Security and Privacy

Portflow Trust Portal

Self-service access to security, data privacy and compliance documents

This Portflow Security Portal is your one-stop shop for information on Portflow’s commitment to security and compliance. Here, you’ll find the resources you need to evaluate Portflow as a trusted partner, whether you’re a potential customer or an existing one performing due diligence.

Within this portal, you’ll have access to Third-Party Audit Reports (Independent verification of the security controls and practices in place for Portflow’s cloud-hosted services) and Compliance Documentation (details on how Portflow adheres to industry data protection standards and regulatory requirements).

We encourage you to explore the portal and gain a comprehensive understanding of Portflow’s unwavering commitment to safeguarding your data and meeting your compliance needs.

Quick Summary

  • Annual third-party penetration testing

  • Will enter into a DPA

  • Deletes customer data on request
  • One or more annual third-party audit(s)
  • Has a disaster recovery plan
  • Has cyber insurance

Compliance & Conformance

1EdTech TrustEd Apps Certified Logo
SOC2typeII
TrustEd Apps Certified Data Privacy - 1edtech

Documents

Frequently Asked Questions

  • Production data: Ireland | eu-west-1 (Heroku on AWS)
  • Primary backup-data: Ireland | eu-west-1 (Heroku on AWS)
  • Secondary backup-data: Frankfurt, Germany | eu-central-1, Frankfurt (AWS)

Alumnus account

  • Google Oauth

Evidence import

  • Microsoft OneDrive

Evidence embedding

  • Canvas Studio
  • Kaltura
  • Panopto
  • Vimeo
  • YouTube
  • Yuja

LMS / VLE

  • Canvas LMS by Instructure
  • Brightspace by D2L
  • Blackboard Learn by Anthology (Q2 2024)
  • Moodle (Q2 2024)

Portflow customers’ data is automatically backed up both in real time and on a 24-hour schedule across multiple geographical locations within the EEA, rather than in a single data centre. This enables Drieam to provide superior disaster recovery in the event of an outage. At all times, we aim to be able to restore a full backup within four hours.

Portflow is Vetted & Trusted by

Controls

  • Firewall access restricted
  • Intrusion detection system utilized
  • Network firewalls utilized
  • Network and system hardening standards maintained
  • Log management utilized
  • Data encryption utilized
  • Password policy enforced
  • Vulnerability and system monitoring procedures established
  • Continuity and disaster recovery plans tested
  • Incident response plan tested
  • Development lifecycle established
  • Whistleblower policy established
  • System changes externally communicated
  • Support system available
  • Access reviews conducted
  • Access requests required
  • Production deployment access restricted
  • Change management procedures enforced
  • Risks assessments performed
  • Data classification policy established
  • Data retention procedures established

Request documents

Request access to the following document(s) *