Privacy & Security

Learn how Xello's extensive data privacy measures and information security best practices ensure the confidence of all our stakeholders.
adult-blur-business-computer-1181474-1

Ownership & Control of Your Student Data

Because our data storage practices comply with data retention laws, and our Privacy Policy is governed by FERPA, PIPEDA, GDPR and all established federal, regional, and international regulations, Xello customers can rest assured their data will never be accessed or used in unauthorized ways.

boy-using-laptop

Our Pledge of Student Privacy

Xello has signed the national Student Privacy Pledge regarding the collection, maintenance, and use of student personal information. The pledge states: “School service providers take responsibility to both support the effective use of student information and safeguard student privacy and information security.”

Assurance of Safe Data Storage

Schools and districts can communicate with confidence to shareholders that their student data is safe and secure.
checkmark Family Educational Rights and Privacy Act Regulations (FERPA)
checkmark General Data Protection Regulation (GDPR)
checkmark Children’s Online Privacy Protection Act (COPPA)
checkmark Personal Information Protection and Electronic Documents Act (PIPEDA)
checkmark Education Law Section 2-D (EdLaw 2D)

Xello’s Commitment

Xello is accessible by all students, educators, and their communities, while maintaining the highest standards of privacy, security and data protection.

Here's how we do it:

  • checkmark Secure Software Development – This includes integrating vulnerability scanning, as early as the development phase, and regular testing.
  • checkmark Secure infrastructure – Xello leverages modern technologies such as web application firewalls, intrusion detection and prevention systems to protecting all systems.
  • checkmark Data Privacy & Residency – We take the utmost care to ensure data privacy is maintained, including a commitment to:
    • Not selling, sharing or leveraging data for any purpose other than the provision of our services.
    • Ensuring data stays in the country of its origin.
    • A zero trust approach to who can access client data, with multiple layers of encryption.

3rd Party Audits

Xello undergoes regular external audits to ensure compliance.
checkmark SOC2 Type 2 - An annual assessment measuring compliance with various controls in relations to security, confidentiality and availability.
checkmark CyberEssentials - An annual assessment measuring compliance to the standards developed by IASME and the National Cyber Security Centre.

What to Look For When Evaluating Your Next Software Supplier

Learn best practices about what to look for when comparing program features and capabilities.
Get the Checklist

We use cookies on our website to provide the best possible user experience. You can change your settings at any time. For full details about how we use cookies view our Privacy Policy.

Privacy Policy