14 / 16
12
🔒 Technology & data protection
-
The systems differ significantly in hosting and data protection: Edumaps is designed for school use with a German server location. Kahoot! is a Norwegian provider (Kahoot! ASA, Oslo) that describes GDPR compliance, but customer and user data are stored at sub-processors located in Europe, Canada, and the USA, with international transfers based on the EU-U.S. Data Privacy Framework and standard contractual clauses.
-
Metric / feature Edumaps Kahoot! Provider focus School / teaching / educational organizations Game-based quizzes for schools, businesses, and consumers Company headquarters Germany-focused operation, EU-based Norway (Kahoot! ASA, Oslo) GDPR compliance ✔️ Yes (VIDIS approved) Provider states GDPR compliance; ISO 27001 certified, references SOC 2 Server / data location Germany Sub-processors in Europe, Canada, and the USA; transfers under DPF / SCCs Advertising None No third-party ads in school services per provider; consumer areas with marketing / upsells Participation without personal data ✔️ Yes, via sharing links ✔️ Yes, via PIN and nickname Suitable for personal student data ✔️ Designed for school use Recommended only after own data-protection review / DPA / configuration Security mechanisms ✔️ Content-Security-Policy
✔️ Strict-Transport-Security
✔️ X-Frame-Options
✔️ X-Content-Type-Options
✔️ Referrer-Policy
✔️ Permissions-Policy✔️ Content-Security-Policy
✔️ Strict-Transport-Security
✔️ X-Frame-Options
⛔ X-Content-Type-Options
⛔ Referrer-Policy
⛔ Permissions-Policy - The information on security mechanisms refers to publicly checkable HTTP security headers and may change depending on domain, app area, and date. You can check it, for example, with securityheaders.com: For Edumaps here. – For Kahoot! here.
-
⚙ a12