Is Pathwright GDPR compliant? 

Yes, we wrote a separate article about GDPR compliance here

How do you secure the content in my Pathwright account?

Every Pathwright account is secured under an SSL (Secure Sockets Layer) certificate for every single page in your school. You'll notice the "https" in your URL as opposed to "http." The "S" stands for "secure:" Hyper Text Transfer Protocol Secure (https). 

This is provided automatically for every account, and you do not need to take any extra steps to enable it. This is a plus, since Google automatically gives your site a small boost on SEO (Search Engine Optimization) ranking if your site is secure. 

SSL is the same encryption that banks use, and it encrypts any data shared between a web browser and web server. A secure connection ensures that any data taken from a site is confidential.

For this reason, all material embedded in your account (videos, surveys, etc) needs to be hosted under https as well. If you want to use a resource not hosted under https, use a hyperlink that opens the content in a new browser tab or window. 

Do I own the content I post on Pathwright? 

Yes, all of the course content is owned by you, and you can view our Terms of Use for the copyright information pertaining to Course Authors.

We require that you grant Pathwright permission to display your content online (otherwise we would not have the legal rights to host your content). 

We will not use or profit from your content in any way without your permission and you control who has access to your courses. 

What learner information does Pathwright collect? 

Learners must enter their username, password, and email address when they sign up for a course. Their password is encrypted and stored securely with the same encryption that banks use. As the school administrator, you will have access to your learners' names, email addresses, and progress data. 

We will not sell or share your learners' contact information with other organizations. Secure information, like credit card numbers, is not stored. We do not collect physical addresses or phone numbers from learners.

We comply with Payment Card Industry Data Security Standards (PCI/DSS).

What if my learners share their passwords? 

A single user account can only track progress for one person. It would not be an ideal user experience if multiple individuals tried to share. You can revoke a user's access at any time if you suspect abuse. 

Do I need copyright permission to post a resource I do not own online? 

If you plan to post content online that you did not create and is not public domain, then you will most likely need to secure permission to use it. 

You can read our full Terms of Use here, but the relevant information is under Copyright & Intellectual Property.

You are responsible to make sure that you own the material or have permission to use it before offering the course. 

How do I keep learners from downloading my video, PDFs, or other content? 

We recommend using Vimeo Plus for hosting your video. Vimeo Plus has security settings that will let you restrict playback to your Pathwright school. 

If you plan on embedding PDFs, we recommend using Scribd. You will have control over reader permissions, and you can turn off the ability to copy and paste from the document or to download it. Learn more about embedding PDFs here. 

Learners must sign in with the username and password they set up when they joined your course. There is no way for learners to easily download content from the course except for the documents you attach for download unless you enable it

When anyone registers for a course, they will automatically be signing off on your school Terms of Use and Privacy Policy. Here are links to those two documents: Terms of Use and Privacy Policy

Do you back up my content? How secure is it? 

Pathwright is a web-based platform, so you won't need to download or update any software; we host everything in the cloud. 

We have all Pathwright content backed up on Amazon's servers, which scale based on usage. Amazon uses more than one server to back up your school, and they store our data in several facilities and on multiple devices in each facility. By doing this, they provide 400 times the durability of a typical disk drive. 

We run backups daily. 

However, please note that Pathwright does not have version control and we cannot retrieve unsaved or overwritten content. 

If you'd like to back up your course content, you are able to make your own backups by copy/pasting your content and saving it outside of Pathwright. 

You can also make duplicates of your courses for extra redundancy. See how to copy a course. 

Can I add my own custom user agreement or copyright notice?

Yes, you can. In compliance with GDPR, you can add your own Privacy Policy or Terms and your users will need to sign off on them when they create an account. 

See how to add your privacy policy here

By default, learners will sign off on our standard Privacy Policy

How can I monitor who has access to my account? 

You can see who has created a member account in your school any time by going to Community from the Dashboard or main menu. You can revoke any member's access to a single course or to your entire school. 

If you would like all admins to receive a notification each time a new member joins, we can enable that setting for you on the backend. Send us a message or email to get this set up. 

How can I verify my users' identity? 

If your school membership should be limited to those you invite: 

  1. Be sure to keep all courses private. 
  2. Ask us to turn on notifications that send to all admins when a new member joins the school or set up a custom notification using Zapier and the Trigger "New school member." If anyone joins your school who should not be there, revoke their access under Community from your Dashboard or main menu. If anyone joins with the wrong email, ask them to update their email under their account settings.
  3. If it is very important that your users sign up with a specific email, create accounts for your members automatically using the "Create member" Action in Zapier. 

If your courses are public: 

  1. Offer courses on a schedule and close the courses at the end. 
  2. Schedule a video call with your learners. Use the meeting to discuss their work in the course and give feedback and ask to see a valid ID. 
  3. If you suspect anyone of sharing their password, revoke their access under Community.
Did this answer your question?