Our Commitment to Data Privacy
Your privacy is our top priority. We've designed our systems to protect your information and give you control over your data. We adhere to stringent privacy policies, ensuring your data is used solely for the intended purpose.
A Secure Infrastructure
Our infrastructure is designed, built, and tested to meet high-security standards. We partner with AWS, an industry-leading infrastructure platform, aligning ourselves with their world-class security compliance protocols.
Ensuring Your Data is Safe - Our Practices
Two-Factor Authentication (2FA)
We implement 2FA, using Single Sign-On (SSO) through Clever, adding an extra layer of security to prevent unauthorized access.
Employee Security Training
Our team is our front line of defense. Regular security training ensures our employees are ready to handle sensitive information and identify potential security threats.
Humans continue to be the weakest link in terms of security so we put great effort into making sure our employees are well prepared for any kind of situation. We do regular security training and take pride in the level of IT security awareness our employees have.
Encryption
We employ robust encryption methods to ensure the security of your data. Your information is encrypted both when stored (at rest) and when accessed or transmitted (in transit).
For those with a technical inclination, data is encrypted using AES-256 while at rest, and TLS 1.3 is employed for encryption during transit. This ensures the continuous protection of your data.
Rigorous Testing
Before we release any code, we put it through rigorous automated testing and peer review, including penetration testing, to ensure it meets our high-security standards.
Additionally, we implement external services to conduct regular security tests on the entire platform. We utilize a database of common vulnerabilities to uphold the elevated security standards for our code.
Strong Access Management
We enforce strict access management policies. Different user roles, like administrators, teachers, and students, have tailored access to sensitive information based on their needs.
Furthermore, we apply these principles not only to our company structure but also throughout the development of the platform. Our objective is to empower you to implement secure access management on Gameplan.
Compliance
LAUSD UDIPP
FERPA
COPPA
SOPIPA
California Assembly Bill 1584
Connecticut Act Concerning Student Data Privacy
Your Trust, Our Responsibility
Your trust is something we strive to earn every day. We believe in openness, accountability, and constant improvement in our security practices. If you have any questions, suggestions or find vulnerabilities, please don't hesitate to reach out to us.
Contact us via email - info@gameplan.com or through form here.
If you have more questions about our security practices or have a responsible disclosure to make, contact us via security@gameplan.com.
