FairShare

Security & trust

Plain-language summary for IT, data protection, and procurement teams. Replace placeholders with your final vendor names, regions, and legal entity before publication.

Not legal advice. This page helps you start technical and contractual conversations. Your counsel and DPO confirm compliance for your institution.

What FairShare does

FairShare provides a web application for group projects: accounts, projects, tasks, documents, chat, notifications, and related analytics. Depending on your contract, we may act as a processor processing personal data on behalf of your school or university (the controller), or in other cases as a controller — your agreement and privacy assessment define the role.

Data locations & transfers

Document where your production database and application run (e.g. region of your Supabase project or cloud host). If personal data moves between the UK, EU, or other countries, describe the transfer mechanism (e.g. Standard Contractual Clauses, UK Addendum, adequacy decisions) in your DPA and privacy policy.

Subprocessors

Maintain a current list of vendors that process personal data on your behalf (hosting, database, authentication, email, analytics, AI if applicable). Link to their trust pages and notify customers of material changes per your DPA.

Security measures

Summarise controls appropriate to your deployment: encryption in transit (HTTPS), access control, least-privilege credentials, separation of environments (staging vs production), logging and alerting, vulnerability handling, and incident response including breach notification timelines in your customer agreement.

Retention & deletion

Define how long accounts and project data are kept, how leavers are handled, and how institutions request deletion at contract end. Implement export paths where promised.

UK GDPR

For UK institutions, address lawful basis, records of processing, DPIAs where required, children’s data if applicable, and cooperation with your DPO. ICO guidance applies to your organisation’s use of FairShare.

PDPL

Address lawful processing, cross-border transfers, and any registration or local representative requirements per current law and guidance. Your legal team interprets PDPL for your deployment.

Contact

Security questions: admin@fairsharework.space. Data protection: route through your institutional DPO as agreed in contract.

← Back to home