Book demo

Security & Privacy​

Handling our Customers’ data, we take this act of trust immensely seriously. Consequently, we maintain and continuously invest in high security and data protection standards​

We take security and anonymity seriously, which is why our data protection and security measures are in line with industry best practices. We are GDPR compliant and always investing to make our platform even more secure.​

Operational IT Security & Compliance​ 🔒

ISAE

IT Security & Compliance​

  • Learningbank has an ISAE-3402 type 2 based on the ISO-27001 framework. 
  • This is an international standard, which declares that a company has a high level of IT security and controls and meets all regulations, laws, and good IT ethics. 
  • Moreover, it means that Learningbank has documented processes that are examined and revised yearly by an external audit company. ​
  • Learningbank is audited externally to meet the requirements globally.

Organizational Security​​

  • 24/7 Monitoring and Incident Response
  • Risk Assessment & Management 
  • Business Continuity
  • Information Security

Infrastructure Security

  • Annual Penetration Test​
  • Hosted on leading cloud infrastructure provider (Ireland)​
  • Encrypted application servers ​
  • No unencrypted connections ​
  • Prevention and detection of threats ​
  • Daily backups ​

Customer data Protection

  • Patch management​
  • TLS 1.2 encryption in transit 
  • AES-256 encryption at rest

IT Security & GDPR​ 🔑

Privacy by Design

We follow the 7 principles of Privacy by Design:
 
  Proactive and Preventative Approach     Privacy by Default   ●  Privacy Embedded into Design   ●  Full Functionality   ●  End-to-End Security   ●  Visibility and Transparency   ●  Respect for User Privacy
GDPR

GDPR​

  • Learning Lifecycle Platform is developed based on Privacy by Design
  • Data Minimisation
  • Limited Access
  • Data Accuracy
  • Accountability 
GDPR

GDPR Features in the Learning Lifecyle Platform​

  • 2-factor authentication 
  • Password requirement
  • Data insights 
  • Limited access 
  • Right to be forgotten
  • Data Erasure 
  • SSO

Corporate Security​

  • Dedicated Security Team
  • Outsourcing 
  • IT Security Awareness training and campaigns 
  • GDPR Awareness training and campaigns
  • Asset Management
  • Access control 
  • 2-factor enabled for all employees
  • Confidentiality agreements
  • Segregation of Duties 

Need more information or the latest Security Report?

Do you want to know more about how we handle IT Security, GDPR, etc? Or do you need the latest ISAE-3402-II report? 

Contact us