Privacy, Trust, and Security at Meritto
At Meritto (formerly NoPaperForms), we understand that the cornerstone of any successful educational technology platform is the unwavering commitment to data privacy, trust, and security. In a world where data breaches and privacy concerns are rising, we ensure that our solutions are not just tools for growth but also bastions of security for your organization’s and students’ data.
Privacy as a Priority
Privacy isn’t just a feature at Meritto; it’s a foundational principle. We treat your data with the utmost respect and confidentiality, ensuring that your organization’s and students’ information remains secure and private. Our approach to handling data is transparent and straightforward – we do not engage in selling data or using it for unintended purposes. Your data remains your own, and we are custodians, ensuring its safety, confidentiality and integrity.
Building Trust through Transparency
Trust is not given; it’s earned. At Meritto, we earn your trust by providing complete visibility into how we manage and protect your data. We believe in an open dialogue about our security practices and are committed to upholding the highest standards of data integrity. Our policies are clear, our operations are transparent, and our dedication to safeguarding your data is unwavering.
A Fortress of Security
Security at Meritto is not just about implementing the best practices; it’s about setting new standards. Our secure cloud hosting is bolstered by AWS’s multi-layered security approach, which includes everything from physical security at data centers to advanced cyber protection measures. We continuously evolve our security strategies to stay ahead of threats, ensuring that your data is protected with the most advanced and robust security measures available.
Commitment to Excellence through Certification
At Meritto, we are dedicated to achieving and maintaining the highest standards of quality and security in our services and operations. This commitment is reflected in our pursuit of globally recognized certifications and compliance with industry standards. Our certifications are not just badges of honor; they represent our dedication to excellence and the trust you can place in our solutions.
Business Model & Privacy
Ad-Free Business Model
Our business model is straightforward – we offer high-quality technology solutions at affordable prices. We avoid ad-based revenue models, ensuring that there’s no conflict between monetization and user privacy.
No Hidden Agendas
We have a transparent and ethical approach to business. There are no back-end deals or hidden agendas that compromise user privacy. We gain revenue directly from the value our products provide, not through data exploitation.
Commitment to Customer Trust
Our relationship with our customers is built on a foundation of trust. We avoid practices like double-dipping or backdoor deals that could betray this trust. Our goal is to be a trusted partner in your educational journey, not just a service provider.
User Privacy and Data Sovereignty
User Data Ownership
At Meritto, we recognize that our users own their data. We do not sell, share, or misuse customer data. Our role is to safeguard it and ensure its confidentiality and integrity.
Global Data Compliance
Recognizing the diverse nature of data privacy and compliance requirements across different legal jurisdictions, such as the U.S. and European Union (EU), we tailor our approach to meet these varied standards, ensuring global compliance and respecting data sovereignty.
Legal Framework
We adhere to prevailing legislation related to data, including comprehensive data privacy laws. This ensures our practices are always aligned with the latest legal requirements.
Third-Party Associations
Our collaboration with third-party organizations is managed meticulously to maintain the integrity and privacy of data. We understand, scrutinize, and evaluate each third-party service that may handle your data, through risk assessments and periodic reviews.
Policies
We have established robust business rules and policies designed to protect both employees’ and users’ data privacy. These policies are regularly reviewed and updated to reflect evolving standards and threats.
Data Governance
Our data governance framework includes stringent standards and practices for storing, securing, retaining, and accessing data. This ensures data integrity and minimizes risks across all data lifecycle stages.
Practices
We implement industry-best practices to guide our IT infrastructure, data privacy, and protection strategies. This includes regular audits, employee training, and the adoption of advanced security technologies.
Here’s what we offer
Access Control
- Single-sign on.
- Multi-factor authentication
- Role-based access controls
- IP based access restriction
- Logging, auditing and monitoring features
Data Security
- Data masking
- Data encryption
- Data Isolation
Operational Security
- Hosted on AWS
- Continuous logging & monitoring
- Data backup and restoration
- Vulnerability assessment and remediation
- Disaster recovery
- Change management process
Infrastructure Security
- ACLs for traffic restriction
- AWS default DDoS protection
- Server Hardening
Meritto’s data protection strategy
Meritto’s data protection strategy is intricately aligned with the
core principles of the General Data Protection Regulation (GDPR)
Lawfulness, Fairness, and Transparency
We process personal data for original intent, ensuring fairness and complete transparency in our data handling practices.
Purpose Limitation
Data is collected solely for specified, explicit, and legitimate purposes, with a clear communication of these purposes to our users.
Data Minimization
We adhere to the principle of collecting only the minimum data necessary for our stated purposes.
Accuracy
Continuous efforts are made to keep personal data accurate and up-to-date.
Storage Limitation
We will store any personal data we collect from our customers as long as it is necessary in order to facilitate use of the Services and for ancillary legitimate and essential business purposes.
Integrity and Confidentiality
We maintain robust security measures to protect data against unauthorized access, accidental loss, destruction, or damage.
At Meritto, we don’t just offer a platform; we provide a
secure environment where your educational organization can thrive without the concerns of
data breaches or security threats. Trust, privacy, and security are not just words for us;
they are the pillars upon which Meritto is built.
Choose Privacy. Choose
Security. Choose Meritto.