MySchoolPad
Security

Your data is safe with us

Security is foundational to everything we build at MySchoolPad. Here's how we protect your school's data, staff, and students.

How We Protect You

Enterprise-grade security

We apply the same security standards used by the world's most trusted platforms to protect schools of all sizes.

Encryption at Rest & in Transit

All data stored on our infrastructure is encrypted using AES-256. All data transmitted between your browser and our servers uses TLS 1.2+ — no exceptions.

Secure Cloud Infrastructure

MySchoolPad is hosted on industry-leading cloud infrastructure with built-in DDoS protection, firewalls, and automated security patching.

Access Controls

Role-based access control (RBAC) ensures that users only see the data they're permitted to access. Admins, teachers, students, and parents all have strictly scoped permissions.

Audit Logging

Every sensitive action — login, data export, permission change — is logged with a timestamp, user identity, and IP address. Logs are tamper-resistant and retained for compliance.

Backups & Disaster Recovery

We perform automated daily backups with point-in-time recovery. Our disaster recovery plan is tested regularly to ensure your data is never lost.

Authentication

We support strong password policies, session management, and are actively rolling out multi-factor authentication (MFA) for all school admin accounts.

Our Commitments

What we promise you

Beyond technical controls, these are the principles we hold ourselves accountable to.

We never sell your school's data to third parties.
Student data is never used to train third-party AI models.
We do not serve ads based on student or staff activity.
Schools retain full ownership of their data at all times.
Data deletion requests are honoured within 30 days.
We notify affected schools within 72 hours of any confirmed breach.
Compliance

Built for compliance

NDPR Aligned

We align with Nigeria's Data Protection Regulation (NDPR) for all personal data processing.

GDPR Principles

We apply GDPR principles for data minimisation, purpose limitation, and user rights globally.

Regular Audits

Our security posture is reviewed regularly by internal and external assessments.

Responsible disclosure

If you discover a security vulnerability in MySchoolPad, we encourage responsible disclosure. Please report it to us privately so we can address it before any public disclosure. We take all reports seriously and respond promptly.

Security disclosures

security@myschoolpad.com