[ SECURITY ]
ankrly is built on a foundation of layered security controls. We protect volunteer records, student data, and organization information with industry-standard practices.
All data transmitted between your browser and our servers is encrypted using TLS 1.3. Data stored on our servers is encrypted at rest using AES-256 encryption. Database backups are also encrypted, and access to encryption keys is tightly controlled and audited.
We enforce role-based access controls (RBAC) across the platform, ensuring users can only access data and features appropriate to their role. Multi-factor authentication is available and encouraged for all accounts. Sessions are automatically expired after periods of inactivity.
ankrly is hosted on secure, SOC 2-compliant cloud infrastructure with physically secured data centers. Our infrastructure includes redundant firewalls, intrusion detection systems, and automated threat monitoring. We perform regular vulnerability scans and penetration tests.
We maintain 24/7 automated monitoring of our systems for suspicious activity, unauthorized access attempts, and performance anomalies. Our incident response plan includes defined escalation procedures, a dedicated security team, and notification protocols to affected users within 72 hours of confirmed incidents.
Protecting student privacy is foundational to our security practices. We implement additional safeguards for student data, including strict access restrictions, data minimization principles, and compliance with COPPA and FERPA requirements. Student data is never used for advertising, profiling, or any purpose beyond providing the service. We conduct annual reviews of our student data practices.
All ankrly employees undergo mandatory security and privacy training upon hire and annually thereafter. We maintain comprehensive security policies covering data handling, incident response, access management, and vendor risk assessment. Background checks are conducted for employees with access to production systems.
We take security seriously. If you believe you have discovered a vulnerability in ankrly, please disclose it responsibly to security@ankrly.com. We commit to acknowledging receipt within 24 hours and working with you to resolve the issue promptly.
ankrly, inc. — 2026