1. Passwords are stored in hashed/encrypted format and are not visible or accessible in plaintext.

2. The platform stores only essential user information required for LMS access and usage, suchas:o Nameo Email IDo Password (encrypted)o Course progress, quiz and assessment data

3. The application is hosted on a secure VPS/cloud environment with restricted server access.

4. Access to the admin panel is role-based, ensuring only authorized users can managecourses, users, and
reports.

5. Regular platform maintenance and security updates are carried out by the Tech for SocialGood team.

6. The platform uses secure HTTPS/SSL encryption for data transfer between users and theapplication.

7. Video content is externally hosted (e.g., YouTube/Vimeo/private hosting links), reducing direct server load and improving security and scalability.

8. User data is not shared with third parties or used for any purpose outside the scope of theLMS platform and project implementation.

9. Weekly backups of the platform and database are maintained automatically. Additionally,manual backups are taken before every update to prevent any data loss.

10. The platform architecture is designed to support scalability, performance, and secure accessfor large user bases.

11. The platform follows GDPR-aware and privacy-conscious data handling practices, includingsecure password storage, role-based access control, HTTPS encryption, and minimalcollection of user data required for platform usage.