Privacy notice for the Whispr EDU product

Whispr EDU is an independent product within the BackPR portfolio

Whispr EDU is one of multiple distinct product lines under the BackPR umbrella (backpr.com). Each Whispr product is built, run, and supported by a separate product team with its own roadmap, infrastructure scope, sub-processor list, retention practice, support flow, and contracts. The Whispr Compliance Italy product available at whispr.backpr.com is a sibling product under the same umbrella, with its own privacy materials. Communications, demonstrations, or commitments made in connection with any other BackPR product are not binding on Whispr EDU. References to "Whispr", "we", "us", or "our team" in this notice apply only to the Whispr EDU product and team unless explicitly stated.

What the product may hold

• Tenant configuration data (school or program name, building list, role configuration).
• Staff account data (administrator and reviewer identifiers and role assignments) for access to the administrative side.
• Report content as submitted by reporters, which may be anonymous or identified depending on the reporter's own choice and the customer's configuration.
• Operational metadata (submission timestamps, case identifiers, audit events, status transitions).
• Security signals required to maintain authentication context, protect against automated abuse, and operate the platform.
• Optional follow-up identifiers entered by reporters who choose to be contactable.

The exact data set depends entirely on how the customer configures the channel and what reporters voluntarily provide. Whispr does not require, encourage, or pre-populate personally identifying information about students or minors.

Why data is processed

Data is processed to: (i) operate the reporting channel and the administrative case-handling workflow; (ii) authenticate staff users and maintain session integrity; (iii) provide audit-related visibility to the customer organisation; (iv) maintain security, prevent abuse, and meet our own legal obligations; and (v) operate billing where billing functionality is used. We do not use reporter content to train, fine-tune, or evaluate any third-party machine-learning model. We do not sell, rent, or share reporter content with advertisers, brokers, or any third party for commercial profiling.

Controller and processor allocation

In standard deployments, the customer organisation acts as the data controller for reports collected through its configured channel. Whispr operates as the processor or service provider for the hosted platform functions. The customer decides the purpose, lawful basis, retention period, role assignments, escalation paths, and notification practice. Whispr does not adjudicate reports, does not investigate them, does not contact reporters on behalf of the school, and does not provide any safeguarding, mental-health, social, legal, or law-enforcement function. Any apparent appearance to the contrary is not a representation by Whispr.

Customer responsibility for safeguarding and minors' data

Whispr EDU is intended to be used by schools and youth programs as an intake channel. The customer is solely responsible for: (a) determining whether use of the product is lawful for its setting, jurisdiction, and reporter age group; (b) obtaining any consent required from parents, guardians, or competent authorities; (c) compliance with any local children-online or student-data law that applies to it (including but not limited to GDPR provisions for children's data, COPPA where applicable, FERPA where applicable, and any equivalent national or state framework); (d) safeguarding response and any clinical, social, or law-enforcement escalation; and (e) operating an emergency path that is separate from this product. Whispr makes no representation regarding the suitability of its product for any specific age, programme, jurisdiction, sector, or sensitive case category.

The sub-processors used by this product

Whispr EDU relies on a short, controlled set of sub-processors for hosting, transactional email, and billing where applicable. The current list is published on the subprocessors page and may change. Sub-processor selection is at our sole discretion. We use Italian/EU-based legal-entity sub-processors where reasonably available, but we make no warranty regarding the location of any given processing event.

Retention is configured by the customer

The customer organisation defines, in its own policy and contract, how long records are kept and when they are deleted. Whispr does not publish fixed retention periods on this page, and does not commit to any universal post-termination access window or automatic deletion timing outside what is set out in the signed agreement. Where local law imposes a different minimum or maximum retention period on the customer, the customer's own legal advisor controls.

EU-based stack with the right to evolve

The Whispr EDU product is hosted on infrastructure with EU-region capacity. Some sub-processors are headquartered outside the EU and may process metadata under standard contractual clauses or equivalent transfer safeguards. We reserve the right to change sub-processor footprint at our sole discretion in line with the signed agreement. No guarantee is made that any specific request will be processed in any specific geographic region.

Requests are routed through the controller

Where applicable law gives an individual rights of access, rectification, erasure, restriction, portability, or objection, the customer organisation (as controller) is the first point of contact. Whispr supports the customer in responding to verified requests under the terms of the signed agreement. Whispr does not adjudicate the merit of an individual request, does not decide whether erasure is lawful in the customer's setting, and does not take direct action against reports without the customer's instruction.

What this notice does not do

This notice does not: (i) create any contractual right or warranty; (ii) limit any right reserved by Whispr or BackPR under the signed agreement, the acceptable-use policy, or applicable law; (iii) replace the customer's own privacy notice to its reporters, parents, staff, or community; (iv) constitute legal, regulatory, safeguarding, clinical, educational, or any other professional advice. Where this notice and a signed agreement diverge, the signed agreement controls.