Home //Education

Compliance in the Education sector

  • Digitize your GDPR and Anti-corruption compliance with a single platform
  • Implement multi-entity management tailored to the structure and size of your organization
  • Be fully prepared for government agency audits
  • Involve all stakeholders with a collaborative tool
  • Analyze your completeness rates and progress of actions in real time using our dashboard

Photo credits: Standret, Freepik

Class photo created by jcomp – fr.freepik.com
  • Use customizable workflows to speed up your processes
  • Set up alerts to notify internal and external stakeholders
  • Easily map your data and records
  • Manage information and documentation confidentiality
  • Prevent and manage personal data breaches

Class photo created by jcomp – fr.freepik.com
home-page - screenshot-logiciel-rgpd

DLD GDPR

#1 French software for GDPR compliance

With a simple approach and 360° vision, manage your company’s or administration’s personal data and protect them to ensure GDPR compliance.

Find out more
home-page-screenshot-logiciel-sapin-2

DLD Anti-corruption

The most comprehensive anti-corruption software on the market

Meet the recommendations of AFA, the French anti-corruption agency, using a single software program that combines all the pillars of the Sapin 2 anti-corruption law, starting with risk mapping, the core common to all the pillars.

Find out more
home-page - screenshot-logiciel-rgpd

DLD GDPR

#1 French software for GDPR compliance

With a simple approach and 360° vision, manage your company’s or administration’s personal data and protect them to ensure GDPR compliance.

Find out more
home-page-screenshot-logiciel-sapin-2

DLD Anti-corruption

The most comprehensive anti-corruption software on the market

Meet the recommendations of AFA, the French anti-corruption agency, using a single software program that combines all the pillars of the Sapin 2 anti-corruption law, starting with risk mapping, the core common to all the pillars.

Find out more

They use Data Legal Drive on a daily basis

“Data Legal Drive helps me each day to consolidate the list of processing activities of each legal entity in order to generate our record. It’s a very comprehensive tool that facilitates compliance.”

Pascale Bourcier

DPO

“We chose Data Legal Drive because the software is very easy to deploy and use. It helps guide us, which is fundamental for us because […] we seek to offer our clients maximum support.”

Florence Cann

Founder & Executive Manager

A few of our clients in the sector

Why choose Data Legal Drive?

SOVEREIGNTY

Choose a French company that hosts your data in France!

SECURITY

Use software that has undergone a security audit by an approved ANSSI partner.

PERSONALIZED GUIDANCE

Enjoy our unique, personalized customer support. Customer satisfaction: 98%

On the strength of its partnership with the leading French legal publisher Lefebvre Dalloz, Data Legal Drive has emerged as the most legally reliable and easily usable solution on the market today.

Developed using the latest innovative technologies, the platform combines intuitive ergonomics and legal expertise dedicated to the data governance of its customers.

SOVEREIGNTY

Choose a French company that hosts your data in France!

SECURITY

Use software that has undergone a security audit by an approved ANSSI partner.

PERSONALIZED GUIDANCE

Enjoy our unique, personalized customer support. Customer satisfaction: 98%

Data Legal Drive is…

+20000

SaaS users

+25

countries where the software is used

+98%

customer satisfaction

9

languages available

2

tools designed by specialized teams

+20000

SaaS users

+25

countries where the software is used

+98%

customer satisfaction

9

languages available

2

tools designed by specialized teams

Find out all about the Data Legal Drive platform!

Request a demo

GDPR & Education

The General Data Protection Regulation (GDPR) that became effective on May 25, 2018 has created a sea change in every sector of activity. The education sector is no exception to this rule: schools, both public and private, must comply with the GDPR. There are many issues involved, and with the health crisis, the education sector has experienced major changes to be viewed through the prism of the GDPR.

Maintaining GDPR compliance in schools

GDPR compliance in schools is ensured at the academic level: a DPO is appointed in each academy. Their job is to guide all the schools through their GDPR compliance program. The missions of a DPO in the academic world are the same as those of a DPO in a business: they must monitor GDPR compliance in the regional academy and maintain it over time. They must also work with all the actors in the sector so that they can comply and maintain a satisfactory GDPR rating. Academic DPOs work in close collaboration with the DPO at the ministry and present an annual report to the Rector of the Academy.

Each academy must manage each school that is a legal entity. The Data Legal Drive software offers a number of advantages in this context. It allows DPOs to manage several entities, to involve all the stakeholders in the compliance process, and to monitor training.

Class photo created by jcomp – fr.freepik.com

Close-up on data collected by schools

Schools collect personal data that may be sensitive data The main challenge is to make sure only essential data is collected, and to determine the purposes and retention times.

Data collected by the educational system concerns minors, so prior consent of the legal guardians must be obtained. The data is also considered sensitive data.

For statistical purposes, schools may request information on the profession and socioeconomic category of the legal guardians. However, there is nothing legitimate about collecting the marital status of a legal guardian, for example, or their social security number.

Sensitive data may also be collected: obviously, this data must be carefully managed. Proof that a child has had their mandatory vaccines is required to register in a school. Furthermore, additional information may be collected in certain cases, for instance if the child has disabilities, a special diet for health reasons, or special needs. This data must be processed as sensitive data, which means special processing.

In a subsequent phase, colleges and universities transmit data for university exchange programs or for campus activities such as social or athletic activities. The data exchanged between schools as part of university exchange programs is subject to cross-border flow regulations if sent outside the EU, and to the GDPR if exchanged within the EU.

For institutions of higher learning to operate properly, they must also collect and process data from all their personnel: faculty, subcontractors, special speakers, etc.

The purposes of the processing must therefore be clearly established, and retention times must be determined.

Fact: In 2021, Bocconi University was fined €200,000 for failing to provide a suitable legal basis, lack of loyalty and transparency, and failing to conduct impact assessments.

Photo credits: Pressfoto, Freepik

The educational system’s role in raising GDPR awareness

According to the French Convention on the integration of Personal Data Protection for digital applications in education, the educational system must “educate all students in digital issues and play a role in training and awareness.” The idea is to increase awareness of personal data protection and highlight potential risks relating to personal data. It is therefore crucial that faculty also be trained and aware.

In theory, from the age of 15, minors can consent to have their data processed. In practice, and according to the survey and public consultation conducted by the CNIL, young internet users increasingly use social media, have access to the internet at an increasingly young age, and only 46% of parents with children aged 8 to 17 have a way to monitor their children’s online activity.

Schools are often equipped with videosurveillance systems. Images are considered to be personal data and must therefore be handled just as carefully as other collected and processed data. Schools must also raise awareness on this issue.

Photo credits: Pressfoto, Freepik

The issue of digitizing the educational system

The educational system has undergone vast changes these past few years and the health crisis has accelerated the process: classroom digitization has accelerated at every educational level. On-line classes have become commonplace and are an integral part of the way schools are organized. Student attendance and grade and evaluation monitoring have been online for several years already. In addition, the educational system collects millions of student personal data items, in particular when students apply to specific programs or training. The systems used must be reliable to ensure optimum security for all data collected online.

Computer equipment such as tablets and PCs are now widely available to students. It is therefore crucial for the educational system to not only increase student awareness, but also to carefully manage user accesses. That’s why the French Ministry of Education and Youth has issued a list of recommendations. Among the recommendations is to use software developed by the Ministry of Education, to have students use nicknames, to protect their image rights, and to guarantee the security of the data collected through passwords and antivirus software.

Demander une démo