Built to satisfy a data protection officer.
This is children's data, so privacy isn't a feature bolted on. It's the first thing that happens to every document.
Names are gone before any AI reads a word.
The original document, with the real details, stays on UK-hosted infrastructure on your side and is never sent out. Only the redacted copy — with placeholders like "Pupil 1" — is ever checked.
Redaction happens first
Microsoft Presidio removes every name, date of birth, address, postcode, UPN and NHS number before the document goes anywhere. You can review what was removed, and add anything it missed, before checking begins.
The AI never sees a real child
Only the redacted version reaches the checking model, and nothing is retained — the request runs under zero-data-retention terms. Real names are restored only on your side, so your report reads naturally.
Each SENCO sees only their own work
Row-level security keeps every document private to its owner. Sharing is always a deliberate choice — never a default — and only ever with approved staff at your own school.
Your school stays in control
Your school remains the data controller for its pupils' information. Nicosend — operated by Mr Computer EdTech Ltd (Company No. 17047745, registered in England & Wales) — acts as a data processor under a data processing agreement, and a Data Protection Impact Assessment is completed before any school is onboarded.
Everything is logged
Who viewed, shared, downloaded or deleted a document is recorded, so your data officer has a clear audit trail.
Questions from your data team?
We're happy to provide the data processing agreement, a DPIA template and our sub-processor list. Email privacy@nicosend.co.uk.