Under GDPR, ChatTutor follows the principles of data minimization, purpose limitation, and transparency.

Only data necessary for educational use is processed, and it is used solely to support learning and teaching activities defined by the institution.

Personal data can be accessed, corrected, or deleted in accordance with user rights, and institutions maintain clear control over retention policies and data flows.

Strong technical and organizational safeguards—such as secure storage, controlled access, and auditability - ensure that personal information is protected against misuse or unauthorized exposure.

In alignment with FERPA, ChatTutor treats student data as protected educational records that remain under the authority of the educational institution.

Student interactions are not repurposed for advertising, profiling, or unrelated commercial use.

Access to identifiable learning data is role-based and limited to authorized educators and administrators, ensuring that only those with a legitimate educational interest can view or analyze student-level information. This preserves confidentiality while still enabling teachers to gain insight into learning progress and challenges.

With regard to the EU AI Act, ChatTutor is built to support lawful, transparent, and accountable use of AI in education, which is classified as a high-impact context requiring particular care.

The system emphasizes human oversight by design: educators decide how and when AI is used, what role it plays in learning activities, and how outputs are interpreted.

AI interactions are observable and reviewable, making it possible to detect errors, biases, or hallucinations and correct them within the learning process.

This transparency supports both pedagogical goals and regulatory expectations around explainability and risk management.

Together, these compliance measures ensure that ChatTutor supports responsible AI adoption in education.

Institutions gain a platform that respects student privacy, aligns with international legal frameworks, and enables ethical and transparent use of generative AI.

This allows educators to focus on teaching and learning, confident that their use of AI is not only innovative, but also legally sound, trustworthy, and future-ready.