Technical & Security Specifications
Learn more about how WeSchool meets GDPR, SSO, HTTPS and other technical requirements.
WeSchool has received several certifications and recognitions that reflect our dedication to quality and security. These include:
- ISO 9001:2015: This certification signifies our commitment to maintaining high-quality standards.
- ISO 27001:2013: It showcases our focus on ensuring the security of our services.
- ISO 20000-1:2020: This demonstrates our effective service management practices.
In addition, we’re honored to have received the AgID Certification from the Italian government, recognizing our role as a reliable digital service provider.
We are proud to declare our full compliance with the GDPR regulations.
- Data Owner: You are the data owner when you use WeSchool’s services.
- Data Controller: WeSchool Srl.
- Data Protection Officer (DPO): You can reach out to Studio E-Lex at firstname.lastname@example.org. Our registered office is located in Rome, 00186, Via Dei Barbieri, 6, with VAT number 11514241006.
SOC 1 and SOC 2 Compliance
We always aim to provide our clients with transparent and compliant services to safeguard your data and privacy. For in-depth insights into our SOC compliance, refer to our data center’s SOC compliance documentation.
Our security measures include HTTPS encryption, with certificates issued by Amazon Trust Services, a trusted Amazon-managed public certificate authority (CA). For further insights into these certificates, you can find detailed information in the ACM certificate characteristics and Amazon Trust Services – Certificate policy Version 1.0.13 (PDF). Our clients’ online security is of utmost importance to us, and we’re committed to ensuring that data remains safe and protected.
Certificates are provided by the Amazon Trust Services, an Amazon-managed public certificate authority (CA). For more information: ACM certificate characteristics and at Amazon Trust Services – Certificate policy Version 1.0.13 (PDF)
Ensuring the security of our users’ passwords is a top priority. To provide the highest level of protection, we employ robust encryption methods. Specifically, we utilize the Secure Hash Algorithm (SHA) as the basis for our password encryption process. This algorithm transforms user passwords into unique and irreversible cryptographic hashes. This approach guarantees that even in the unlikely event of a data breach, the original passwords remain secure from reverse-engineering or compromise. Our use of industry-standard encryption techniques underscores our commitment to preserving the confidentiality and integrity of our users’ sensitive information.
Single sign-on (SSO)
SSO simplifies the login process, allowing users to access multiple applications without repeated credential input. It involves redirecting users to an identity provider (IdP) for authentication. Upon successful authentication, the IdP issues a security token, validated by service providers (SPs) for seamless access without additional authentication. We offer integration with major providers like Google, Apple, and Microsoft, both in simple and enterprise settings.
For organizations seeking SSO without relying on these services, we provide flexible integration options. Our SSO solution supports standard protocols like SAML (Security Assertion Markup Language), enabling smooth integration with various IdPs. This empowers companies to maintain control over their authentication processes and customize the SSO experience to suit their specific requirements. SSO also ensures that user credentials are securely managed and authenticated within their own systems.
Incident response plan
For Enterprise accounts, we offer an Incident Response Plan. Our clients’ security is our priority.
The WeSchool platform maintains a constantly high uptime of 99.99%, minimizing potential downtime. Our resilient infrastructure with redundant components, combined with proactive monitoring, ensures our clients can rely on uninterrupted access. In case of need, we can provide our customers with more information.
You can find our current support service availability here. If you have an Enterprise account and would like to discuss custom Service Level Agreements (SLAs), we’re more than happy to chat with you about it.
Data export process