Minimal data scope
We collect only the wellbeing signal needed to monitor trends and support actions.
Data security and access control in ReflectMe
ReflectMe operates on a “minimum data, maximum control” model. School panels do not contain personal student data, and access to information is limited by role scope and the SAFE process.
Data minimisation
Controlled SAFE workflow
How we protect schools and students
A clear responsibility model: what the system stores, who has access, and how a response is triggered in urgent situations.
Least-privilege principle
Each role receives only the slice of data necessary for its responsibility.
SAFE process
An urgent signal follows a controlled path: detection, escalation, intervention, closure.
Role-based access model
This is the main product security mechanism: the right person sees the right data.
Student
Submits a check-in and sees their own history, with no access to other people’s data.
Allowed view
- mood check-in
- optional comment
- own daily / weekly trend
No access
- other students’ data
- class-level views
- SAFE intervention panel
Teacher
Class-level aggregate view: trend, activity, anonymous comments, and signals that require a response.
Allowed view
- class trend and activity
- anonymous signals
- SAFE statuses (operational)
No access
- personal student data
- visibility beyond assigned class scope
- administrative configuration
Psychologist / counsellor
Intervention role with access to the SAFE process and the context needed to take action.
Allowed view
- SAFE incidents and their status
- operational case history
- incident closure tools
No access
- unnecessary data beyond case scope
- school account administration
- personal data not needed for intervention
Principal
Strategic view: whole-school trend and operational indicators, without personal student data.
Allowed view
- school-wide aggregates
- SAFE workload status
- activity-level visibility
No access
- student comment content
- individual student-level data
- case workflows outside school policy
School admin
Responsible for accounts and configuration. Administrative permissions do not grant access beyond the operational scope.
Allowed view
- staff account management
- class and organisation settings
- technical implementation configuration
No access
- content beyond role policy
- SAFE specialist permissions without assignment
- student personal data in the panel
SAFE: a controlled response workflow
Every incident goes through the same auditable operational process.
- 1
Detection
The system marks a signal that requires specialist action.
- 2
Escalation
The case moves to the responsible role in the psychologist panel.
- 3
Intervention
The psychologist or counsellor carries out actions according to the school procedure.
- 4
Closure
The incident receives a final status and is stored in operational history.
Technical controls and architecture
Technology that protects the school at every stage.
Identity and accessroles, authorisation, and permission control
- role-based permissions and scope of duties
- system-side access control
- separation of operational views
Data protectionminimisation and privacy
- no personal student data in school panels
- storage of only operationally necessary data
- separation of product functions from identifying data
Operational integritySAFE handling and case statuses
- documented SAFE incident lifecycle
- case statuses and action history
- handover of responsibility between roles
Platform environmentinfrastructure and reliability
- student app + school panel + API
- data layer and application logic in one system
- ReflectMe servers run on modern, scalable infrastructure with high availability and security.
Formal transparency
Full formal transparency: key documents and operating principles are publicly available.
Privacy policy
Data scope, processing purposes, retention periods, controller/processor roles, and data subject rights.
Go to documentTerms of service
Platform usage rules, scope of responsibility, and school-side implementation conditions.
Go to documentWant to go through the security model step by step?
We will discuss data scope, roles, SAFE, and the technical implementation path for your school.
Contact us