This Data Processing Addendum (“DPA”) describes how Aula processes personal data on behalf of a School or educational organization in connection with the Service.
1. Roles
For purposes of applicable student privacy laws and data protection standards, the School is the data controller and Aula is a service provider / data processor acting on the School’s instructions.
2. Processing Purpose
Aula processes data solely to provide and support educational services, including course delivery, assignment workflows, grading/feedback, reporting, reliability, and support.
3. Security
Aula implements administrative, technical, and organizational safeguards appropriate to the nature of the data processed, including secure authentication and access controls.
4. Subprocessors
Aula may use trusted service providers to operate the Service (e.g., hosting, authentication, AI processing). Aula requires service providers to protect data and process it only for providing services to Aula.
5. Deletion
Course data is deleted when courses are removed. Verified deletion requests are honored within 30 days, unless retention is required by law.
6. Contact
Email: contact@theaula.com