Book demo
YOUR PARTNER

Privacy & Security Framework

We take security and anonymity seriously, which is why our data protection and security measures are in line with industry best practices. We are GDPR compliant and always investing to make our platform even more secure.

Learningbank_ISAE 3402 2022_deloitte

IT Security

  • Learningbank has an ISAE-3402 type 2 based on the ISO-27001. This is an international standard, which declares that a company has a high level of IT security and controls and meets all regulations, laws, and good IT ethics. Moreover, it means that Learningbank has documented processes that are examined and revised yearly from an external audit company. ​
  • Learningbank is audited externally to meet the requirements globally. ​
learningbank_infrastructure

Secure & Scalable Infrastructure

  • We use Amazon Web Services (AWS) to host our application, where our application servers (EC2) and database servers (RDS) are encrypted at rest using AES 256 encryption algorithm.  ​
  • For data in transit, we strictly use TLS 1.2. Our application backend servers are not accepting connections through plain HTTP – any unencrypted connection attempt is blocked.
  • Learningbank's virus - and thread detecting software monitors and surveil our production environment and account for suspicious activities, which should not be there. This software prevents and detects threads instantly. Our team will respond and react quickly too if anything comes up.  
TineWernlund (1)

Employee Training

In Learningbank, we practice what we preach when it comes to securing data and prevent IT security breaches.​ Therefore, all employees are trained in GDPR and IT Security through our own digital, gamified learning paths. The training is recurring - every​ year, we all get a brush-up combined with the latest updates and regulations.​

GDPR in the Learning Lifecycle

Learningbank is 100% compliant with the General Data Protection Regulation (EU) 2016/679 (GDPR).

Smiling_man
icon_scorm

Data insights

One of the main pillars in the GDPR is the individual's right to get insights on which personal data are being 'processed'. In the platform, this can be exported with a single click. ​

icon_learning-store

Limited access

The structure of the platform ensures that users only see what is relevant for them. Everything is controlled by permission types and a hierarchical department structure.​

icon_automation-gdpr

Password

For higher security, user access requires a password of a minimum of 8 characters and it has to include lower and upper letters as well as either a number or a special letter.


icon_blended-learning

Right to be forgotten

Do you forget about deleting employees, when they move on? Don't worry, the platform does it  automatically. ​

gdpr

Personal data/GDPR

  • All data is handled based on the GDPR requirements. It is mainly ordinary categories of personal data, including but not limited to, name, email address, and phone number.​
  • It is only a handful of our Learningbankers who have access to the deep infrastructure and production environment behind the platform, and they are all full-blown experts in handling data - and, especially, personal data. 
  • We have a complete overview of access rights and the process for adding, changing, and revoking access. ​
  • The access control is documented for all applications, IT systems, and environments giving access to sensitive information or personal data.
integrations_LMS

Integrations

Learningbank has built integrations to connect with HR systems, workforce management, communication tools, and ERP. And has a strong API and SSO (Single-Sign-On).
Read more about integrations & partners

Need more information or the latest Security Report?

Do you want to know more about how we handle IT Security, GDPR, etc? Or do you need the latest ISAE-3402-II report? 

Contact us