Sign In
Get Started
Search
⌘K
Get Started
Platform
Dashboard
Developer Guides
API Reference
UI Widgets
Providers
Legal
Flow
Changelog
Roadmap
For Developers

Security Requirements

the Edlink Team
By the Edlink Team
Unknown Date
Copy Markdown
Report an Issue

API Requests

  • All requests to the API must be sent via HTTPS.
  • Edlink will redirect all incoming requests on port 80 (HTTP) to port 443 (HTTPS).
  • All requests (except for API metadata) require the inclusion of an Edlink secret key so we can identify the application who is accessing it.
  • Extremely detailed data access logs are available to school administrators for auditing.
  • Data logs are stored for 7 days, after which they are completely destroyed.
  • When data is deleted from our system it is truly deleted, not simply "marked as deleted".

Data Encryption

  • Edlink data is stored in a managed Google Cloud Platform database.
  • Access is restricted to only our production servers.
  • All data is encrypted in transit, and at rest, via the LUKS encryption specification.
  • All data is backed up daily, with a 7 day retention policy, after which it is destroyed completely.
  • Edlink is fully FERPA and COPPA compliant.
  • Edlink is fully GDPR compliant.
  • We honor right-to-forget requests to the best of our ability.
    • Users can email privacy@ed.link to retrieve or destroy their personal data.
    • This may require school administrator consent.