The platforms works to offer a secure and private space for people to learn and grow. We adhere to the principle of least privilege in terms of data and systems access, and use best practices and well-tested, open-source technologies when possible.

We use bank-level encryption: data is encrypted at rest with AES-256, block-level storage encryption. All access to data is governed by the administrators of the course. The data is housed in ISO 27001-compliant data centers with strict physical security. Third-party vendors do penetration and vulnerability assessments.

We have continuous database backups, and also maintain daily and weekly backups offsite. We use cloud hosting to ensure that we can offer the maximum uptime possible, and try to minimize any single points of failure in our system configuration.

Users can create their own profile, and can choose what information they would like to share (the only required field is email and name). They can join a private group solely dedicated for their training(s).

Users can share reflections as they learn in text or video, and can choose their own privacy settings for each response (if they want to keep it private, or share with their private group).

We are GDPR-compliant. As a result, individual learners can delete their account and all of their responses and personally-identifiable data. We can also delete the entire cohort's data for clients at once in response to any data deletion requests.

We do keep some anonymized usage data to improve our system’s design and usability.

Our Privacy Policy is located here: https://www.dreamseedo.org/help/privacy_policy