback
Feedback is generated within the context.
Trained only for education
04
Teacher layer
Educators review, adapt, and apply feedback.
Role-based access
05
Output
Feedback returns to the learning process.
under DPA terms
Our Commitments
Three things we guarantee
Your data stays yours
No training on your data
Teachers stay in control
AI that only assists. Educators keep the final decision.
Compliance Posture
Where we stand
DPIA
Data Protection Impact Assessment
Multiple completed
🇪🇺
EU GDPR
Tested & verified
🇬🇧
UK GDPR
Tested & verified
AIA
AI Impact Assessment
Multiple completed
SOC 2
SOC 2 Type II
In progress
Data Protection Impact
Assessment
Multiple completed
AI Impact Assessment
AI Impact Assessments completed for our core grading and
feedback models.
Multiple completed
🇪🇺
EU GDPR
Independently tested for GDPR compliance under EU data
protection regulation.
Tested & verified
🇬🇧
UK GDPR
Aligned with UK data protection requirements as set out by
the ICO.
Tested & verified
SOC 2 Type II
Currently in process. SOC 2 Type II audit underway with a certified
auditor.
In progress
Full documentation available to qualified institutional teams during procurement or due diligence review.
🇪🇺 EU AI Act
EU AI Act what this means for Eduface
Eduface is designed to align with the transparency and human oversight principles introduced by the EU AI Act.
1
AI is clearly identified
Users know when feedback is generated with AI
2
Output is distinguishable
AI-generated feedback can be recognised as such
3
Humans stay in control
Teachers review and decide how feedback is used
4
Institutions can review the system
Documentation and explanations are available during evaluation
The EU AI Act introduces transparency obligations for AI systems, including informing users when they interact with AI and ensuring AI-generated content is identifiable. Eduface is built with these obligations in mind.