Security & privacy

Anonymity students can trust. Evidence IT can sign off.

Course evaluation only works if students believe it is anonymous and IT believes it is sound. Both are design constraints, not afterthoughts.

University colleagues together — Anonymous by design · IT-grade controls

Student anonymity

Anonymous to faculty & leadership

Evaluations are never attributable to a student. Faculty and admins see aggregates and anonymous excerpts only.

Minimum-cohort thresholds

Small cohorts are suppressed so a response cannot be inferred by elimination.

Access & identity

SSO / SAML

Google Workspace, Microsoft Entra, or SAML — whatever your IT runs. Role is derived from your institutional account.

Least-privilege roles

Student, faculty, quality directorate, and operator roles are scoped to what each needs and nothing more.

Data & hosting

Hosting & residency

Hosted on managed cloud infrastructure; data-residency-bound institutions can self-host the same software (Enterprise).

Encryption

Encrypted in transit (TLS) and at rest on managed storage.

Backups & retention

Regular backups; retention configured per institution and documented in your agreement.

Export & deletion

Full export on request; deletion within the agreed window on termination. No lock-in.

Compliance posture

Honest about status.

OneRubric is built to be GDPR-ready and aligned with SOC 2 control practices. We do not claim certifications we do not yet hold; current attestation status, sub-processor list, and the data-processing agreement are provided during procurement and onboarding.

Request the security pack