HelloDay
Global Admission
Blog
Contact Us
Pricing
Get Started FreeSign up Free
Security & Trust

🔒 HelloDay.ai Security & Trust

We protect your school's data with strict security practices, transparent policies, and privacy-first product design.

Your trust matters — here's exactly how we keep your data safe.

Our Security Principles

🛡️

Privacy First

We process only what's necessary — never selling, renting, or sharing your data with third parties for marketing.

🔍

Full Transparency

You always know what is collected, how it is used, and where it is stored.

🔑

Controlled Access

Access to customer data is strictly limited, logged, and reviewed.

⚙️

Secure by Design

Every feature is built with safe defaults, encryption, and continuous monitoring.

Data Protection & Encryption

🔐

Encryption

  • All data is encrypted in transit (HTTPS/TLS 1.2+)
  • All data is encrypted at rest (AES-256)
  • Internal systems follow least-privilege and role-based access
  • API traffic fully encrypted end-to-end
🗄️

Data Storage

  • Hosted on Google Cloud Platform (GCP) with industry-standard security
  • Isolated per-tenant environments for sensitive information
  • Daily backups with automatic integrity checks

Security Measures We Already Implement

✔️

Infrastructure

  • Production environment protected via GCP IAM
  • VPC-level isolation & firewall-level traffic filtering
  • Continuous vulnerability scanning on servers and services
✔️

Application Security

  • Mandatory HTTPS
  • Input validation & rate-limiting
  • Automated detection of abnormal usage patterns
  • Regular dependency updates & patching
✔️

Operational Security

  • Internal access restricted via RBAC
  • Activity logging for all admin operations
  • Secure internal communication channels
  • Staff training in phishing & data-handling

How We Handle School, Student & Parent Data

🎓

School Data

  • Only used for delivering HelloDay.ai features
  • Never used to train external AI models
👩‍🎓

Student & Parent Questions

  • Stored securely for FAQ analytics
  • Automatically anonymized when used for patterns & insights
  • Can be deleted at any time by the school
📬

Communications

  • AI conversations are processed securely within the platform
  • No sharing with advertisers, external AI services, or third parties

AI Transparency & Model Safety

🤖

How AI Is Used

  • AI answers admission questions based on your school-provided content
  • AI only uses your approved materials — nothing else
🧠

Model Safety

  • We apply prompt-level safety rules
  • Sensitive-data filters for student questions
  • Automatic blocking of risky prompts (e.g., passport numbers)

Your Data, Always Yours

HelloDay.ai does not:

train external LLMs on your data
sell data
transfer data to advertisers

You own the data — we protect and process it only to operate the service.

Upcoming Security & Compliance Roadmap

We aim to expand our global compliance with:

SOC 2 Type I & II

ISO 27001

GDPR Data Processing Addendum (DPA)

FERPA-aligned controls for US institutions

We will update this page as each step is completed.

Frequently Asked Questions

Where is my data stored?

All data is stored securely on Google Cloud Platform with encryption at rest & in transit.

Is any data shared with third parties?

No. Data is only used within HelloDay.ai to provide the service.

Does AI access student personal information?

Only when necessary to answer a question — and always securely.

Can I delete all data?

Yes. Schools can request deletion at any time.

Contact Our Security Team

Need clarification or have a security question?

📧security@helloday.ai