Security you can trust
Protecting student and school data with industry-leading security practices and privacy-first design.
Data Protection
Data Encryption
All data encrypted in transit with HTTPS/TLS and at rest with industry-standard encryption
Role-Based Access Control
Granular permissions ensuring teachers, parents, and students only access what they need
Secure Data Storage
Student and school data stored securely with encrypted backups and regular security audits
Principle of Least Privilege
Minimal access rights for all system components and user roles
Activity Logging
Track user activity and system events for security monitoring and compliance
Secure Authentication
Multi-factor authentication options and secure password policies to protect accounts
Compliance & Privacy
Privacy by Design
Built from the ground up with privacy principles in mind. We collect only what's necessary for educational purposes and give you complete control over your data.
- Minimal data collection
- Transparent data practices
- User-controlled data retention
School Requirements
Supporting schools with compliance tools and features that help meet educational privacy requirements.
- Data export capabilities
- Comprehensive audit trails
- Parental transparency tools
Ongoing Security
- Regular security assessments and updates
- Automated backup and disaster recovery
- 24/7 monitoring and incident response
Security Standards & Compliance
Meeting the highest security and compliance standards
FERPA
Student Educational Records Protection
Hover for details
FERPA
Protects student educational records. Parents and students control access to their records.
Supabase role-based access controls ensure only assigned teachers and authorized admins can view student records. Parents access their children's data through a secure, separate portal.
COPPA
Children's Online Privacy Protection
Hover for details
COPPA
Protects children under 13 online. Requires parental consent for data collection.
All student accounts require parent or administrator setup. We collect only essential educational data. Parents can review and request deletion of their child's data at any time.
GDPR
European Data Privacy Rights
Hover for details
GDPR
Gives individuals control over their personal data.
Supabase provides GDPR-compliant infrastructure. Users can request data exports and deletions. All data is encrypted, and we maintain transparent privacy policies.
Data Encryption
All Data Encrypted
Hover for details
Data Encryption
All data encrypted in transit and at rest.
Supabase provides AES-256 encryption at rest and TLS encryption in transit. All API calls use HTTPS, database connections are encrypted, and access tokens are encrypted at the application level.
Secure Payments
PCI Compliant Payment Processing
Hover for details
Secure Payments
Credit card data handled safely. We never store card numbers.
We use Stripe (PCI DSS Level 1 certified) for all payments. Card numbers never touch our servers - they go directly to Stripe. We only store payment method tokens for recurring billing.
Secure Infrastructure
Enterprise-Grade Hosting
Hover for details
Secure Infrastructure
Built on platforms with industry-leading security certifications.
We use Supabase (SOC 2 Type II certified) for our database and backend. Supabase provides automated daily backups, point-in-time recovery, 24/7 monitoring, and DDoS protection.
Interactive Demo
See how role-based access control works in practice
Role-Based Access Control
Questions About Security?
Our team is here to address any security concerns and provide detailed information about our practices.