LearnExperts Trust Center

Our Commitment to Information Security at LearnExperts  

LearnExperts follows a holistic and collaborative approach to guarantee the confidentiality, availability and integrity of your information and data. We always consider the big picture when working on the security aspects of our products. 

Our approach is based on the NIST Cybersecurity Framework (CSF) and we undergo external testing to check that our controls meet SOC 2 Trust Service Principles for security and confidentiality.  

LearnExperts is committed to preserving the confidentiality, integrity, and availability of all physical and electronic information assets throughout the company. 

We design our platform with compliance in mind and are in process of attaining SOC 2 Type II certification (completed fall 2025). 

Security 

When it comes to Cloud, the security of the infrastructure is just as important as the security of the software you put on top of it. LearnExperts works with leading Cloud vendor AWS with trusted security and a solid track record. All our client data is encrypted at rest in AWS Canada Central, be it live, failover or backup data. Data transfer only occurs through encrypted channels.  

LearnExperts spreads across multiple datacenters to ensure no Single Point of Failure. 

We conduct frequent penetration tests to ensure a secure Cloud environment. We also perform external penetration tests on a regular basis. 

• Encryption: All customer data is encrypted in transit (TLS 1.2+) and at rest (AES-256). 

• Penetration Testing: Independent third-party penetration tests are conducted regularly, with findings remediated promptly. 

• TLS Testing: Our TLS configurations are validated to meet industry standards for cryptographic security. 

• Access Controls: Administrative access is limited by role-based access and multi-factor authentication. 

• Monitoring & Incident Response: Continuous monitoring with a documented incident response program. 

Privacy 

• Data Handling: We collect only the information needed to provide and improve our services, as described in our Privacy Policy. 

• Customer Control: Customers can access, update, or delete their data at any time in the platform. 

• Compliance Alignment: Our practices align with GDPR, CCPA, and PIPEDA principles. 

• Third-Party Sharing: We do not sell personal data. Subprocessors are used only as necessary to provide services. 

Compliance 

• SOC 2: SOC 2 Type II certification is in progress (certification pending observation period – fall 2025).  

• Vendor Certifications: Our infrastructure providers, including AWS and SOC 2. 

• Confidentiality: Both parties commit to protecting non-public information under the terms of our Master Services Agreement. 

Reliability 

• Hosting: LEAi™ is hosted in the cloud with no impact on customer IT resources. 

• Availability: Systems are monitored for uptime and performance. 

• Backups & Recovery: Customer data is backed up regularly with tested recovery procedures. 

• Business Continuity: Continuity planning ensures operations during disruptions. 

Product Commitments 

Security is considered throughout the lifecycle of the development and release of our software. Our software code is constantly scanned for security threats, and we release security fixes on a frequent basis to ensure the cloud environment’s security. 

• Secure access and onboarding provided to all customers. 

• Ongoing support via email and phone during business hours. 

• Customers retain full ownership of their content and data created within LEAi™ are in full control of it’s use. Customers decide what content they want to use to create a course, they can choose when to use the AI to rewrite or auto-generate learning content, and can edit or delete the information at any time. Once deleted, it’s completely deleted from the system.  

• Intellectual property rights in the LEAi™ platform remain with LearnExperts. 

Responsible Disclosure 

We encourage responsible reporting of vulnerabilities. Please contact us at security@learnexperts.ca.