Which Google Workspace for Education tier does my school have?

Check your Google Admin Console at admin.google.com — the subscription name is shown in the billing section. Most schools are on Education Fundamentals (free), with some on Education Standard or Education Plus depending on their procurement. The tier matters because key compliance and safeguarding features — including DLP, the Security Investigation Tool, and UK Data Residency — are only available on higher tiers.

What certifications does Google Workspace hold?

Google Workspace for Education maintains rigorous third-party certifications including ISO/IEC 27001 (Information Security Management), ISO/IEC 27701 (Privacy Information Management aligning with GDPR), and SOC 2/3 (independent audits verifying internal security controls).

Strategic Overview

Google Workspace Security & Compliance for School Leadership

Q: Is school data safe with Google AI tools?

Yes. Google Workspace for Education does not train on your data. Your data stays within your school environment. When staff or students use Gemini and other AI-powered features inside Google Workspace for Education, the same data governance, residency, and privacy controls apply in full. School data is never used to train Google's global AI models.

How Google Workspace for Education Plus supports MATs and schools in meeting UK GDPR, DfE standards, and ICO expectations — across governance, safeguarding, privacy by design, and independent certification.

01 Governance &02 Safeguarding &03 ICO Alignment 04 Independent Verification

01 — For DPOs and Trust Leaders

Governance & Data Sovereignty

Maintaining control over data location is a primary compliance pillar for any DPO or Trust Leader.

Data Residency

Google allows MATs to mandate that "data at rest" (Gmail, Drive, etc.) is stored within UK or European data centres, simplifying International Data Transfer Agreements (IDTAs).

Access Transparency

High-tier licensing provides near real-time logs if Google personnel ever access school data for support, ensuring a full audit trail for the ICO.

Centralised Management

Multi-school environments can be managed from a single "Super Admin" console, ensuring consistent security policies across an entire Trust.

02 — For Headteachers

Safeguarding & Threat Protection

Headteachers require assurance that the digital environment is shielded from external threats and internal leaks.

Advanced Investigation Tool

Allows IT leads to identify and "bulk-delete" malicious emails or sensitive files across the entire organisation instantly — a critical tool during safeguarding incidents or phishing attacks.

Context-Aware Access

Security policies can be set so that sensitive staff data (e.g., HR or Finance) can only be accessed from school-managed devices or specific UK IP addresses.

Security Health Analytics

A "Security Centre" dashboard provides a bird's-eye view of sharing external to the domain, highlighting potential data breaches before they escalate.

03 — ICO's Children's Code & GDPR

ICO Alignment & Privacy by Design

Google Workspace for Education is designed to align with the ICO's Children's Code (Age Appropriate Design Code).

Zero Ad-Targeting

Student data in core services (Classroom, Docs, Gmail) is never used for advertising or profiling.

Third-Party App Control

DPOs can centrally vet and "allow-list" third-party apps that use Google Sign-In, preventing students from inadvertently sharing data with unvetted platforms.

DLP (Data Loss Prevention)

Automated rules can be set to block the accidental sharing of sensitive identifiers (e.g., UPNs, National Insurance numbers, or Safeguarding terminology) outside the school's trusted network.

04 — External audits & Ofsted readiness

Independent Verification

To satisfy external audits and Ofsted's operational requirements, Google maintains rigorous third-party certifications.

ISO/IEC 27001

The gold standard for Information Security Management — independently audited and renewed annually.

ISO/IEC 27701

Specifically for Privacy Information Management, aligning with GDPR requirements and demonstrating accountability to regulators.

SOC 2/3

Independent audits verifying the effectiveness of Google's internal security controls — summaries available for DPO review.

A Note on AI Features

Important

AI features within Workspace are subject to the same enterprise-grade protections.

When staff or students use Gemini and other AI-powered features inside Google Workspace for Education, the same data governance, residency, and privacy controls described above apply in full. Critically, school data is never used to train Google's global AI models — your tenant's information stays within your tenancy, and AI outputs remain private to your organisation. This means schools can benefit from AI-assisted tools without compromising their GDPR obligations or creating new DPA burdens with Google.

Important Licensing Note

The advanced governance, safeguarding, and compliance features above — including Data Regions, Access Transparency, and the Security Investigation Tool — are exclusive to Education Plus. Schools on Fundamentals, Standard, or the Teaching & Learning Upgrade will have different levels of administrative control and security automation.

Security & Compliance Comparison

Feature	Fundamentals	Standard
Unified Admin Console
DLP (Data Loss Prevention)	—
Security Investigation Tool	—
Context-Aware Access	—
Security Center Dashboard	—
UK/EU Data Residency	—	—
Access Transparency Logs	—	—
Priority Support	—	—

Note for DPOs: While all tiers are built on a secure foundation, Education Plus provides the granular Data Residency and Access Transparency logs essential for demonstrating rigorous accountability to the ICO.

Want to know how your school measures up?

The School AI Readiness Diagnostic maps your current Google environment against these four pillars — and gives you a clear, prioritised action plan.

Book the AI Readiness Diagnostic Back to home