Back home
OMNIA Inclusion

Plain-English summary

How OMNIA keeps school data safe

Last reviewed
1 June 2026

The short, jargon-free version of our security, privacy, and data-retention documents. For the full legal detail, see the DPIA, Privacy policy, Data retention, and Security overview pages linked in the footer.

Who we are

OMNIA Inclusion Ltd is a UK company (registered in England & Wales, no. 17228173). We build software that helps schools support pupils with additional needs — SEND, EAL, safeguarding, and access arrangements.

Where your data lives

Your data sits in a secure database hosted in the UK / EU.

Every school is walled off from every other school. The database itself enforces it, and our application code re-checks the school on every read and write. A teacher at School A can never see a pupil at School B — even if there’s a bug in one layer, the other layer catches it.

For schools using Azure OpenAI BYOK (see “AI features” below), AI processing occurs in the Azure region selected by the school — which may be outside the UK and EU. The school is responsible for ensuring their chosen region meets their data residency requirements.

Who can see what

  • Class & subject teachers
    See only pupils at their own school, and only the information relevant to teaching — strategies, targets, provision they deliver. No compliance data, referrals, audit logs or EHCP admin.
  • Teaching assistants & LSAs
    See pupils they are assigned to support, including delivery sessions and progress logging. Same compliance restrictions as teachers.
  • SENCos & inclusion leads
    See everything for their school, and can export or erase a pupil's record when a parent makes a legal data request.
  • Administrators
    Manage staff and settings for their school.
  • External professionals
    See plan summaries and relevant targets only for pupils they are linked to. No admin, no compliance, no audit access.
  • Parents & pupils
    See nothing by default. They only ever see what a staff member has explicitly shared with them, via a one-time link plus a 4-digit PIN.
  • OMNIA staff
    Don't browse your data. Access is limited to a small number of engineers for support and incident response, and every access is logged.

How we protect logins

  • Email + password, or “Sign in with Google”.
  • Passwords are checked against the public database of known leaked passwords — if you try to reuse one, we ask you to pick another.
  • Admins and Ops users must use an authenticator app (two-step login) — a password alone is not enough.
  • You can sign out and revoke all your sessions at any time from Settings → Security.

How we protect links shared with parents & pupils

When a staff member shares a plan, parent-voice form, or pupil-voice form, we generate a unique link. That link:

  • 4-digit PIN
    Required to open the link.
  • 15-minute lockout
    After 5 wrong PIN attempts.
  • Auto-expires
    After a set time, and is automatically deleted after a year.
  • Revocable
    Staff can revoke a link at any time from the pupil's page.

The PIN and the link itself are stored as one-way “hashes” — even someone with full database access cannot read them back.

Audit trail (the receipts)

  • Every view, export, share, and edit is written to an audit log.
  • Logs cannot be edited or deleted from inside the app — not by teachers, not by admins, not even by us through normal channels. Only our backend (with a special key kept off the internet) can modify them, which means an attacker who steals a user’s login cannot cover their tracks.
  • Logs are kept for 2 years and are visible to your school’s SENCo / admin for inspector handover.

AI features

Some OMNIA features use AI — for example, to draft inclusion plans, suggest classroom strategies, or surface patterns in documented provision. OMNIA AI works in two modes depending on your school’s configuration.

Standard mode — OMNIA-managed AI

Before any text leaves our servers to be processed by an AI model, we strip personally identifying details: names, dates of birth, addresses, phone numbers, email addresses, and national ID numbers. The AI sees the substance (“the pupil shows difficulty with…”), not the identity. We use Anthropic’s Claude models as our standard AI provider. Anthropic does not use school data to train AI models.

Bring Your Own Key (BYOK) — Connected tier schools only

Schools that prefer to manage their own AI processing can connect their own Anthropic API key or Azure OpenAI deployment. When BYOK is enabled, AI processing runs entirely within the school’s own account with their chosen provider — not through OMNIA’s shared infrastructure. OMNIA is not an intermediary in that processing; the school’s data governance team has a direct relationship with their AI provider. Schools using Azure OpenAI can select a deployment region — including UAE North (Abu Dhabi) or UK South (London) — to meet data residency requirements. BYOK is documented in detail in our Data Processing Agreement.

For schools using Azure OpenAI BYOK, AI processing occurs in the Azure region selected by the school — which may be outside the UK and EU. The school is responsible for ensuring their chosen region meets their data residency requirements.

Specialist Support Prompts

OMNIA includes a feature called Specialist Support Prompts that reads the provision data your team has already documented — plan types, review cycles, strategy impact, progress ratings — and surfaces a professional prompt when a pattern suggests that specialist external involvement could usefully inform next steps. This feature reads only data that school staff have entered into OMNIA. It makes no clinical claims, suggests no diagnoses, and is never visible to parents or pupils. All prompt decisions are logged in the audit trail.

What we will never do

  • Sell your data, or share it with another school.
  • Use pupil data to train AI models.
  • Share data with advertisers or analytics brokers.
  • Email parents on a school's behalf without that school configuring and approving it.

Things we’re honest about (known limits)

We’d rather tell you than have you find out.

Scanned PDFs
Image-only PDFs (e.g. a photocopied EP report) are not read by AI. The staff member has to retype the key points.
Rate-limiting on shared links
Each link is rate-limited individually, but we don’t yet block someone trying many different link IDs from one IP address. We’re working on it; the PIN + lockout + expiry already make guessing impractical.
AI data retention
In standard mode, we don’t control how long our upstream AI provider (Anthropic) keeps de-identified text in its own logs, beyond what their contract with us guarantees. In BYOK mode, this is governed entirely by the school’s own agreement with their chosen AI provider (Anthropic or Microsoft Azure). OMNIA is not party to that relationship.

Your rights

You can ask us, at any time, to:

  • Show you a copy of the personal data we hold about you or your child (a “Subject Access Request”).
  • Correct information that’s wrong.
  • Delete your data (with some legal exceptions — e.g. we keep a minimum audit log even after deletion, because the law requires it).

To make any of these requests, email dpo@omnia-inclusion.com. For general privacy questions, email privacy@omnia-inclusion.com.

If you’re not happy with our response, you can complain to the UK Information Commissioner’s Office at ico.org.uk/make-a-complaint.

Incident plan

If something does go wrong (e.g. a link is leaked, an account is compromised), our playbook is in the “Breach notification SOP” document. In short:

  1. 1Contain — revoke sessions / links immediately.
  2. 2Notify the school's DPO within 24 hours.
  3. 3Notify the ICO within 72 hours where the law requires it.
  4. 4Write a public post-mortem.