Skip to main content
BehaviourWellbeingInsightsCommunity
Our StoryBlogFAQContact
ten points
Pricing
Book a callLog in
BehaviourWellbeingInsightsCommunity
Our StoryPricingBlogFAQ
Book a callLog in

Trust Centre

Security Principles

Last updated: May 21, 2025

← Trust Centre

At Ten Points, the security and privacy of our users — especially schools, teachers, and students — is at the heart of everything we do.

This page summarises our key security measures in plain language. It aligns with our formal Information Security Policy and Data Protection Policy.

✅ Our Commitment to Security

We are committed to ensuring:

  • Confidentiality – Data is protected from unauthorised access through access controls, encryption, and staff vetting.
  • Integrity – Systems are protected against tampering or loss, with audit logging and peer-reviewed code changes.
  • Availability – Our platform is resilient, monitored 24/7, and designed for high uptime.

🛡️ Data Protection Measures

  • Encryption – All data in transit is encrypted (TLS 1.2+). Data at rest is encrypted with industry-standard algorithms.
  • Isolation – Each school’s data is logically separated for privacy and integrity.
  • Backups – Regular encrypted backups are maintained to support disaster recovery.
  • Access Control – Data access is limited to certified team members on a “least privilege” basis. All production access is logged.
  • Staff Training – All staff complete annual privacy/security training and pass DBS Basic Checks.

🧾 Compliance and Standards

  • Ten Points complies with UK GDPR and is registered with the ICO (Ref: ZB716018).
  • Our Data Processing Agreement (DPA) sets out our role as Data Processor.
  • We apply Privacy by Design to all new features.
  • We are working toward Cyber Essentials and ISO 27001 certification.

🔍 Vulnerability Disclosure

We welcome reports from security researchers and educators.

If you believe you’ve found a security issue, please contact us: 📧 [email protected]

We acknowledge reports within 72 hours and resolve valid issues quickly. You can also see our security.txt disclosure policy.

🔄 Change Management & Monitoring

  • Monitoring – Infrastructure is monitored 24/7 for anomalies and availability.
  • Audit Logging – All key activities are logged to support security and investigation.
  • Change Control – Code and infrastructure changes are reviewed, tested, and deployed using industry best practice.

🔐 User Responsibilities

We encourage users to:

  • Use strong, unique passwords
  • Enable multi-factor authentication (where available)
  • Keep login credentials confidential
  • Report any suspicious activity immediately

📫 Contact Us

For security concerns: [email protected]
For data protection questions: [email protected]

  • Home
  • Behaviour
  • Wellbeing
  • Insights
  • Community
  • Our Story
  • Blog
  • FAQ
  • Pricing
  • Contact
Get started
ten points
Trust CentreAgreement

© 2026 Ten Points Education Ltd