9ine GRC – Privacy

A Governance Risk and Compliance (GRC) platform enables you to manage the interrelated requirements that underpin privacy and safeguarding management in your school.

A specialist platform for schools

A specialist platform for schools

Operationalise the GDPR, LGPD, PDPA, PIPEDA, C-11 and many more providing intelligence, automation and flexible solutions to operationalise your privacy programme.

  • Accountability
  • Records of Processing / Data Mapping
  • DPIA / PIA
  • Data Breach Management
  • Vendor & Third Party Assessment
  • Transfer Impact Assessment
  • Child Rights Impact Assessment
  • Risk Management
  • Task Management
  • User Access Control
  • Training, Support & Research


Take responsibility for what you do with personal data by understanding the personal data you process, the technical and organisational measures required to manage your processing risks, evidencing your compliance with data processing principles.

Data Mapping

Data Inventory

Reduce the timeframe of your school’s compliance programme with automated assessment technology to pre-populate the data mapping of each school department, enabling a quick and efficient development of the school’s record of processing.


Records of Processing

A defined end-to-end process to initiate and evaluate assessments along a guided workflow. Link and map relationships between business processes, countries, and vendors to understand how information flows through your school. Analyse risks of processing to determine the need for DPIAs / PIAs.



Conduct Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs) to fully understand the data protection risks that may arise from processing activities carried out by the school.

Data Breach Management

Data Breach Management

Capture incident details quickly and confidently with a comprehensive investigation workflow to determine the impact and severity of a breach, and whether it is reportable to your data protection authority and affected individuals.

Vendor _ Third Party  Assessment

Vendor & Third Party Assessment

9ine Vendor Assessment, a purpose-built offering for third-party risk management helps schools identify, assess, analyse, mitigate, and monitor risks and performance across all third parties such as contractors, data processors, IT managed service providers, EdTech platforms and services.

Transfer Impact Assessment

Transfer Impact Assessment

9ine’s TIA, integrated within Vendor & third party assessment, allows you to document and evidence your review of the laws and practices of the country where the recipient of each data transfer is based, to determine whether these would prevent an equivalent level of protection for the transferred data to that provided in your country.

Child Rights  Impact Assessment-1

Child Rights Impact Assessment

Built-in Child Rights Impact Assessments ensure risks associated with safeguarding, profiling and automated decision making are considered before any new EdTech systems, software and platforms are used.

Risk Management

Risk Management

Centralise your privacy risks to prioritise risk mitigation and remediation efforts, gaining a comprehensive overview of your school’s privacy risk profile. Translate risk capture and review into action, through integrated task and project management, enabling effective accountability across the organisation in operationalising risk management. Guided risk based workflow across all privacy features enables risk to be front and centre of your privacy programme.

Task Management

Task Management

The principle of accountability requires you to evidence and demonstrate the technical and organisational measures taken to manage compliance. We have developed task management to support you and your organisation in demonstrating this requirement. Specifically, the task management functionality can help your school document when you assign responsibilities and ownership to individuals to develop and implement technical and organisational measures. This module of the App will also aid your organisation in increasing transparency and accountability.

User Access Control

User Access Control

Advanced access control features gives administrative control over user access for each feature and processing area. Users only have access to compliance areas that are relevant to them, maintaining data confidentiality between functions/departments and supporting scalability in optimising the user experience for large numbers of users. Controlling permissions enables you to minimise mistakes and manage quality assurance of review and approval.

Training, Support _ Research

Training, Support & Research

The App has been designed as an all-in-one compliance and training resource. Training videos are included and cover all aspects of data privacy and protection. There are introductory videos, feature videos and technical training videos. Recorded webinars are also available on-demand along with curated web links to education-relevant news and information.

Stay up to date with the latest education privacy news from our experts in the field through the App. Gather insights through our in-house magazine ‘Education Privacy’ from practitioners in schools, EdTech leaders and other authorities on experiences, developments, accreditation changes and case studies. Research notes, bulletins and compliance comparison charts are regularly published and in addition to country-specific education privacy handbooks.