AppLearn Security & Data Privacy

AppLearn is committed to being ‘secure by design’ and we have established a comprehensive Information Security Program, which supports the strategic aims of the business.

Every line of code in AppLearn Adopt has been written with your security in mind. We use the very latest framework releases, reuse tried and tested methods, and apply fundamental security considerations to every aspect of software design and development. We also frequently review and externally test our software to keep it ahead of emerging threats.

We’re continuously improving our internal processes and security measures to ensure complete platform assurance, and we actively pursue certification to national and global best practice security standards.

Security

As a modern, forward-looking business, AppLearn recognizes at senior levels the need to ensure that the business operates without interruption for the benefit of its customers and stakeholders and as such has implemented a robust Information Security Program.

Our Risk-Based assessment security program details aspects such as administrative, technical, and physical safeguards reasonably designed to protect the Confidentiality, Integrity, and Availability of customer data.

Below you will see a number of accreditations and compliance areas in which AppLearn adheres to and additionally you can click the link below to see our Trust platform, detailing our approach to security and privacy in more detail, with the ability to request access to our ‘Security Overview’ document.

See the Trust Center

Privacy

AppLearn takes the data protection and privacy of its customer data seriously and respects your data rights. Our privacy compliance ensures that you are in full control at all times.

Hosting – All customers have the choice of data hosting location, based on their company or regulatory compliance. For example, data hosted in the EU does not leave the EEA.
Protection – All AppLearn Adopt data is encrypted in transit and at rest, following the best practices set out by NIST and other security frameworks.
Retention – AppLearn Adopt data is not retained for longer than is needed and is removed in line with GDPR and our data retention policies, available upon request.
DPA (Data Processing Addendum) – AppLearn’s DPA and Standard Contractual Clauses (SCC’s) are available upon request by emailing [email protected].

Website Privacy Policy Adopt Privacy Policy

Our Compliance

ISO/IEC 27001:2013

ISO/IEC 27001:2013


ISO 27001 is a globally recognized, standards-based approach to security that outlines requirements for an organization’s information security management system (ISMS).
CSA STAR

CSA STAR


CSA STAR is a rigorous third-party independent assessment of the security of a cloud service provider. This technology-neutral certification leverages the requirements of the ISO/IEC 27001:2013 management system standard together with the CSA Cloud Controls Matrix.

IASME GDPR Ready

IASME GDPR Ready


IASME’s GDPR Ready is a certification route to demonstrate that AppLearn takes into account the requirements of the General Data Protection Regulation (GDPR). In the UK the GDPR is enforced under the Data Protection Act 2018.
Cyber Essentials

Cyber Essentials


Cyber Essentials is a UK Government-backed and industry-supported scheme for protection against cyber-attacks, enforced by a set of controls. AppLearn is independently assessed against the controls set out by the scheme in order to achieve certification.
AWS Well Architected

AWS Well Architected


Independantly assessed against AWS Well-Architected framework, ensuring our development, design and architectural practices meet the guidelines set out by AWS.
3rd Party Pen Tested

3rd Party Pen Tested


Our platform undergoes regular, external penetration testing to find and identify potential security vulerabilities. We've appointed a CREST certified partner, who's findings are prioritised through our development lifecycle.

ICO Registered

ICO Registered


We're registered with the Information Comissionsers Office in the UK, ensuring we receive the latest available information around data privacy and customers have a point of contact for data protection issues.

NIST

NIST


AppLearn is able to evidence its compliance to the 5 core functions of the NIST framework, supporting our overall compliance to security and data privacy.