Your school data is safe with us.
Student data is sacred. We've built EduMyles from the ground up with security, privacy, and compliance at every layer.
Security at every layer
End-to-End Encryption
All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Student records, fee data, and communications are never stored in plain text.
School Data Isolation
Strict multi-tenant architecture. Each school's data is completely isolated โ no school can ever access another school's information.
Role-Based Access
14 granular user roles. Every user sees only what they need. Principals see everything; students see only their own records.
Security Controls
Security, availability, and confidentiality controls are reviewed as part of our operating process.
Kenya Data Protection Act
Fully compliant with Kenya's Data Protection Act 2019. We process student data only for legitimate school management purposes.
Data Rights Workflows
For schools with international families, we support data access, deletion, and export workflows where required.
How We Handle Your Data
Where is data stored?
All data is stored on servers in the EU (Frankfurt) with automatic backups to a secondary region. Kenyan-primary-data residency option available for Enterprise.
Who can access school data?
Only your school's users (based on roles you assign) and EduMyles engineers under strict need-to-know access controls. We never sell or share data with third parties.
How long is data retained?
Active school data is retained indefinitely while your subscription is active. After cancellation, data is retained for 90 days and then securely deleted on request.
Can we export our data?
Yes. You can export all your school data at any time in CSV or JSON format โ no lock-in, no exit fees.
Found a vulnerability?
We have a responsible disclosure programme. Security researchers who report issues in good faith are protected and acknowledged.
Email: security@edumyles.com
Report a security issue โ