Security & Compliance

Security Overview

At Scholaris ("we," "our," or "us"), security is integrated into every layer of our platform. We understand that schools entrust us with sensitive student data, financial information, and personal records. That's why our platform is designed with modern security practices focused on protecting data, maintaining reliability, and supporting privacy requirements. Our security approach is continuously reviewed and improved to help address evolving threats while maintaining a secure and accessible experience for schools, administrators, teachers, parents, and students.

Certifications & Compliance

🔒 SOC 2 Aligned Infrastructure

Scholaris is built on trusted cloud infrastructure providers that maintain industry-recognized security standards, including SOC 2 aligned environments. Our platform leverages secure hosting, encrypted communications, and infrastructure redundancy to support reliability and data protection.

🌍 GDPR & NDPR Ready

Scholaris is designed with modern privacy principles in mind, supporting compliance efforts related to GDPR and the Nigerian Data Protection Regulation (NDPR). Schools maintain control over their data, with support for secure access, data export, and account deletion requests.

🏥 HIPAA-Ready Infrastructure

Scholaris is built on Supabase, which supports HIPAA-compliant environments for storing Protected Health Information (PHI). Schools managing sensitive health and medical records can trust that our infrastructure meets the technical safeguards required under HIPAA.

🎓 Student Data Protection Standards

Protecting student information is a core part of our platform design. Access controls, authentication systems, and permission-based security policies help ensure sensitive student records are only accessible to authorized users.

✅ ISO 27001 Inspired Security Practices

Our security approach follows industry-standard best practices inspired by ISO 27001 principles. This includes secure development workflows, encrypted data storage, regular backups, vulnerability monitoring, and controlled access management across the platform.

Infrastructure Security

☁️ Cloud Infrastructure

Scholaris is hosted on reliable cloud infrastructure designed for high availability, redundancy, and secure data storage. Our infrastructure providers maintain distributed systems and backup mechanisms to support platform reliability and disaster recovery.

🔐 Encryption

All customer data is encrypted at rest with AES-256 and in transit via TLS. Sensitive information such as access tokens and credentials are further encrypted at the application level before being stored in the database.

🛡️ Network Security

Our infrastructure is protected using modern network security measures including traffic encryption, access restrictions, rate limiting, and denial-of-service protection provided through trusted infrastructure partners.

💾 Backups

Automated database backups are performed regularly to support data recovery and business continuity. Backup retention and recovery capabilities may vary depending on infrastructure configuration and service tier.

Application Security

🔐 Authentication & Authorization

Access to data is strictly controlled based on user roles and permissions within the system. Each user can only access information they are authorized to view, ensuring strong data isolation between students, teachers, and administrators. Secure authentication flows are used to protect accounts and manage user sessions safely.

🔍 Security Testing

Security reviews and testing are integrated into the development process to help identify and address vulnerabilities early. We use modern development practices, dependency monitoring, and code review processes to maintain platform security and reliability.

Data Privacy & Control

Data Ownership

Schools retain ownership of their data. Scholaris does not sell customer data or use it for third-party marketing purposes. Data export options are available where applicable.

🌍 Data Residency

Data is stored using secure cloud infrastructure providers with regional hosting options designed to support applicable data protection and residency requirements.

🗑️ Data Deletion

When data is deleted or an account is closed, associated information is removed in accordance with our retention and backup policies, except where retention is required by law or operational necessity.

🏥 Medical & Student Health Records

Scholaris is designed to help schools securely manage sensitive student information, including health-related records where applicable. Our infrastructure supports HIPAA-ready environments, with access to confidential records restricted to authorized personnel only through permission-based controls and secure storage — helping protect student privacy and support institutional compliance requirements.

Incident Response

🚨 Incident Response

We maintain procedures for identifying, investigating, and responding to security incidents. In the event of a confirmed issue affecting customer data or platform availability, affected users will be notified in accordance with applicable requirements and internal response procedures.

Third-Party Security

🤝 Third-Party Services

We work with carefully selected infrastructure and service providers that maintain strong security and privacy standards. Third-party services are evaluated before integration to help ensure they align with our operational and security expectations.

Report a Security Issue

If you believe you have discovered a security vulnerability or issue, please contact us: