All Collections
Security & privacy
Eduflow Data Breach Policy
Eduflow Data Breach Policy
David Kofoed Wind avatar
Written by David Kofoed Wind
Updated over a week ago


A breach is any unauthorized acquisition of computerized data that compromises the security, confidentiality, or integrity of personal information that we maintain.

Personal information

Unencrypted information containing: individuals’ names or initials, social security numbers, driver’s license number or other identification numbers, financial information (i.e., bank account number, credit or debit card number), medical information, health insurance information, and other personal identifiers.


In the event of a data breach, the goal is to provide notice to affected parties as soon as reasonably possible. From we are aware of the breach a notice will be communicated within 72 hours.

Recipients of the Notice

We will notify both the impacted users and any known schools to which those users belong via contact information on record.

Information in the Notice

  • Company contact information.

  • A general description of the breach incident

  • An explanation, to the best of our knowledge, of what happened.

  • A listing of the types of personal information that is believed to be compromised.

  • If known, the date and time of the breach, or a best estimate.

  • Whether the notification was delayed as a result of law enforcement.

  • What steps the Company has taken to mitigate the situation, prevent it from happening again, and advice to the impacted individuals on how they can best protect themselves.

Method of notification

Notifications should be sent via email to all impacted users.

Did this answer your question?