Security

Your security and privacy are our top priorities

Our Commitment to Security

At Sudeshm Learn, we take security seriously. We implement industry-leading security measures to protect your personal information, educational data, and ensure a safe learning environment for all users.

Data Protection Measures

End-to-End Encryption

All data transmitted between your device and our servers is encrypted using industry-standard TLS/SSL protocols.

Secure Authentication

Passwords are hashed using bcrypt and stored securely. We support two-factor authentication for enhanced security.

Regular Security Audits

We conduct regular security audits and penetration testing to identify and fix vulnerabilities.

Data Backup & Recovery

Automated daily backups ensure your data is never lost. We maintain multiple backup copies across different locations.

Access Control

Role-based access control ensures users only have access to data and features appropriate for their role.

Activity Monitoring

Real-time monitoring of system activities helps us detect and respond to suspicious behavior immediately.

Compliance & Standards

We comply with industry security standards and regulations:

  • GDPR (General Data Protection Regulation)
  • ISO 27001 Information Security Management
  • OWASP Top 10 Security Best Practices
  • PCI DSS for Payment Processing
  • SOC 2 Type II Compliance (in progress)

Account Security Best Practices

Help us keep your account secure by following these recommendations:

  • Use a strong, unique password (at least 12 characters with mixed case, numbers, and symbols)
  • Enable two-factor authentication (2FA) for an extra layer of security
  • Never share your password with anyone
  • Log out from shared or public devices
  • Keep your email address up to date for security notifications
  • Be cautious of phishing emails pretending to be from Sudeshm Learn
  • Regularly review your account activity and report suspicious behavior

Incident Response

In the unlikely event of a security incident:

  • We have a dedicated incident response team available 24/7
  • Affected users will be notified within 72 hours
  • We will provide clear information about what happened and what data was affected
  • Immediate steps will be taken to contain and remediate the issue
  • A detailed post-incident report will be published

Data Retention & Deletion

We retain your data only as long as necessary:

  • Active account data is retained while your account is active
  • Deleted accounts are purged within 30 days
  • Backup copies are retained for 90 days for disaster recovery
  • Educational records may be retained longer to comply with academic requirements
  • You can request data deletion at any time through your account settings

Reporting Security Issues

If you discover a security vulnerability or have security concerns, please report them immediately:

Security Team Contact

Email: security@sudeshmlearn.com

We take all security reports seriously and will investigate promptly. We appreciate responsible disclosure and may offer recognition for valid security findings.

Bug Bounty Program

We value the security research community and welcome responsible disclosure of security vulnerabilities. Our bug bounty program rewards researchers who help us maintain a secure platform.

Scope: Web application, API endpoints, authentication systems

Out of Scope: Social engineering, physical security, DDoS attacks

Questions?

If you have questions about our security practices or need more information:

  • Email: security@sudeshmlearn.com
  • Review our Privacy Policy
  • Contact us through the Help Center in your dashboard