Yes. Edvance is designed to meet the requirements of GDPR and the Data Protection Acts 1988–2018 as applicable to Irish schools.

Data controller and processor

Your school is the data controller for the personal data you manage through Edvance. Edvance acts as a data processor on your behalf, processing data only as instructed by your school and in accordance with the Data Processing Agreement (DPA).

Key compliance points

• Data Processing Agreement — a DPA is provided as part of your subscription and sets out the terms under which Edvance processes your school's data
• Data minimisation — Edvance collects only the data needed to provide the service
• EU data residency — all data is stored in EU/EEA infrastructure (see: Where is our school's data stored?)
• Retention — data retention periods are defined in the DPA; schools can request deletion at any time
• Breach notification — in the event of a data breach affecting your school's data, Edvance will notify you within 72 hours of becoming aware, in line with GDPR obligations

Requesting documents

To request a copy of our Data Processing Agreement or Privacy Policy, contact support@edvance.ie.