Privacy & Security You Can Trust
An overview of Edvise’s data-privacy program & why a focused team protects you better than legacy vendors.
Program Highlights
Role-Based Access
Granular RBAC + mandatory MFA with quarterly reviews.
Data Lifecycle
Client-set retention & 60-day hard deletion post-exit.
Incident Response
Confirm + notify within 72 h (target < 24 h).
DevSecOps
CI/CD SCA scans, SBOM, auto-patch rollouts.
Student Rights
Self-service export, correction, erasure via institution.
Hosting Locale
All production data stays in your local GCP region.
Deep-Dive Details
Academic & Demographic
Course enrollments, majors, advising notes — all under FERPA.
Combined External Sets
Industry codes & career profiles added — never new PII.
User-Provided Files
Free-form uploads processed with the same protections.
Telemetry
IP & device metadata logged for security — no ads.
Security Roadmap
SOC 2 Type II
Full attestation targeted for Q4 2025.
Automated CMEK Rotation
Monthly key rotation without downtime.
AI-Driven Threat Alerts
Anomaly detection for sub-minute response.