Most schools are using AI tools that break GDPR.
Find out if yours does — free.

Try EduSafe AI — Free Book a Discovery Call

Built for DPOs, IT managers, and senior leaders working under UK GDPR and the DfE 2026 framework.

The regulation is already here.
Most schools haven't caught up.

The DfE expects schools to have AI governance in place by end of 2026

The ICO requires a DPIA wherever AI processing of student data is likely to be high-risk — which covers most classroom and SEN use cases

68% of UK organisations have employees using unapproved AI tools (SAP / Oxford Economics, 2026) — schools are not exempt

One non-compliant vendor. One data breach. One ICO investigation.
The tools your teachers love may be the tools your DPO hasn't seen.

Check any AI tool in minutes — free.

Paste a vendor's privacy policy. Get a traffic-light verdict: compliant, conditional, or don't deploy. Covers UK GDPR, ICO Children's Code, EU AI Act, COPPA, and more.

🟡 AMBER — Conditional approval recommended

Data residency unclear — policy does not specify where EU student data is stored
Third-party sharing clause is broad — includes "affiliates and partners" without limitation
No explicit parental consent mechanism for users under 16

Recommended action: Request a Data Processing Agreement (DPA) from the vendor before approving for classroom use.

Type "full report" for complete structured analysis with evidence →

Try EduSafe AI Free →

3 free checks. No signup required.

Who we work with

The same compliance gap shows up across UK sectors handling sensitive data under AI adoption pressure.

Education

Schools & MATs

UK GDPR, ICO Children's Code, DfE 2026 governance framework. Shadow AI audits, DPO briefings, local-AI deployment.

Legal

Law firms

SRA AI guidance, client confidentiality, privilege. Vendor due-diligence and on-premise AI for matter-sensitive work.

Housing

Social housing

Housing Ombudsman AI governance, special-category tenant data, ICO DPIA "less risky alternatives" obligations.

Public sector

Local councils

ICO DPIA mandatory for most council AI use cases. Child protection, social care, benefits — designed for special-category data.

Health

NHS & care providers

Caldicott principles, NHS DSP Toolkit, patient confidentiality. Local AI deployments where cloud is incompatible.

Cross-sector

Any UK organisation

Shadow AI exposure, EU AI Act readiness, vendor governance. The principles travel — only the regulator changes.

Built by an educator, not a consultant.

25 years across education and industry. Head of Economics. MA in Open and Distance Education.

I've sat in the same meetings you're in — where AI tools get approved because nobody knew what questions to ask.

Insight Advisory UK exists to fix that.

Need more than a tool?

When a vendor privacy policy check isn't enough — we go deeper.

Tier 1

Know Where You Stand

from £3,000

Shadow AI audit, risk assessment, and a DPO-ready briefing. Understand your exposure before you commit to anything.

Tier 2

Get It Running

from £8,000

Pilot deployment across 1–3 schools, staff training for up to 20 people, and 90-day support.

Tier 3

Make It Standard Practice

from £25,000

Full trust-wide deployment, train-the-trainer programme, and a 12-month compliance retainer.

Book a Discovery Call →

Most schools are using AI tools that break GDPR.Find out if yours does — free.

The regulation is already here.Most schools haven't caught up.