Security and Third-Party Services

Security of student data is one of the biggest considerations in everything we do and that’s why we exclusively rely on the industry-leading cloud service providers to power Participatr. If you have any questions after reading the details below, please let us know.

Servers

Our servers are hosted in the US East region of Amazon Web Services. They consist of load-balanced EC2 instances running on NodeJS in AWS Elastic Beanstalk. You can find detailed security information here and up-time information here.

Client-Server Communication Protocol

All of the communication between our servers and the end-user's browser (the client) occurs over HTTPS SHA-256 with RSA Encryption. You can find a security test of our communication protocol here.

Database

All of our data is stored in multiple locations within the US Central region of Google Cloud Datastore. You can find detailed security information here and here, and up-time information here.

Payments

No card data is ever transmitted to Participatr servers as all payments are processed directly via Stripe. You can find detailed security information here and up-time information here.

Real-time Communication

We rely on both Google Firebase and Pusher to ensure students and instructors always have the latest information on their screens. You can find security information here and here and up-time information here and here.

Email

All automated email transmission occurs through SendGrid. You can find detailed security information here and up-time information here. All other emails are transmitted via Google G Suite. You can find detailed security information here and here, and up-time information here. In addition, we occasionally rely on Mailboxlayer for email address verification.

Text Messaging

We rely on both Twilio and Bandwidth for SMS text messaging. You can find detailed security information here and here, and up-time information here and here.
Last update: March 30, 2018