We will never sell or rent your data or create profiles of Hero users to sell. Our business model is based on charging schools directly for our services.
Student work is private to those who are given access by the school.
Schools control what is shared and with whom. Access to student data is controlled by each school and cannot be accessed without the school allowing it.
We use the latest security industry best practices to protect you and us.
Hero takes protecting your security and privacy seriously and we've put a number of measures in place to protect the integrity of your information.
Hero uses TLS security at the network level to ensure all account information and data is transmitted securely.
Post Content (e.g., photos, video, audio, and other content you add to Hero) is encrypted at rest.
All passwords are salted and hashed using Argon2id.
Hero conducts a yearly, 3rd party security audit to verify the security and integrity of our systems and internal controls.
Account information is stored in highly secure, access-controlled Microsoft Azure data centers.
We have adopted an internal data access policy that restricts access to personally identifiable information to a limited number of employees with a specific business need (such as for technical support).
All employees undergo a background check before beginning employment at Hero, sign a nondisclosure agreement, and immediately lose access to all internal systems and data when terminated.
We routinely monitor our systems for security breaches and attempts at inappropriate access.