Security & Data Residency
School-hosted by design. Identifiable student data never leaves the school.
Last reviewed:
Where Halo runs
Halo deploys into the school’s own Microsoft tenant. The school picks the region. For Australian schools the entire application — including AI agent processing — runs within Australia. No identifiable student record ever transits Halo-administered infrastructure: by architecture, not by policy.
Deployment options
Every Halo deployment runs inside the school’s own environment. Schools choose who operates it:
- Self-managed. Your IT team deploys and operates Halo from our signed releases, on a single published reference architecture. Maximum sovereignty; your team holds every key.
- Operated for you. Halo — or a certified local partner — deploys and operates the same reference architecture inside your environment. Every operator action lands in your audit log, data never moves, and the school can revoke our access at any time with one click. Built for schools that want sovereignty without running infrastructure.
- System and diocese. One deployment in the system’s environment serves many schools, each in its own isolated workspace, under a single agreement.
Whichever option a school chooses, the architecture is identical and the data posture is the same: identifiable student records stay under the school’s direct control.
How identifiable student data is handled
Identifiable student records — names, dates of birth, grades, attendance, pastoral notes — live in the teacher’s browser (IndexedDB). They are not synced to Halo, our sub-processors, or any AI provider. When AI works with student records, it works with pseudonymous and aggregate data: shadow IDs, counts, distributions, and column names. The mapping between a real student and a shadow ID exists only on the signed-in teacher’s device.
One honest caveat: text a staff member types freely into a chat box is sent to the AI model as written. If a teacher types a student’s name into a question, that name reaches the model for the duration of that request — it is never stored on Halo’s servers, never used for training, and never appears in chat history, which keeps only the pseudonym. We coach staff to use pseudonyms in free-typed questions, and we are building an on-device de-identification layer that removes even this path.
AI model training on customer data
None. Every AI provider Halo uses is contracted with an explicit no-training-on-customer-data clause. Inference is ephemeral; provider-side logging is disabled where the provider supports the toggle. The full list of approved providers, regions, and DPA links is disclosed to enterprise customers under NDA.
Authentication and access control
School staff sign in with their school’s Microsoft Entra account. The school’s identity provider gates access; Halo does not store passwords or run a parallel identity system. Workspace access is scoped to the school’s email domain. Optional Google and Apple sign-in are gated by an explicit Halo super-admin allowlist — anyone outside that list is bounced to a “this workspace is private” page.
Australian residency and the Privacy Act
For Australian school deployments the entire application, including all AI agent execution, runs inside the school’s chosen Australian region. The school remains the data controller; Halo provides software, not a data warehouse. APP 11 obligations are satisfied by construction — identifiable records remain under the school’s direct control at all times.
Audit log of AI calls
Every AI call carries metadata that can be exported to the school’s data-protection officer: which agent ran, when, against whose pseudonym, with what input shape, and whether it succeeded. The audit surface is being staged for enterprise tenants now; the export endpoint is on the short-term roadmap.
Incident response and breach notification
Halo maintains an incident response runbook aligned to the Australian Notifiable Data Breaches scheme (72-hour reporting). Because Halo never holds identifiable student records server-side, most “data breach” scenarios at typical SaaS edtech vendors do not apply — a Halo-side compromise exposes Halo’s own telemetry, not student records. Customers receive the runbook on request.
ST4S, NSW Department of Education, Catholic systemic
Halo is preparing a submission to the Safer Technologies 4 Schools (ST4S) assessment — currently in the readiness phase. Halo’s license-to-host architecture is unusual in the ST4S submission set and is being mapped to the v2025.1 framework with v2026.1 AI Module readiness in parallel. Documentation available for school IT directors and procurement leads under NDA.
Contact
Security and privacy questions go to privacy@haloeducation.app. Enterprise customers receive the full security pack — sub-processor list, DPA template, IR runbook, AI risk register, retention schedule — as part of onboarding.