Security

AppLearn Security & Data Privacy

AppLearn is committed to being ‘secure by design’ and we have established a comprehensive Information Security Program, which supports the strategic aims of the business.

Every line of code in AppLearn Adopt has been written with your security in mind. We use the very latest framework releases, reuse tried and tested methods, and apply fundamental security considerations to every aspect of software design and development. We also frequently review and externally test our software to keep it ahead of emerging threats.

We’re continuously improving our internal processes and security measures to ensure complete platform assurance, and we actively pursue certification to national and global best practice security standards.

As a modern, forward-looking business, AppLearn recognizes at senior levels the need to ensure that the business operates without interruption for the benefit of its customers and stakeholders and as such has implemented a robust Information Security Program.

Our Risk-Based assessment security program details aspects such as administrative, technical, and physical safeguards reasonably designed to protect the Confidentiality, Integrity, and Availability of customer data.

Below you will see a number of accreditations and compliance areas in which AppLearn adheres to and additionally you can click the link below to see our Trust platform, detailing our approach to security and privacy in more detail, with the ability to request access to our ‘Security Overview’ document.

See the Trust Center

Privacy

AppLearn takes the data protection and privacy of its customer data seriously and respects your data rights. Our privacy compliance ensures that you are in full control at all times.

Hosting – All customers have the choice of data hosting location, based on their company or regulatory compliance. For example, data hosted in the EU does not leave the EEA.
Protection – All AppLearn Adopt data is encrypted in transit and at rest, following the best practices set out by NIST and other security frameworks.
Retention – AppLearn Adopt data is not retained for longer than is needed and is removed in line with GDPR and our data retention policies, available upon request.
DPA (Data Processing Addendum) – AppLearn’s DPA and Standard Contractual Clauses (SCC’s) are available upon request by emailing [email protected].

Website Privacy Policy Adopt Privacy Policy

Our Compliance

ISO/IEC 27001:2013

ISO 27001 is a globally recognized, standards-based approach to security that outlines requirements for an organization’s information security management system (ISMS).

CSA STAR

CSA STAR is a rigorous third-party independent assessment of the security of a cloud service provider. This technology-neutral certification leverages the requirements of the ISO/IEC 27001:2013 management system standard together with the CSA Cloud Controls Matrix.

IASME GDPR Ready

IASME’s GDPR Ready is a certification route to demonstrate that AppLearn takes into account the requirements of the General Data Protection Regulation (GDPR). In the UK the GDPR is enforced under the Data Protection Act 2018.

Cyber Essentials

Cyber Essentials is a UK Government-backed and industry-supported scheme for protection against cyber-attacks, enforced by a set of controls. AppLearn is independently assessed against the controls set out by the scheme in order to achieve certification.

AWS Well Architected

Independantly assessed against AWS Well-Architected framework, ensuring our development, design and architectural practices meet the guidelines set out by AWS.

3rd Party Pen Tested

Our platform undergoes regular, external penetration testing to find and identify potential security vulerabilities. We've appointed a CREST certified partner, who's findings are prioritised through our development lifecycle.

ICO Registered

We're registered with the Information Comissionsers Office in the UK, ensuring we receive the latest available information around data privacy and customers have a point of contact for data protection issues.

NIST

AppLearn is able to evidence its compliance to the 5 core functions of the NIST framework, supporting our overall compliance to security and data privacy.

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Functional

Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.

Cookie	Duration	Description
bcookie	2 years	This cookie is set by linkedIn. The purpose of the cookie is to enable LinkedIn functionalities on the page.
lang	session	This cookie is used to store the language preferences of a user to serve up content in that stored language the next time user visit the website.
lidc	1 day	This cookie is set by LinkedIn and used for routing.
__cf_bm	30 minutes	This cookie is set by CloudFlare. The cookie is used to support Cloudflare Bot Management.

Performance

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

Cookie	Duration	Description
SRM_B	1 year 24 days	Used by Microsoft Advertising as a unique ID for visitors.

Analytics

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.

