How we protect student data across AfterSxtn.
AfterSxtn holds sensitive information about students aged 16–21, including academic and application data. We design our systems to minimise what we collect and to protect it at every stage.
Access to student data is restricted to staff who need it to operate the service, protected by multi-factor authentication and logged for audit. Provider accounts only ever see the applications submitted directly to them — never your full profile or activity on other listings.
AfterSxtn is hosted on UK/EU-based cloud infrastructure with regular automated backups, network isolation between environments, and continuous monitoring for anomalous activity.
In the unlikely event of a data breach affecting your personal data, we will notify affected users and, where required, the ICO within 72 hours of becoming aware, in line with UK GDPR obligations.
If you believe you've found a security issue, please report it responsibly to hello@aftersxtn.com — we investigate all reports promptly and won't take action against good-faith researchers.
See also our Privacy policy and Terms of service.
Last updated: 1 July 2026