top of page

EdXP Data & Privacy Policy

At EdXP, safeguarding the privacy and security of our users’ personal data is paramount. We adhere to international standards, including but not limited to the General Data Protection Regulation (GDPR), to ensure the protection of user information. Our Data and Privacy Policy outlines the following:

  1. Data Collection and Processing: We only collect personal data from our users that is necessary for providing our services. This may include information such as name, email address, school affiliation, and academic progress data.

  2. Lawful Basis for Processing: All data processing activities are conducted lawfully, with explicit consent obtained from users before processing their personal data. Data processing is deemed necessary for the performance of our services.

  3. Data Security: We employ robust technical and organizational measures to ensure the security of our users’ personal data. This includes encryption, access controls, and regular security audits to identify and address any vulnerabilities.

  4. Data Retention: We only retain personal data for as long as necessary to fulfill the purposes for which it was collected, or as required by law. Once data is no longer needed, it is securely deleted or anonymized to prevent unauthorized access.

  5. User Rights: We respect the rights of our users as outlined in international standards, including the right to access, rectify, or erase their personal data. Users can exercise these rights by contacting us at

  6. Data Transfer: We may transfer personal data to third-party service providers or affiliates who assist us in delivering our services. Any such transfers are conducted in compliance with international standards, including the use of standard contractual clauses or other appropriate safeguards.

  7. Data Breach Response: In the event of a data breach, we have procedures in place to promptly assess and mitigate the impact of the breach, as well as to notify affected users and relevant authorities as required by law.

  8. Privacy by Design: We incorporate privacy considerations into the design and development of our products and services, ensuring that data protection principles are embedded throughout the lifecycle of our systems.

  9. Training and Awareness: We provide regular training to our employees on data protection best practices to ensure ongoing awareness and understanding of their responsibilities.

  10. Compliance Monitoring and Review: We conduct regular reviews of our data processing activities to ensure ongoing compliance with international standards. This includes periodic audits and assessments of our policies, procedures, and technical controls.

  11. Cookies: We use cookies to enhance user experience and collect information about website usage. Users can manage cookie preferences through their browser settings.

  12. Third-Party Disclosure: We do not sell or lease personal information to third parties without user consent, except as required by law or to facilitate service delivery. We may share aggregated, non-personally identifiable information with third-party analytics and advertising partners.

By adhering to these policies and procedures, we demonstrate our commitment to protecting the privacy and rights of our users in accordance with international standards. For any questions or concerns regarding our Data and Privacy Policy, please contact us at

bottom of page