We take data privacy very seriously. We minimize our data collection and currently do not collect student data.
Districts can access various community analytics through the Nexxus Portal. Districts maintain complete control over this data. We will always delete district data from our systems upon request.
Our approach to security, from the ground up, helps shield sensitive data at every step.
Full encryption in transit and at rest:
We use modern cryptographic algorithms and follow key management best practices with strict user access control.
Secure development lifecycle:
All new development, including new features, are rigorously reviewed from a security perspective before rollout.
Cloud service providers have greater security expertise running servers in the cloud across thousands of customers over many years. Nexxus Portal’s infrastructure runs on Microsoft Azure. More details can be found on Microsoft Azure’s compliance site.
Comprehensive independent third-party security evaluation:
We work with HackerOne to run a bug bounty program. The bug bounty program engages security researchers and independent security professionals to proactively test our platform and reports any issues.