Security and Trust Center
Your Data, Protected and Private. Always.
We are deeply committed to protecting the data of your organization and your people. All information remains confidential and secure through enterprise-grade infrastructure, strong encryption, and strict privacy commitments your IT and procurement teams can rely on.
100%
Canadian Data Residency
AES-256
Encryption at Rest
TLS 1.3
Encryption in Transit
Zero
Customer Data Used for AI Training
100% Canadian
All user data is stored within Canada.
Your organization's data, including recordings, transcripts, and performance reports, are always stored within Canadian jurisdiction by default. This supports compliance with PIPEDA and applicable provincial privacy legislation.
Our data servers are powered by 100% carbon-free energy
Our Core Security & Privacy Principles
Your Data is Never Used for AI Model Training
This is our fundamental promise. We strictly do not use any customer data, including videos, transcripts, or performance reports, to train our own or any subprocessor AI models. Your proprietary information, practice sessions, and personal data are used for one purpose only: to provide you with private, personalized feedback. Your data remains your own.
Enterprise-Grade Security Foundation
TrackPoint is built on the same cloud infrastructure trusted by major global banks, healthcare systems, and government institutions. Your data is protected by world-class physical security, redundant power systems, and automated threat detection, delivering the resilience and availability enterprise organizations require. The underlying infrastructure holds ISO 27001, ISO 27017, ISO 27018, and SOC 2 Type II certifications.
Comprehensive Data Encryption
We protect your data at every stage using strong, industry-standard encryption:
Encryption in Transit
All data transferred between your device and our platform is protected with TLS 1.3, the current industry standard for secure data transport.
Encryption at Rest
All stored data, including video files, transcripts, and user records, is secured using AES-256, one of the strongest encryption standards available globally.
Secure Access & Identity Management
Access to your organization's data is strictly controlled at every level:
Role-Based Access
Organization admins control who can access what. Learner data is isolated and not visible across teams without explicit permission.
Multi-Factor Authentication
MFA is supported for all accounts and can be enforced organization-wide to meet your internal security policies.
Secure Authentication
Authentication follows industry-standard OAuth 2.0 and OpenID Connect flows. Passwords are never stored in plain text.
Application Security & Threat Protection
TrackPoint is built with application-layer security as a first-class concern. Bot mitigation and application integrity verification are enforced at the API layer, preventing unauthorized automated access. All application secrets and credentials are stored in a centralized encrypted vault. No credentials are hardcoded or exposed in application code. Backend services run in isolated containers with no persistent shared state, reducing attack surface and limiting the impact of any potential incident.
Operational Security & Auditability
Access to production systems is restricted to a small number of authorized personnel using the principle of least privilege. Data deletion requests are fulfilled promptly and confirmed in writing. We maintain clear data retention policies and can provide organizations with data processing agreements (DPAs) upon request.
Compliance & Certifications
Our underlying cloud infrastructure maintains the following industry certifications. Supporting documentation is available to IT and procurement teams upon request.
Security, availability, and confidentiality controls audit
Information security management system standard
Cloud-specific security controls
Protection of personal data in the cloud
Canadian federal privacy law. Data stored and processed in Canada
Data handling practices aligned with EU privacy standards
Current standard for encrypted data transport
Military-grade encryption for all data at rest
Have More Questions?
Your confidence is our top priority. For security questionnaires, DPA requests, or to connect your IT team with ours, we're here to help.
Contact Us230 - 15 Innovation Boulevard. Saskatoon, SK. S7N 2X8. Canada
Made with ❤️ in Canada
Transform your team's performance.