Skip to main content
Polar Cloud
Courses By User Type
All Topics

Polar Cloud Data Protection & System Architecture

  • By Polar Cloud Academy
  • Published: Jun 15, 2025
  • Rating
    Average rating: 0 No reviews

Purpose of This Document

This document provides an overview of how the Polar Cloud platform processes, stores, and protects data when used in educational environments. It is intended to support data protection and compliance review by schools, districts, and data protection officers (DPOs) in the European Union.

The information below is provided to assist schools in assessing compliance with the General Data Protection Regulation (GDPR / DSGVO) prior to starting a trial or deploying the platform in production.

1. Platform Overview

Polar Cloud is a browser-based platform used by schools to manage 3D printers, digital design files, and print jobs in educational settings.

Users typically include students, teachers, and school administrators. The platform is accessed via a standard web browser on devices such as desktop computers, laptops, Chromebooks, or tablets. No username/password login is used; authentication is handled exclusively via approved identity providers.

In certain hardware configurations, optional local software components may be used to enable secure communication between the platform and specific printer models.

When using Bambu Lab printers, schools install the Polar3D for Bambu Lab agent on a local Windows device. This agent is distributed via the Microsoft App Store and is code signed and approved under Microsoft’s Extended Validation (EV) signing process. The agent facilitates authenticated communication between the local printer environment and the Polar Cloud platform and is limited in scope to printer connectivity functions only.

Installation of optional local components is not required for general platform access by students or teachers.

2. Categories of Data Processed

2.1 Personal Data

When used in schools, Polar Cloud processes the following categories of personal data:

  • User identification data (e.g. name as provided by the identity provider)

  • Email address

  • School affiliation and assigned role (e.g. student, teacher, administrator)

Personal data is processed solely for the purpose of providing access to the platform and enabling educational workflows.

Polar Cloud does not process the following categories of personal data:

  • Home or postal addresses

  • Phone numbers

  • Date of birth

  • Government-issued identifiers

  • Advertising or marketing profiles

  • Behavioral tracking outside the platform

2.2 Educational and Technical Data

The platform also processes non-personal or contextual data, including:

  • Digital design files uploaded by users (e.g. 3D models)

  • Print job metadata (e.g. submission time, printer assignment, job status)

  • Technical identifiers related to connected printers or devices

  • Platform usage data necessary for system operation, diagnostics, and support

3. Data Flow and Processing Description

Data processing within Polar Cloud follows a defined and limited flow:

  1. Users authenticate using OAuth 2.0 through approved identity providers (e.g. Google or Microsoft).

  2. Users interact with the platform through their web browser.

  3. Personal data, uploaded files, and job metadata are transmitted securely to Polar Cloud infrastructure.

  4. Data is stored and processed to support platform features such as file management, slicing, print job queuing, and permission-based access.

  5. Connected printers or local agents maintain authenticated, encrypted connections to the platform to receive job instructions and report status.

All slicing and print preparation is performed in the cloud. No slicing or print processing is performed locally on school devices.

4. Server Location, Jurisdiction, and International Data Transfer

Polar Cloud infrastructure is hosted on Amazon Web Services (AWS). Platform data is processed and stored in the United States.

Personal data processed by the platform is stored and processed in the United States.

To ensure an equivalent level of data protection for European users, Polar Cloud relies on the European Commission’s Standard Contractual Clauses (SCCs). These clauses are incorporated into the Polar Cloud Data Processing Agreement (DPA) and govern the transfer and processing of personal data from the European Union to the United States.

Polar Cloud does not sell, profile, or use personal data for advertising or marketing purposes.

5. Security Measures and Access Control

5.1 Encryption

Polar Cloud uses encryption to protect data:

  • All data transmitted between user devices, printers, agents, and servers is encrypted using TLS over HTTPS (port 443).

  • Data stored within platform infrastructure is encrypted at rest.

5.2 Access Control

Access to data is restricted through role-based permissions:

  • Users may only access data associated with their school or organization.

  • Students, teachers, and administrators have different permission levels.

  • Internal access by Polar Cloud personnel is restricted to authorized staff and limited to operational support and maintenance activities.

5.3 Operational Security

Operational security measures include:

  • Authentication and authorization controls

  • Logging and monitoring of system activity

  • Restriction of administrative access to essential personnel only

6. Data Retention, Deletion, and Account Lifecycle

Personal data is retained only for as long as necessary to provide the platform service.

When a user initiates account deletion, the platform presents a clear summary of the data associated with the account so the user or administrator is aware of what will be deleted before confirming the action.

Upon deletion:

  • User account data is removed from the active system

  • No long-term backups of deleted user data are retained

Schools may request deletion of student or user data at any time.

7. Data Processing Agreement (DPA)

Polar Cloud provides a Data Processing Agreement (DPA) suitable for use by European educational institutions.

Under the GDPR:
• The school or district acts as the Data Controller
• Polar Cloud acts as the Data Processor

The DPA incorporates the European Commission’s Standard Contractual Clauses (SCCs) to govern international data transfers and defines the scope, purpose, and safeguards of data processing.

The DPA is provided through an electronic signature workflow.

8. Technical Architecture and Local vs. Cloud Processing

Polar Cloud operates as a cloud-based platform.

  • School devices connect to the platform via a web browser over encrypted HTTPS connections.

  • Printers or local agents maintain authenticated WebSocket connections over port 443 (HTTPS).

  • Commands and status updates are sent and received through these encrypted channels.

All slicing and print preparation occurs in the cloud. No student data is processed locally on school devices beyond what is required for browser-based access.

9. Use in Educational Environments

Polar Cloud is designed specifically for use in educational settings and includes administrative controls appropriate for schools.

Schools maintain control over:

  • User account provisioning via identity providers

  • Assignment of roles and permissions

  • Printer access and job approval workflows

10. Contact for Data Protection and Compliance Inquiries

For questions related to data protection, GDPR / DSGVO compliance, or this document, schools may contact:

support@polar3d.com

Additional documentation can be provided upon request.