Your data, protected
We take the security and privacy of your institution's learning data seriously. Here's how we keep it safe.
Encryption everywhere
All data is encrypted in transit (TLS 1.3) and at rest using AES-256, the same standard used by banks and governments.
Server-side access control
Every data request is validated by server-side access control rules. Users can only access their own data, and organization admins can only see data within their institution.
No data selling
We never sell, share, or monetize your data. Your institution's learning data belongs to your institution. Period.
Minimal data collection
We only collect what's needed to run the platform: email, session logs, and goal progress. No tracking pixels.
Deletion on request
Request complete data deletion at any time. We'll remove all user data and session history within 30 days.
SOC 2 & ISO 27001
Amud runs on enterprise-grade cloud infrastructure that maintains SOC 2 Type II and ISO 27001 certifications.
What we store
- Email address, name and phone number
- Learning session logs (subject, duration, notes, timestamp)
- Goal progress and pace metrics
- Schedule configuration
- Notification preferences
What we don't store
- Location data
- Device identifiers or advertising IDs
- Browsing history
- Biometric data
- Payment information (handled by third-party processor)