GDPR & Security at Innform

We’re committed to protecting the content and data from our clients.
Innforms mission is to revolutionise the elearning space. Core to that mission is keeping your data confidential, secure and GDPR compliant.

Here you’ll find more information on how we approach security, if you have additional questions feel free to get in touch at on support@innform.io

Enterprise Security Features

Innform Enterprise solution has several additional features that allow customers to enforce several layers of security to their accounts and projects. That includes Single Sign-On (SSO), IP restriction, access logs and user permissions.

Communication

All user data is transported securely, as all traffic is encrypted in transit via SSL. Encrypting data in transit protects it from unauthorised snooping, modification, and man-in-the-middle attacks. We use 256-bit SSL/TLS.1.2 encryption, utilising both the ECDSA and RSA algorithms.

Data Centre Security

Our hosting environment is fully-redundant with disaster recovery procedures. Our cloud hosting providers maintain multiple certifications for its data centers, including ISO 27001 compliance, PCI certification, and SOC. For details about their certification and compliance, please visit the Amazon AWS security site.

EU Hosted Infrastructure

The Innform Platform infrastructure is hosted on servers based in the European Union. This allows us to meet specific regulatory and compliance requirements of organisations in Europe. Our data centre provider AWS is located in the United Kingdom and Germany. AWS maintains multiple certifications, including SOC 1, SOC 2, SOC 3 and ISO27001. In addition all personal data is encrypted both in transit and at rest using strong encryption.

Credit Cards

Innform does not store any credit card information. We are working with Stripe for credit card processing which allows us to leverage AES-256 encryption at rest, with PCI Service Provider Level 1 standards in the storage and handling of credit card information. This is the highest level of certification available to the payments industry.

Innform’s GDPR Commitment

As a Data Controller, Innform is committed to compliance with the General Data Protection Regulation, and meeting our legal obligation by helping our customers become compliant. We’ve made several key policy, product and term updates that strengthen the protection of personal data and rights of users.