We take data privacy very seriously. We minimize our data collection and currently do not collect student data.

Our Privacy Policy explains how we collect, use, and share information. We do not collect or use student data whatsoever. Our collection, use, and disclosure of data is guided by the Family Educational Rights and Privacy Act (FERPA).

Districts can access various community analytics through the Nexxus Portal. Districts maintain complete control over this data. We will always delete district data from our systems upon request.


Our approach to security, from the ground up, helps shield sensitive data at every step.

Full encryption in transit and at rest

We use modern cryptographic algorithms and follow key management best practices with strict user access control.

Secure development lifecycle

All new development, including new features, are rigorously reviewed from a security perspective before rollout.

Cloud-hosted infrastructure

Cloud service providers have greater security expertise running servers in the cloud across thousands of customers over many years. Nexxus Portal’s infrastructure runs on Microsoft Azure. More details can be found on Microsoft Azure’s compliance site.

Comprehensive independent third-party security evaluation

We work with HackerOne to run a bug bounty program. The bug bounty program engages security researchers and independent security professionals to proactively test our platform and reports any issues.