top of page

Data Protection & GDPR

What is GDPR?


On May 25th 2018, the General Data Protection Regulation (GDPR) (EU) 2016/679 came into force. The GDPR is a regulation in EU law on data protection and privacy for all individuals within the European Union. It is intended to unify the policies and strengthen the safety and security of all data held within an organisation.

This legislation replaced the Data Protection Act (DPA) and is considered the most significant data protection legislation of the last 20 years. There is a plethora of information about the new legislation available online. The Information Commissioner's Office (ICO) provides a good starting point with its Overview of GDPR.

Data Controllers and Data Processors


Learninet is the data controller of parent and pupil data uploaded and managed by parents directly onto the  Learninet.

How we comply with GDPR

  • Cloud Hosted

  • Data Managed

  • No Third PartiesWe do not share personal data with third parties.

  • Bank Level Encryption

    • We encrypt your data in Transit and At Rest using bank-grade 256-bit SSL.

  • Secure logins – Every user has secure logins with automatic logouts after periods of inactivity.

  • Permanent deletion of data – All users can make subject access and/or right-to-be-forgotten requests by contacting

  • Sanitised data – all pupil data is sanitised before use by internal staff for data analysis and machine learning.

bottom of page