Is Pathwright GDPR compliant?
Yes, we wrote a separate article about GDPR compliance here.
How do you secure the content in my Pathwright account?
Every Pathwright account is secured under an SSL (Secure Sockets Layer) certificate for every single page in your school. You'll notice the "https" in your URL as opposed to "http." The "S" stands for "secure:" Hyper Text Transfer Protocol Secure (https).
This is provided automatically for every account, and you do not need to take any extra steps to enable it. This is a plus, since Google automatically gives your site a small boost on SEO (Search Engine Optimization) ranking if your site is secure.
SSL is the same encryption that banks use, and it encrypts any data shared between a web browser and web server. A secure connection ensures that any data taken from a site is confidential.
For this reason, all material embedded in your account (videos, surveys, etc) needs to be hosted under https as well. If you want to use a resource not hosted under https, use a hyperlink that opens the content in a new browser tab or window.
Do I own the content I post on Pathwright?
We require that you grant Pathwright permission to display your content online (otherwise we would not have the legal rights to host your content).
We will not use or profit from your content in any way without your permission and you control who has access to your courses.
What learner information does Pathwright collect?
Learners must enter their username, password, and email address when they sign up for a course. Their password is encrypted and stored securely with the same encryption that banks use. As the school administrator, you will have access to your learners' names, email addresses, and progress data.
We will not sell or share your learners' contact information with other organizations. Secure information, like credit card numbers, is not stored. We do not collect physical addresses or phone numbers from learners.
We comply with Payment Card Industry Data Security Standards (PCI/DSS).
What if my learners share their passwords?
A single user account can only track progress for one person. It would not be an ideal user experience if multiple individuals tried to share. You can revoke a user's access at any time if you suspect abuse.
Do I need copyright permission to post a resource I do not own online?
If you plan to post content online that you did not create and is not public domain, then you will most likely need to secure permission to use it.
You are responsible to make sure that you own the material or have permission to use it before offering the course.
How do I keep learners from downloading my video, PDFs, or other content?
If you plan on embedding PDFs, we recommend using Scribd. You will have control over reader permissions, and you can turn off the ability to copy and paste from the document or to download it. Learn more about embedding PDFs here.
Learners must sign in with the username and password they set up when they joined your course. There is no way for learners to easily download content from the course except for the documents you attach for download unless you enable it.
Do you back up my content? How secure is it?
We do have all of Pathwright content backed up on Amazon's servers, which scale based on usage. Amazon uses more than one server to back up your school, and they store our data in several facilities and on multiple devices in each facility. By doing this, they provide 400 times the durability of a typical disk drive. Your Pathwright content has multiple layers of backup.
Pathwright does not have version control and we cannot retrieve unsaved or overwritten content.
If you'd like to back up your course content, you are able to make your own backups by copy/pasting your content and saving it outside of Pathwright. See more about backing up your content.
Can I add my own custom user agreement or copyright notice?
How can I monitor who has access to my account?
You can see who has created a member account in your school any time by going to Community from the Dashboard or main menu. You can revoke any member's access to a single course or to your entire school.
If you would like all admins to receive a notification each time a new member joins, we can enable that setting for you on the backend. Send us a message or email email@example.com to get this set up.
How can I verify my users' identity?
If your school membership should be limited to those you invite:
- Be sure to keep all courses private.
- Ask us to turn on notifications that send to all admins when a new member joins the school or set up a custom notification using Zapier and the Trigger "New school member." If anyone joins your school who should not be there, revoke their access under Community from your Dashboard or main menu. If anyone joins with the wrong email, ask them to update their email under their account settings.
- If it is very important that your users sign up with a specific email, create accounts for your members automatically using the "Create member" Action in Zapier.
If your courses are public:
- Offer courses on a schedule and close the courses at the end.
- Schedule a video call with your learners. Use the meeting to discuss their work in the course and give feedback and ask to see a valid ID.
- If you suspect anyone of sharing their password, revoke their access under Community.