Nurture is the AI Teaching Assistant. Find our security and data protection documents and measures here.
Our policies and data protection commitments
The legal documents that set out how schools and users engage with Nurture, and how we protect personal data.
Terms of Use
The terms that govern how schools and users access and use the Nurture platform.
Privacy Policy
How we collect, use, store and protect personal data across the Nurture platform.
GDPR & DPA
Our approach to GDPR compliance and the Data Protection Agreement available to schools.
Read each document: Terms of Use · Privacy Policy · GDPR & DPA
Security built into how we work
Security and data protection are embedded across our platform, processes and people. Every measure below is backed by a published policy.
- GDPR-aligned data processing, with a Data Protection Agreement available to every school
- A published Information Security Policy protecting the confidentiality, integrity and availability of data
- Secure Software Development Lifecycle (SSDLC), with security built into how the platform is designed and built
- A transparent list of third-party suppliers and sub-processors involved in delivering the service
- Incident Response and AI Incident Response plans for prompt detection, containment and communication
- Patch management against agreed standards to keep systems current and protected
- A Disaster Recovery Plan to restore service and recover data after major disruption
- Clear Terms of Use, Privacy Policy and GDPR documentation available to schools
Security documentation
Our security policies, processes and sub-processor list are available to review in full. These documents open in a new tab.
List of Third Party Suppliers
The sub-processors and third-party suppliers we rely on to deliver the Nurture service.
Information Security Policy
The policies and controls that protect the confidentiality, integrity and availability of data.
Incident Response Plan
How we detect, respond to, contain and communicate security incidents.
AI Incident Response Plan
Our dedicated process for identifying and responding to incidents involving our AI systems.
Disaster Recovery Plan
How we restore service and recover data in the event of a major disruption.
Patch Management & Standards Process
How we keep systems up to date and apply security patches against agreed standards.
Secure Software Development Lifecycle (SSDLC) Process
How security is built into every stage of how we design, build and ship the Nurture platform.
Open each document (these open in a new tab):
- List of Third Party Suppliers
- Information Security Policy
- Incident Response Plan
- AI Incident Response Plan
- Disaster Recovery Plan
- Patch Management & Standards Process
- Secure Software Development Lifecycle (SSDLC) Process
Questions about data protection or where your data is stored?
We work closely with schools, Multi-Academy Trusts and data protection officers to meet their security and compliance requirements. If you need our Data Protection Agreement, details of our sub-processors, or information about where and how your data is stored, our team is happy to help.
Contact our teamRead our GDPR & DPA
