Privacy & security

Learn how Xello's extensive data privacy measures and information security best practices ensure the confidence of all our stakeholders.

Ownership & control of your student data

adult-blur-business-computer-1181474-1

Ownership & control of your student data

Because our data storage practices comply with data retention laws, and our Privacy Policy is governed by FERPA, PIPEDA, GDPR and all established federal, regional, and international regulations, Xello customers can rest assured their data will never be accessed or used in unauthorized ways.

Our pledge of student privacy

boy-using-laptop

Our pledge of student privacy

Xello has signed the national Student Privacy Pledge regarding the collection, maintenance, and use of student personal information. The pledge states: “School service providers take responsibility to both support the effective use of student information and safeguard student privacy and information security.”

Assurance of safe data storage

Schools and districts can communicate with confidence to shareholders that their student data is safe and secure.
  • Path Created with Sketch.
    Family Educational Rights and Privacy Act Regulations (FERPA)
  • Path Created with Sketch.
    General Data Protection Regulation (GDPR)
  • Path Created with Sketch.
    Children’s Online Privacy Protection Act (COPPA)
  • Path Created with Sketch.
    Personal Information Protection and Electronic Documents Act (PIPEDA)
  • Path Created with Sketch.
    Education Law Section 2-D (EdLaw 2D)

Access 4 Learning community member

2024_a4l_member_badge-horizontal

Access 4 Learning community member

Composed of more than 3,000 schools, districts, local authorities, states, US and International Ministries of Education, software vendors and consultants, this non-profit collaboration addresses all aspects of information management and access to support learning.

Xello’s commitment

Xello is accessible by all students, educators, and their communities, while maintaining the highest standards of privacy, security and data protection.

Here's how we do it:

  • Path Created with Sketch.
    Secure software development – This includes integrating vulnerability scanning, as early as the development phase, and regular testing.
  • Path Created with Sketch.
    Secure infrastructure – Xello leverages modern technologies such as web application firewalls, intrusion detection and prevention systems to protecting all systems.
  • Path Created with Sketch.
    Data privacy & residency – We take the utmost care to ensure data privacy is maintained, including a commitment to:
    • Not selling, sharing or leveraging data for any purpose other than the provision of our services.
    • Ensuring data stays in the country of its origin.
    • A zero trust approach to who can access client data, with multiple layers of encryption.

3rd party audits

Xello undergoes regular external audits to ensure compliance.
  • Path Created with Sketch.
    SOC2 Type 2 - An annual assessment measuring compliance with various controls in relations to security, confidentiality and availability.
  • Path Created with Sketch.
    CyberEssentials - An annual assessment measuring compliance to the standards developed by IASME and the National Cyber Security Centre.

We use cookies on our website to provide the best possible user experience. You can change your settings at any time. For full details about how we use cookies view our Privacy Policy.

Privacy policy