Data Privacy & Student Records

Sapheos applies a privacy framework built on purpose limitation and technical safeguards, designed to minimise exposure to personal and academic data.

This matters most in dissertation, capstone, and internship-related evaluation, where submitted work may contain sensitive academic and personal data tied to final decisions.

Data is processed, not retained, by design.

• No data retention.
• No database construction.
• No model training on submitted work.

Applied Principles

• Controlled Hosting Environments: Services run in secured, access-controlled environments designed for institutional workloads and auditable operations.
• Data Minimisation: Only the data required to perform the requested analysis is processed, and processing is limited to the shortest operational window possible.
• Limited Retention by Default: Personal data and uploaded academic files are not retained longer than necessary for service execution and are deleted according to policy.
• No Model Training on Client Data: Data submitted through Sapheos tools is not used to train, fine-tune, or improve AI models.
• Institutional Rights Support: Our workflows are designed to support educational institutions in handling data access, correction, and deletion requests.

Privacy by Design for Australian Providers

Our controls are implemented using privacy by design principles and can be mapped to institutional obligations in Australia, including the Australian Privacy Act 1988, the Privacy (Enhancing Privacy Protection) Act 2012, and university-level data governance requirements.