Your data is your business's most valuable asset.
Safe With Us
No PII required
The only information Learnosity requires for tracking a specific users interactions is a unique user_id. This does not need to bear any resemblance to their specific username or other Personally Identifiable Information (PII).
API Signature Authentication
All API requests to the Learnosity APIs are signed with the SHA-2 signature using which ensures that only valid requests are serviced and that they cannot be tampered with.
Multi-tiered security model
Our environments all operate in discreet private networks. Servers in these environments are also locally isolated into service groups that provide security between the different layers of the environment.
Encryption in transit and at rest
We provide HTTPS access to all of our services so that clients can security transport all data to our systems. Additionally, all our databases are encrypted at rest through the use of disk based encryption.
Secure Data Centres
All data is stored in AWS's highly secure data centers, which utilize state-of-the-art electronic surveillance, multi-factor access control systems, and a 24/7 onsite staff.
We know what the industry best practices are, and we follow them. More specifically we follow FERPA and COPPA data protection practices in US as well as the relevant EU and Australian data protection directives.
Reporting Security Vulnerabilities
Security is a top priority at Learnosity, and if you believe that you have found a security vulnerability on any of our sites or APIs, we encourage you to let us know straight away at firstname.lastname@example.org.
We will investigate all legitimate reports and do our best to quickly fix the problem. As long as you make a good-faith effort to avoid privacy violations and destructive exploitation of the vulnerability, we will not pursue legal action.