GDPR and Data Security

KlassPuls Pro is fully developed for the education sector and is fully compliant with GDPR.

Roles and responsibilities

• The school or governing body is the data controller and owns all data.

• Omerion Studios AB (KlassPuls Pro) acts as a data processor and processes data only according to the school’s instructions.

• No data is used for marketing, profiling, or sale.

Personal data processed

• Students’ names, class information, and their responses in sociometric surveys.

• Teachers’ names, email addresses, and their connection to classes.

• No personal identity numbers or sensitive personal data are collected.

Security

• All communication is encrypted (HTTPS/TLS), and data is encrypted at rest.

• Access control: only authorized accounts (teachers/admins) can log in and access their own classes.

• Separated environments: the teacher portal and administrative license management are kept separate.

• Deletion: data can be deleted or anonymized when the school’s license ends.

Legal assurance

• KlassPuls Pro always establishes a Data Processing Agreement (DPA) with each school or governing body.

• In case of a suspected incident, the school is notified without delay.

• Omerion Studios AB follows the principles of privacy, data minimization, and transparency in accordance with GDPR.