About Tru-Digital Protection
Data Protection for Education. Done Differently.
We're a forward-thinking data protection consultancy genuinely committed to supporting UK education. Our service is provided with ❤️ and plenty of ☕.
Schools and trusts across England and Wales trust us with their data protection. From single nurseries to 50-school Multi-Academy Trusts.
Why Schools Choose Us
Built by DPOs, For Schools
We're not general-purpose GDPR consultants who dabble in education. We're education data protection specialists who understand your world:
- Management Information Systems - SIMS, Arbor, Bromcom, ScholarPack
- Safeguarding platforms - CPOMS, My Concern, Safeguard
- Communication tools - ParentMail, SchoolComms, Arbor messaging
- Cloud systems - Google Workspace, Microsoft 365, SharePoint
- Assessment tools - Insight, Target Tracker, GL Assessment
We know your systems because we work with them every day.
Our Universal Policy System
Traditional approach: Download a generic template. Copy-paste your school name. Hope it's compliant. Update it... never.
Tru-Digital approach: Living policies that adapt to your institution.
How It Works
Our policies aren't static PDFs. They're intelligent documents that:
✓ Auto-customise based on your school type, size, phase, and systems
✓ Update automatically when legislation changes (no more annual rewrites)
✓ Dual format - Legal version for ICO compliance + plain-language companion for parents
✓ EAA compliant - Lexend typography, Grade 8-10 readability, accessible by design
✓ Version controlled - Full audit trail of every change
6 Core Policies
- Data Protection & FOI Policy - Your cornerstone document
- Privacy Notices - Staff, pupils, parents, governors, volunteers
- CCTV Policy - Surveillance-specific processing
- Special Category Data Policy - SEND, safeguarding, medical
- Retention Schedule - 50+ record categories with disposal timelines
- Acceptable Use Policy - Staff and pupil technology use
Every policy references your specific systems, processes, and context.
Leading on Accessibility
EAA Compliance Ahead of Schedule
Most schools face the June 2025 EAA deadline unprepared. We are ready and compliant.
Our Standards:
- Readability & Accessibility Standards → - Grade 8-10 plain language - Why We Use Lexend Deca → - Evidence-based typography
What this means for you: Policies your community can actually read and understand.
Traditional DPO vs Tru-Digital
| Aspect | Traditional DPO Service | Tru-Digital Protection |
|---|---|---|
| Policies | Generic templates | Auto-customised, living documents |
| Format | Dense legal PDFs | Legal + plain-language versions |
| Accessibility | Standard fonts, complex language | EAA compliant (ahead of 2025 deadline) |
| Updates | Annual review (if you're lucky) | Automatic legislative updates |
| Pricing | Day rates or fixed retainers | Transparent per-pupil pricing |
| Support | Reactive (when you ask) | Proactive (we tell you what's coming) |
| Systems knowledge | Generic GDPR guidance | Education-specific MIS/safeguarding expertise |
| Breach response | "Here's the ICO form" | Full containment-to-notification service |
| Training | PowerPoint death | Engaging, scenario-based learning |
Leading on EAA Compliance
The European Accessibility Act (EAA) 2025 requires accessible communications by June 2025.
Most schools aren't ready. We've been ready for 18 months.
What We Do
- Lexend Deca typography - Designed for readability, supports 20% of the population with reading difficulties
- Plain-language companions - Grade 8-10 readability for every policy
- Visual aids - Infographics, flowcharts, process diagrams
- Multi-format delivery - Word, PDF, web, print
- WCAG 2.1 AA compliance - Screen reader compatible, colour contrast tested
Why it matters: If parents can't understand your policies, you haven't met your transparency obligations.
Systems We Integrate With
Management Information Systems:
- SIMS (Capita)
- Arbor
- Bromcom
- ScholarPack
- iSAMS (independent schools)
Safeguarding & SEND:
- CPOMS
- My Concern
- Safeguard
- SEND.cloud
Communication:
- ParentMail
- SchoolComms
- Teachers2Parents
- Arbor Messaging
Cloud & Collaboration:
- Google Workspace for Education
- Microsoft 365 (including Purview)
- SharePoint
- OneDrive
Assessment & Tracking:
- Insight
- Target Tracker
- GL Assessment
- SISRA Analytics
Not seeing your system? We assess and document new systems as part of your DPIA process.
Our Approach
1. Pragmatic, Not Pedantic
We understand schools are resource-constrained. Our guidance is practical, defensible, and proportionate—not box-ticking compliance for its own sake.
2. Proactive, Not Reactive
We monitor legislative changes, ICO guidance, and case law. When something affects education, you hear from us before it becomes a problem.
3. Educational, Not Transactional
Every interaction is an opportunity to upskill your team. We don't hoard knowledge—we share it.
4. Transparent, Not Extractive
Per-pupil pricing means you know exactly what you'll pay. No surprise invoices, no hidden fees, no nickel-and-diming.
Real Results
Schools and trusts trust us with their data protection:
- Single form entry primaries (60 pupils)
- Large secondaries (1,800+ pupils)
- Multi-Academy Trusts (up to 50 schools)
- Special schools and PRUs
- Independent schools
- Nurseries and Early Years settings
Across every phase:
- Early Years & Foundation Stage
- Key Stage 1 & 2 (Primary)
- Key Stage 3 & 4 (Secondary)
- Post-16 (Sixth Form & Colleges)
In every context:
- Urban and rural
- High deprivation and affluent
- Mainstream and specialist
- Maintained, academy, and independent
If you serve children in England or Wales, we understand your data protection challenges.
Beyond Policies: Full DPO Service
Guidance Tier (£2.00/pupil):
- Named DPO representation
- ICO liaison
- Knowledge Base access
- Email support
Advisory Tier (£2.95/pupil):
- Everything in Guidance
- Pre-made policies & DPIAs
- 5 SAR redactions/year
- Breach management
- Online training
Comprehensive Tier (£3.95/pupil):
- Everything in Advisory
- Unlimited SAR redactions
- On-site training
- ROPA maintenance
- Single Central Register support
Meet Our Founder
This isn't just a business for us—it's a mission.
Our founder, Gareth Eynon, is a father of four (two with additional needs), a former school business manager, and someone who's personally navigated the EHCP process. He understands data protection from both sides of the desk.
Our Commitment
To schools:
We'll never sell your data, recommend unnecessary services, or prioritise profit over protecting children.
To pupils and families:
We'll ensure schools handle your data with dignity, confidentiality, and compliance—because that's what you deserve.
To the sector:
We'll advocate for sensible, proportionate data protection regulation that protects rights without paralysing schools.
Ready to Work Together?
Schools already trust us. Will yours be next?