Cookie	Duration	Description
CONSENT	16 years 4 months 8 days 9 hours 4 minutes	These cookies are set via embedded youtube-videos. They register anonymous statistical data on for example how many times the video is displayed and what settings are used for playback.No sensitive data is collected unless you log in to your google account, in that case your choices are linked with your account, for example if you click “like” on a video.
pardot	past	The cookie is set when the visitor is logged in as a Pardot user.
pi_opt_in	180	The cookie is set when the visitor is logged in as a Pardot user.
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gat_UA-47132937-17	1 minute	This is a pattern type cookie set by Google Analytics, where the pattern element on the name contains the unique identity number of the account or website it relates to. It appears to be a variation of the _gat cookie which is used to limit the amount of data recorded by Google on high traffic volume websites.
_gcl_au	3 months	Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.
_hjAbsoluteSessionInProgress	30 minutes	No description available.
_hjFirstSeen	30 minutes	This is set by Hotjar to identify a new user’s first session. It stores a true/false value, indicating whether this was the first time Hotjar saw this user. It is used by Recording filters to identify new user sessions.
_hjid	1 year	This cookie is set by Hotjar. This cookie is set when the customer first lands on a page with the Hotjar script. It is used to persist the random user ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID.
_hjIncludedInPageviewSample	2 minutes	No description available.
_hjIncludedInSessionSample	2 minutes	Hotjar sets this cookie to know whether a user is included in the data sampling defined by the site's daily session limit.
_hjTLDTest	session	No description available.
_omappvp	11 years	The _omappvp cookie is set to distinguish new and returning users and is used in conjunction with _omappvs cookie.
_omappvs	20 minutes	The _omappvs cookie, used in conjunction with the _omappvp cookies, is used to determine if the visitor has visited the website before, or if it is a new visitor.
_uetsid	1 day	This cookies are used to collect analytical information about how visitors use the website. This information is used to compile report and improve site.

Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.

Cookie	Duration	Description
ANONCHK	10 minutes	The ANONCHK cookie, set by Bing, is used to store a user's session ID and also verify the clicks from ads on the Bing search engine. The cookie helps in reporting and personalization as well.
bscookie	2 years	This cookie is a browser ID cookie set by Linked share Buttons and ad tags.
driftt_aid	2 years	This cookie is set by Drift.com for tracking purposes. According to the Drift documentation, this is the anonymous identifier token. It is used to tie the visitor on your website with the profile within the Drift system. This allows Drift to remember the information that this site visitor has provided through the chat on subsequent site visits.
fr	3 months	The cookie is set by Facebook to show relevant advertisments to the users and measure and improve the advertisements. The cookie also tracks the behavior of the user across the web on sites that have Facebook pixel or Facebook social plugin.
IDE	1 year 24 days	Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
MUID	1 year 24 days	Used by Microsoft as a unique identifier. The cookie is set by embedded Microsoft scripts. The purpose of this cookie is to synchronize the ID across many different Microsoft domains to enable user tracking.
personalization_id	2 years	This cookie is set by twitter.com. It is used integrate the sharing features of this social media. It also stores information about how the user uses the website for tracking and targeting.
test_cookie	15 minutes	This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.
YSC	session	This cookies is set by Youtube and is used to track the views of embedded videos.
_fbp	3 months	This cookie is set by Facebook to deliver advertisement when they are on Facebook or a digital platform powered by Facebook advertising after visiting this website.

Others

Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.

Cookie	Duration	Description
AnalyticsSyncHistory	1 month	No description
CookieLawInfoConsent	1 year	No description
culture	session	No description available.
drift_aid	2 years	No description
drift_campaign_refresh	30 minutes	No description available.
li_gc	2 years	No description
muc_ads	2 years	No description
SM	session	No description available.
UserMatchHistory	1 month	Linkedin - Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences.
_clck	1 year	No description
_clsk	1 day	No description
_hjSessionUser_1714907	1 year	No description
_hjSession_1714907	30 minutes	No description
_uetvid	1 year 24 days	No description available.