We take security and privacy really seriously and have a number of processes in place to both prevent and respond to violations of either.
In addition to enumerating these various tools and what data is collected, we retain some personal information about many users - name, email address, images, education history, etc. We use this data to power your website and update alumni records for accuracy if you are a part of a Symphony network. At no time do we ever, nor will we ever, purposefully sell, trade or otherwise release your information externally. We do our best to keep it as secure as possible and our revenue stream is built on providing you services and tools in exchange for enterprise subscription charges and donation processing fees, not advertising or other commercial uses of your data.
Our platform meets all the requirements of PCI-A certification and undergoes regular external compliance scans. We maintain rigorous internal data breach response and prevention standards and regularly change internal passwords and well as audit our processes to prevent unauthorized access to our system. Of course, as is well known in the modern world, perfect security is impossible. To bolster our efforts, we host all of our environments at WPEngine which boasts a strong security policy of their own and maintains a dedicated team ready to respond to any external threats to our system. We also maintain a Cyber Risk and Liability insurance through The Hartford in order to have the resources necessary to immediately respond to any security breach.