Security in plan2learn

We Prioritize Security

At Plan2learn, IT security and the protection of personal data are among our top priorities. We are GDPR compliant, and our IT infrastructure has been certified in accordance with ISAE 3000 and ISAE 3402.

We invest significant resources in security initiatives, both within our platform and internal environment, and we undergo an annual external audit to ensure that we meet the highest security standards in our industry.

All our employees are required to review our IT policy as part of their onboarding process. They also receive an annual refresher course. Additionally, all employees who handle sensitive user data on a daily basis must complete further training to ensure the necessary level of security.

Certifications

Our IT infrastructure is certified in accordance with both ISAE 3000 and ISAE 3402.

GDPR

We only collect the data necessary to manage users and courses, and we retain it only for as long as needed.

Annual Audits

We undergo an external audit every year to ensure that we meet the highest security standards in our industry.

Certifications

Our IT infrastructure is certified in accordance with both ISAE 3000 and ISAE 3402. These certifications demonstrate that we comply with high standards for information security and data protection.

ISAE 3000 ensures that we handle personal data in a responsible and transparent manner, while ISAE 3402 confirms that our internal controls and processes related to the operation of our IT infrastructure are robust and reliable.

These certifications provide our customers with the assurance that their data is handled securely and in compliance with applicable legislation and best practices.

GDPR and Personal Data

We take GDPR (General Data Protection Regulation) seriously to ensure the protection of our users' data. We process personal information in accordance with applicable data protection regulations, including GDPR. This means we only collect the data necessary to manage users and courses, and we retain it only for as long as needed.

We implement security measures to protect data from unauthorized access, loss, or misuse. Users have full control over their data, including the right to access, correct, and delete it. All our data processing agreements and procedures are fully GDPR-compliant.

Passwords and Two-Factor Authentication

One of the key security mechanisms in Plan2learn is two-factor authentication (2FA), which adds an extra layer of protection during login. In addition to their password, users must verify their identity using a second factor, such as an SMS code or an authentication app. This significantly reduces the risk of unauthorized access.

We also encourage the use of strong passwords and offer features such as automatic password expiration and periodic password change requirements. These measures help ensure that login credentials remain up to date and in line with modern security standards.

Security Features in Plan2learn

  • GDPR compliance and ISAE 3000/3402 certification.
  • Annual external security audits.
  • Additional training for employees handling sensitive data.
  • ISAE 3000 ensures responsible personal data management.
  • ISAE 3402 confirms robust IT processes.
  • Brugerkontrol over data: indsigt, rettelse og sletning.
  • Two-factor authentication (2FA) for enhanced login security.
  • Strong passwords, automatic password expiration, and periodic changes.

Want to hear about course administration?