Gatkul Trust
Data security
Effective May 2026
Institutions trust us with operational records about learners, staff, finance, and operations. This document summarizes the controls we design around — not marketing guarantees.
Scope
This page describes how Gatkul Apps protects data stored in and transmitted through our products and marketing properties. For EduOS-specific security posture language, see also our Security overview.
Encryption
Data in transit is protected using TLS. Sensitive credentials and secrets are not stored in plain text. Workspace backups and snapshots are encrypted at rest as part of our continuity design.
Tenant isolation
Each institution operates in a logically separated workspace. Cross-tenant data access is prohibited by platform policy and enforced through application and infrastructure controls.
Access control
Role-based permissions govern who can view, edit, or administer records inside a workspace. Primary administrative roles receive additional protection against accidental destructive changes.
Backups & recovery
We maintain backup and snapshot workflows intended for restore drills — not checkbox compliance. Recovery objectives vary by plan and deployment model; enterprise customers may negotiate specific RPO/RTO targets.
Subprocessors & data location
Infrastructure and tooling providers are selected with security review. Data residency requirements for sovereign or on-premise deployments are addressed during sales and implementation — contact us before assuming a default region.
Incident response
We maintain internal procedures for detecting, containing, and notifying affected parties of security incidents according to contractual obligations and applicable law. Report suspected vulnerabilities responsibly to hello@gatkul.app.