Helping schools protect personal data

Let us guide you through the complexities of the GDPR and accompany you on your journey to compliance.

Take a look around Book a demo

Hubspot-Dashboard

When it comes to safeguarding the personal information you handle, data protection serves as your first line of defence. The 7 principles established by the Information Commissioners Office (ICO) should be the guiding force in how you approach processing personal data. These principles lie at the heart of the UK and EEA GDPR, capturing the essence of data protection regulations rather than imposing rigid rules. Adhering to these fundamental principles is crucial to establishing a robust data protection practice.

Hubspot-Dashboard

Smart KPIs and reporting

Effortlessly identify areas of vulnerability and implement the necessary steps to enhance them using our cutting-edge compliance monitoring and auditing tools. Seamlessly generate reports for a single school or multiple schools, enabling you to closely monitor progress in all aspects of compliance. Easily generate comprehensive annual reports for Governors, providing evidence of your efforts over the past 12 months and highlighting any necessary actions for improvement.

RoPA-Screen-23-1

Records of Processing Activity (RoPA)

Your RoPA plays a crucial role in complying with Article 30 of the GDPR, enabling you to demonstrate your thorough consideration of the risks associated with the data you process. Leveraging over 3,800 data maps as templates to construct your RoPA, along with an integrated DPIA tool to facilitate due diligence, the GDPRiS platform significantly expedites the process of creating and maintaining your RoPA.

RoPA-Screen-23

Data Protection Audits

Performing an internal audit for data protection is crucial in uncovering vulnerabilities and implementing suitable measures to enhance your compliance with various elements of the regulations, including Articles 25, 32, 39 and more. This proactive approach not only strengthens your ability to adhere to these guidelines but also serves as an effective means to monitor your ongoing commitment to compliance.

Incidents-23

Breach and Cyber Incident Logs

In today's ever-evolving digital world, it's almost inevitable that data breaches and cyber incidents will occur, even in the most meticulous organisations. These incidents bring with them significant responsibilities and practices that cannot be overlooked.

While the GDPR does not explicitly mandate the maintenance of an incident register, it is undoubtedly a vital control for information security and continuous improvement. That's precisely why GDPRiS provides this essential functionality, ensuring that organisations have the necessary tools to efficiently handle incidents with automatic countdown for breach reporting, respond appropriately, and gain valuable insights from them.

Information-Requestsv-23

Information Requests

Your organisation will undoubtedly receive various types of requests. Your Data Subjects may exercise their rights under GDPR by submitting a Subject Access Request, or the public may send Freedom of Information Requests. It is crucial for any organisation to handle these requests promptly and accurately. Failing to respond appropriately to Information Requests can only worsen an already tense situation.

GDPRiS offers a seamless solution by providing a comprehensive register that empowers you to effortlessly log and handle all incoming requests and complaints. This highly efficient system not only keeps you up-to-date with approaching deadlines but also provides valuable trends, such as patterns across the schools within a trust.

MAC-courses-screen

Document Storage and Training

One of the key factors for a successful data protection regime is to keep staff well-informed about policy decisions and provide continuous training on their responsibilities for data protection. With GDPRiS, you can ensure that your organisation remains compliant with data protection regulations while empowering staff with the necessary knowledge and skills to safeguard sensitive information.

What does GDPRiS help us achieve?

GDPRiS supports MATs in managing data protection compliance across all schools, providing tools for audits, risk assessments, and evidence tracking to meet GDPR requirements. The platform also support you in meeting the DfE Cyber Security Standard for Schools and Colleges

How does GDPRiS simplify compliance for MATs?

It offers a centralised dashboard for Trust-level oversight, enabling consistent policies, reporting, and monitoring across all academies without duplicating effort. Find out more

What training and support do you provide?

We offer onboarding sessions tailored to your requirements and timeline, CPD-accredited training for staff, and ongoing support via help desk, webinars, and resource libraries.

Does GDPRiS help with Subject Access Requests (SARs) and breaches?

Yes, it includes workflows for managing SARs, FOIs breach reporting, incident logs, and complaint management, ensuring timely and compliant responses.

Does GDPRiS help us build our RoPA?

Yes, GDPRiS provides over 4,500 pre-populated data maps for common education software suppliers, which significantly speeds up the process of creating and maintaining a RoPA as required by Article 30 of the GDPR.

Do you offer DPO Services?

Yes, we offer various levels of DPO services to suit your requirements. Find out more

What reporting is available for Trust leaders?

GDPRiS provides real-time dashboards, compliance scores, and downloadable reports for stakeholders and regulators.

How does GDPRiS handle data security?

The platform uses encrypted data storage, secure user authentication, and complies with UK data protection standards to safeguard sensitive information.

How much does GDPRiS cost for a MAT?

Pricing is based on the number and type of schools and requirements, we offer flexible packages to suit different Trust sizes and budgets.

Can GDPRiS integrate with our existing systems?

Yes, GDPRiS is designed to work alongside your current IT infrastructure and data management tools, ensuring minimal disruption during implementation.

GDPRiS has been a total game changer for us! It has made managing and tracking compliance across our MAT easier and more efficient.

DPO, Heart of Mercia Trust

We love working with GDPRiS. We couldn't deliver our service to over 300 schools without GDPRiS at the heart of what we offer.

Team Leader, Education Data Hub

Great service, all queries answered helpfully and promptly. Would recommend to anyone. Thank you

Headteacher, Lincolnshire

What would I do without you! The GDPRiS team are so pleasant and are always there to help.

School Business Manager, Warwickshire

Such a pleasure working with you. You truly understand what organisations must do to protect their data.

Leading Charity, Essex

It's great to work with a company that really understands what you need. GDPRiS has made us more effective and efficient when managing data protection across the maintained schools in Merton.

Schools DPO, London Borough of Merton

Education Data HUb

Cantium

Nexus Protect

Data_Tools_for_Schools_Limited_2

Data Privacy Advisory Service

ClickOn IT London

London Borough of Merton

DR400dpiLogo

November 2025

Untitled design (2)

11 November, 2025

BRILLIANT 2025, Liverpool

Where Educators meet Industry and Technology to create a BRILLIANT future. Meet our team

Find out more

Untitled design

25 November, 2025

MATPN South, Heathrow

MATPN is a two-day learning and networking event which brings together the most inspirational leaders and transformational suppliers in the MAT sector to share cutting-edge insight, knowledge and experience.

Find out more

Untitled design (4)

26 November, 2026

Optimus MATs Summit 2025

The flagship summit for MATs. Connect, share best practice and strengthen your trust strategy with impactful collaboration, innovation and learning.

Fin out more