Privacy & Security Framework
We take security and anonymity seriously, which is why our data protection and security measures are in line with industry best practices. We are GDPR compliant and always investing to make our platform even more secure.
IT Security
Audited externally to meet the requirements globally. Secure & Scalable
We use Amazon Web Services (AWS), AES 256 encryption algorithm and we strictly use TLS 1.2.
Employee training
We practice what we preach. All employees are trained in GDPR and IT Security.
GDPR & Personal data
All data is handled based on the GDPR requirements & access control is documented for all applications.
Integrations
Easy integration with HR systems and others combined with a strong API and SSO (Single-Sign-On).
Request audit reports
Do you have any questions or need the latest audit/security report?

IT Security
- Learningbank has an ISAE-3402 type 2 based on the ISO-27001. This is an international standard, which declares that a company has a high level of IT security and controls and meets all regulations, laws, and good IT ethics. Moreover, it means that Learningbank has documented processes that are examined and revised yearly from an external audit company.
- Learningbank is audited externally to meet the requirements globally.

Secure & Scalable Infrastructure
- We use Amazon Web Services (AWS) to host our application, where our application servers (EC2) and database servers (RDS) are encrypted at rest using AES 256 encryption algorithm.
- For data in transit, we strictly use TLS 1.2. Our application backend servers are not accepting connections through plain HTTP – any unencrypted connection attempt is blocked.
- Learningbank's virus - and thread detecting software monitors and surveil our production environment and account for suspicious activities, which should not be there. This software prevents and detects threads instantly. Our team will respond and react quickly too if anything comes up.
.png?width=560&name=TineWernlund%20(1).png)
Employee Training
In Learningbank, we practice what we preach when it comes to securing data and prevent IT security breaches. Therefore, all employees are trained in GDPR and IT Security through our own digital, gamified learning paths. The training is recurring - every year, we all get a brush-up combined with the latest updates and regulations.
GDPR in the Learning Lifecycle
Learningbank is 100% compliant with the General Data Protection Regulation (EU) 2016/679 (GDPR).


Data insights
One of the main pillars in the GDPR is the individual's right to get insights on which personal data are being 'processed'. In the platform, this can be exported with a single click.

Limited access
The structure of the platform ensures that users only see what is relevant for them. Everything is controlled by permission types and a hierarchical department structure.

Password
For higher security, user access requires a password of a minimum of 8 characters and it has to include lower and upper letters as well as either a number or a special letter.

Right to be forgotten
Do you forget about deleting employees, when they move on? Don't worry, the platform does it automatically.

Personal data/GDPR
- All data is handled based on the GDPR requirements. It is mainly ordinary categories of personal data, including but not limited to, name, email address, and phone number.
- It is only a handful of our Learningbankers who have access to the deep infrastructure and production environment behind the platform, and they are all full-blown experts in handling data - and, especially, personal data.
- We have a complete overview of access rights and the process for adding, changing, and revoking access.
- The access control is documented for all applications, IT systems, and environments giving access to sensitive information or personal data.

Integrations
Need more information or the latest Security Report?
Do you want to know more about how we handle IT Security, GDPR, etc? Or do you need the latest ISAE 3402 (2021) report?