Student data, treated with the seriousness it deserves.
Encryption at every layer, access control by role, data residency inside India, and a firm commitment: Inforida never trains AI models on student data. Here's exactly how we honour that.
Six pillars of our security posture
Encryption, everywhere
Every byte in transit uses TLS 1.3. Every byte at rest uses AES-256. Password hashes use argon2id with per-user salt. Sensitive tokens are encrypted at the application layer on top of database encryption.
Role-based access control
Nine default roles (owner, principal, accountant, admin, teacher, parent, student, finance, audit) with fine-grained permissions on every sensitive action. Every change is audit-logged with who, what, when and from which device.
Student data is never used to train AI
Student names, grades, behaviour notes and parent conversations never train a foundation model. AI calls run through Inforida's inference layer with data-processing agreements — and responses are retained only long enough to serve the request.
Data residency inside India
All primary data stores for Indian schools run on Google Cloud Mumbai and AWS Mumbai regions. Backups replicate across two Indian availability zones. No cross-border data movement for Indian schools.
Compliance posture
ISO 27001 certified infrastructure partners. DPIIT registered Indian company. Aligned with India's DPDP Act 2023, GDPR, and Children's Online Privacy regulations. Annual third-party penetration tests with remediation tracked publicly.
Incident response
24×7 monitoring with on-call rotation. SLA-backed commitment to notify affected schools within 72 hours of a confirmed security incident. Status page and postmortems published for every production issue.
Need our security questionnaire?
Enterprise security teams can request our SIG-Lite answers, third-party penetration test summary, and Data Processing Agreement — under NDA. We typically reply within one business day.