GDPR & Data Protection Commitment

Last updated: March 2026

1. Our Commitment to GDPR

Enrollyca is built with privacy in mind. We operate primarily within the European Union and fully comply with the General Data Protection Regulation (GDPR). We ensure that your language school has the right tools to handle student enrollments securely and legally.

2. Core Privacy Principles

Our platform is designed around the foundational principles of the GDPR:

• Data Minimization: We only collect the data necessary to provide our enrollment and administrative services.
• Purpose Limitation: We process data strictly for the purposes it was collected—facilitating your school's bookings and internal management.
• Confidentiality and Integrity: Data is hosted securely, using encryption in transit and at rest to prevent unauthorized access.

3. Data Processing Agreement (DPA)

Because you are the Data Controller of your students' information, and Enrollyca is the Data Processor, we require a legal framework to handle your data. We offer a standard Data Processing Agreement (DPA) that outlines our obligations to you, ensuring your school remains compliant. You can request a signed DPA copy via support.

4. Empowering Data Subject Rights

Under the GDPR, your students (Data Subjects) have specific rights regarding their personal information (such as the right to access, rectify, or erase their data). The Enrollyca dashboard equips you with the tools to fulfill these requests promptly. If a student contacts us directly regarding data you control, we will route their request directly to you.

5. Contact Information

For GDPR inquiries, DPA requests, or any questions regarding data security, please contact our team at: [email protected]