Trust Staffroom with pupil data — built for UK schools from day one.
We designed Staffroom around real classroom safeguards: hashed identifiers, role-based access, and privacy-friendly analytics. Here's how we keep your pupils and staff protected.
Student hashing
Every student name is converted to a deterministic hash and alias (e.g. "Pupil-AB12CD34"). AI prompts never contain raw names.
Data retention
Schools can export or delete reports at any time. Backups are retained for 30 days in encrypted storage.
Analytics without cookies
We use Umami Analytics in anonymised, cookieless mode. No consent banner is required under UK GDPR/PECR.
Our approach to safeguarding data
Security is embedded in the product — from how we store data to how we plan future features.
Privacy-first architecture
Student first names are hashed and stored as aliases before ever contacting AI providers, so personally identifiable information never leaves your workspace.
Secure infrastructure
Staffroom runs on Vercel with encrypted PostgreSQL storage. Access is controlled with role-based permissions, audit trails, and automated backups.
Teacher-controlled access
Only the teachers and admins you invite can access a class. Memberships are synced with Clerk organisations so you stay in control of who can view pupil information.
Transparent reporting
We keep a clear data processing log, support subject access requests, and provide downloadable report exports for your own archiving.
Need something formal?
We provide signed Data Processing Agreements, full privacy policies, and Safeguarding statements on request.
Have safeguarding templates you already use? Send them over — we'll complete them within two working days.