• We Like You Already.
  • Here’s a Deal.
  • Free consult + 10% off your first month if you enroll in the next 48 hours.
  • Let's Go
Back

Security Policy

Effective from: 01/01/2019
Last Updated: 01/01/2025

At LevelApp, safeguarding the personal data, digital infrastructure, and operational integrity of our students, parents, tutors, and staff is a top priority. This General Security Policy outlines the principles, procedures, and responsibilities that govern the secure delivery of our services.

1. Purpose

This policy establishes a framework to ensure:

  • Protection of sensitive data (student records, contact details, payment info).
  • Secure operation of digital tools and platforms.
  • Awareness and accountability across all personnel in upholding security standards.

2. Scope

This policy applies to:

  • All LevelApp employees, trainers, contractors, and vendors.
  • All platforms and systems used for operations, communication, and learning delivery.
  • All data collected, stored, processed, or transmitted during our service operations.

3. Data Protection Principles

We follow strict principles in alignment with global best practices and applicable data protection laws:

  1. Lawful & Transparent Use – Data is collected and used only with consent and for stated purposes.
  2. Data Minimisation – We collect only what is necessary and store it for limited, relevant periods.
  3. Integrity & Confidentiality – Access to sensitive data is restricted, encrypted, and monitored.
  4. Right to Access & Rectification – Clients can request to view or correct their data at any time.

4. Digital Platform Security

We take the following precautions to maintain secure operations:

  • Secure Access: Role-based permissions are enforced across internal tools (Google Workspace, CRM, Sheets, LMS).
  • Encryption: All data transfers occur over encrypted connections (SSL/TLS).
  • Password Policy: Strong password requirements and two-factor authentication (2FA) are enforced where applicable.
  • Session Privacy: Tutoring sessions are conducted via secure platforms like Lessonspace, with session access links restricted to relevant parties only.

5. Device and Network Security

To ensure secure work environments:

  • Employees and tutors are expected to use updated antivirus software, firewalls, and secure Wi-Fi.
  • LevelApp may issue company guidelines for personal device use (BYOD policy).
  • Data storage on personal devices must be avoided unless encrypted and explicitly approved.

6. Incident Reporting and Response

If any data breach, suspicious activity, or cyber-attack is detected:

  • It must be reported immediately to support@levelapp.in or your reporting supervisor.
  • Affected systems will be isolated and investigated.
  • Clients will be notified within 72 hours if their data is compromised, in accordance with compliance obligations.

7. Trainer and Employee Responsibility

All team members must:

  • Complete onboarding on data privacy and cybersecurity protocols.
  • Avoid sharing login credentials, internal documents, or client information externally.
  • Use only authorized tools and avoid downloading unauthorized software.
  • Log out of shared systems after each session or at the end of the workday.

8. Third-Party Vendors

Vendors handling LevelApp’s data or technical infrastructure must:

  • Sign NDAs and security compliance agreements.
  • Demonstrate compliance with relevant security standards (e.g., ISO 27001, GDPR).
  • Undergo vetting and periodic audits.

9. Enforcement and Non-Compliance

Any breach of this policy may lead to:

  • Immediate revocation of access to LevelApp systems.
  • Disciplinary action or termination of engagement.
  • Legal action in cases of willful negligence or malicious behaviour.

10. Policy Review

This policy is reviewed annually or when significant changes occur in:

  • Technology platforms used
  • Legal or regulatory requirements
  • Business operations

11. Contact Information

For questions or to report a concern, please contact:

  • Security Team: support@levelapp.in
  • Compliance Officer: Rachit Kumar Mathur
  • Email: rachit@levelapp.in

By engaging with LevelApp as a client, trainer, or staff member, you acknowledge that you have read, understood, and agree to comply with this Security Policy.