AI Data Privacy and Security
The first question every IT admin asks about AI in education is: where does student data go? With OpenEduCat, the answer is straightforward, it goes where you tell it to go, and nowhere else. On-premise deployment means data never leaves your servers. Cloud deployment means data flows directly to your chosen AI provider using your API key. OpenEduCat is never in the data path.
Security by Architecture
Privacy is not a feature, it is the default deployment model.
Data Residency
On-premise deployment means student data never leaves your campus network. With cloud deployment, data flows directly from your instance to your chosen AI provider, OpenEduCat is never in the data path.
End-to-End Encryption
AES-256 encryption at rest for all stored data. TLS 1.3 in transit for all API calls. Encryption keys are managed by your institution, not OpenEduCat.
Zero Data Retention
AI model calls do not store prompts or responses by default. When using your own API key with OpenAI, Anthropic, or Google, you are bound by their data retention policies, which you can configure to zero retention via their enterprise agreements.
BYOM: Your Key, Your Data
Bring your own API key for OpenAI, Anthropic, or Google. OpenEduCat never sees your key in plaintext, it is stored encrypted. AI interactions go directly from your instance to the model provider.
Full Audit Logs
Every AI interaction is logged with user ID, timestamp, tool used, and input type (text, document, image). Audit logs are queryable by admins and exportable for compliance reviews.
Annual Penetration Testing
OpenEduCat undergoes annual third-party penetration testing of the AI integration layer, API endpoints, and admin interfaces. Results are available to enterprise customers under NDA.
Regulatory Compliance
Designed for institutions in the US, EU, and Asia.
Student education records are protected. On-premise deployment ensures records never leave institutional control. FERPA compliance documentation available on request.
Data processing agreements available. Right to erasure supported. Data residency controls ensure EU data stays in EU-hosted infrastructure.
Personal data protection compliance for institutions in South and Southeast Asia. Consent management and data subject rights supported.
AI tools for students under 13 require institutional consent flows. Parental consent management is built into the student account creation workflow.
On-Premise vs Cloud: Data Flow
Choose the deployment model that matches your data governance requirements.
On-Premise
Maximum privacy, data never leaves your network
- OpenEduCat runs on your servers
- AI model runs locally (Llama 3, Mistral)
- Zero outbound data for AI interactions
- Full control over model and data
- No dependency on external AI provider uptime
- Meets the strictest data sovereignty requirements
Cloud (SaaS)
Managed infrastructure, data goes only to your AI provider
- OpenEduCat hosted on managed cloud infrastructure
- AI calls go directly to OpenAI/Anthropic/Google with your key
- OpenEduCat is not in the AI data path
- Governed by your AI provider agreement
- Zero-retention enterprise agreements available with providers
- Suitable for most FERPA and GDPR use cases
Security and Privacy FAQs
Common questions from IT admins and compliance officers about OpenEduCat AI data practices.
Ready to Transform Your AI Security?
See how OpenEduCat frees up time so every student gets the attention they deserve.
Try it free for 15 days. No credit card required.