Get started with DidactLabs

Yes. All core service data for our European customers is stored and processed exclusively within the European Union.

• Primary Infrastructure: Our backend services and databases run on Google Cloud Platform (GCP) in the europe-west1 region (Belgium). All student writing, process data, and educator content are stored here.
• AI Processing: We use Google Vertex AI, and all AI processing for our European customers occurs within the europe-west1 region (Belgium). No data is sent outside the EU for AI analysis.
• Educator Authentication: We use Auth0 as a secure, third-party identity provider. Our Auth0 instance is hosted in their EU tenant (Germany).
• Sub-processors: We maintain a transparent list of our essential sub-processors. All providers handling core service data are located and process data within the EU. The only exception is for our public marketing website (not the app itself), where we use US-based services like HubSpot for contact forms, which are covered by the EU-U.S. Data Privacy Framework.

Absolutely not. This is a core pillar of our commitment to trust and privacy.

We are explicit in our policy: we will never use student work, writing process data, or AI prompts to train or fine-tune any third-party or proprietary AI models.

The AI assistant within DidactLabs uses the data 'in-context' only to provide an immediate response for that specific assignment. Our agreement with our AI provider (Google) contractually ensures that this data is not retained or used for their model training. Your data is your data, period.

We implement multiple layers of enterprise-grade security to protect your data against unauthorized access, alteration, or destruction.

• Encryption: All data is encrypted in transit using TLS 1.2+ and at rest using the AES-256 standard.
• Access Control: Internal access to user data is strictly limited to authorized personnel on a need-to-know basis for support and maintenance. This access is governed by the principle of least privilege, requires multi-factor authentication (MFA), and is logged and audited.
• Secure Infrastructure: We leverage the robust security architecture of Google Cloud Platform, which includes advanced network protection, intrusion detection, and physical security at its data centers.
• Incident Response Plan: We have a dedicated incident response team and a formal plan to swiftly contain any potential breach, mitigate damage, and notify affected users and authorities promptly, in line with GDPR requirements.
• Secure Development: We use separate environments for development, testing, and production to ensure that testing activities never impact live user data.

We support modern, secure authentication and integration standards to fit seamlessly into your school's IT ecosystem.

• Authentication & SSO: Educator accounts are managed by Auth0, a leading identity management platform. This allows for secure login via email/password or Single Sign-On (SSO) with existing Google or Microsoft accounts, which most institutions already use and trust.
• LMS Integration: Our School plan is LTI (Learning Tools Interoperability) compliant, the industry standard for integration. This allows DidactLabs to connect directly with all major Learning Management Systems (LMS) like Moodle, Google Classroom, Canvas, and Microsoft Teams, enabling a seamless workflow for creating assignments and viewing results.

We are committed to making the approval process as smooth as possible. We have prepared all necessary documentation to support your internal assessment.

Upon request we can provide a 'DPIA & Security Review Pack' which contains:

• A summary of data flows and processing activities.
• The location of all data processing and a list of our sub-processors.
• Details of our security and encryption measures.
• A copy of our Data Processing Agreement (DPA).
• A comprehensive Trust & Security FAQ.

Your IT team can review this pack, and our Data Protection Officer (dpo@didactlabs.com) is available to answer any further questions to help you complete your assessment efficiently.

Our entire platform is built on a 'privacy-by-design' foundation, fully compliant with GDPR. Here's how:

• Our Role: For student data (their writing and process analytics), we act as a Data Processor on behalf of the educator or institution, who is the Data Controller. We act as a Data Controller only for the educator account information (name, email) and the student's self-chosen nickname.
• Data Minimization: We collect the absolute minimum data required. Students do not create accounts or provide Personally Identifiable Information (PII); they only enter a nickname to identify their work for their teacher.
• Lawful Purpose: All data is processed for the sole purpose of providing the DidactLabs service to the educator and their students. We never build profiles, serve ads, or sell data.
• Student IP: The intellectual property of the content created by students remains with the student and/or their institution, as per the institution's policy. We claim no ownership over user-generated content.

For more information visit our Trust Centre.

We understand that AI usage permissions can vary between students. Here's how DidactLabs handles this:

• No AI Interaction = No AI Data: If a student chooses not to use the AI assistant during their assignment, no AI conversation data is collected or processed for that student. They can complete the entire assignment without ever opening the chat panel.

• Teacher Control: You can disable the AI assistant entirely for specific assignments if needed, ensuring no students have access to it for that task.

• School Plan Flexibility: Our School plan includes the ability to disable AI access for specific students while keeping it enabled for others in the same assignment. This allows you to respect individual permissions while maintaining a unified classroom experience.

If you need to manage AI permissions at the individual student level, please contact us about our School plan options.

The School plan is for departments, schools, or districts looking for a unified solution. It includes everything in the Teacher plan, plus seamless integration with your Learning Management System (LMS), school-wide analytics, and a dedicated account manager for training and support.

Yes. The School plan is built to be LTI (Learning Tools Interoperability) compliant, which is the industry standard for integration. This allows DidactLabs to connect directly with all major LMS platforms, enabling single sign-on and a seamless workflow for teachers and students.

The platform is designed to be multi-lingual. The user interface can be quickly translated, and the underlying AI assistant can be prompted to interact in virtually any language. Let us know your specific needs.

Our platform is model-agnostic, meaning we can integrate with various leading AI models. We currently use models from trusted, GDPR-compliant providers like Google. This flexibility allows us to choose the best-performing and most secure model for the task, and we can adapt to specific institutional requirements if needed.