Security & Compliance

This page contains our information about our data security and regulatory compliance. We are committed to keeping your data safe and secure, by using best practices to protect our systems.

ISO/IEC 27001:2013 Compliance

ISO 27001 is the most widely known information security management standard used by organizations to keep data assets secure. Implementing ISO27001 demonstrates a commitment to information security at every level of our organization. The ISO/IEC 27001:2013 Information Security Management System of ManageBac has been certified by BSI under certificate number IS 664562.

More information about ISO/IEC 27001:2013 and Information Security Management Systems (ISMS) can be found here. Our certificate may be found here.

Data Encryption

All data between your computer and our systems is encrypted end-to-end with SSL by default.  Other uploaded assets and backups are also stored and transmitted using encrypted connections.

We never send your data over the wire “in plain sight.” Communications across our internal network are via secure private VPN.

PCI DSS Compliance

ManageBac does not store credit card information on any of our servers. Instead, we securely transmit information to Stripe, our PCI-compliant payment gateway, which handles your transactions.

Because we must securely handle your sensitive information before passing it to Stripe, we are also PCI Data Security Standard compliant.  Our certification can be found here.

Legal & Privacy

Data sent through ManageBac often must respect the laws of the countries where we provide service.  Thus, we go out of our way to to follow all data privacy policies of the countries where we do business.
To that end, we host our data securely on servers located in Canada and follow all rules associated with PIPEDA. Our complete terms of service and privacy policies can be found here.

Data Protection


ManageBac is compliant with GDPR. For more information about our GDPR-related policies, click here.


ManageBac is compliant with the Chinese Cybersecurity Law. Chinese schools use a .cn domain and their data is hosted within China. We also hold ICP 17051512


We comply with all applicable data protection policies in the countries where we do business, including those of:

  • Canada
  • Germany
  • The United Kingdom
  • The United States of America

We have compiled an analysis of some of these policies which you can read here.

Security Policy

Our internal security policies are governed under ISO 27001. Key points include:

  • All access to production data is carefully controlled and limited
  • Physical access to laptops and servers is monitored and controlled
  • Passwords are held to a high standard of security
  • All devices that access our systems are scanned for malware and centrally-managed
  • All users undergo a required security training on an annual basis
  • Our Security Incident Response Team is kept on 24/7 standby and meets weekly to review our security posture
  • We remain vigilant for new security threats and monitor major reported breaches and vulnerabilities to understand their potential impact on our operations

Business Continuity & Disaster Recovery

We have performed a comprehensive analysis of risks to our business and have a Business Continuity Plan and Disaster Recovery Plan in place. We have warm standbys of our applications and data in backup data centres.

Our entire workforce employs a ‘remote first’ mindset to be able to work anywhere. In the event of a natural disaster or serious network issue, we can quickly resume operations in alternate locations.

Further Questions

If you’d like to discuss further aspects of our security and compliance policies for your own internal records, please contact us for a briefing under NDA.


Phone: +1 866 297 7022

Ready to try ManageBac?

Powering Your Curriculum

IS 664562

Portland Office
Suite 1200, 121 SW Salmon Street
Portland, OR 97204

Chicago Office
350 N Orleans St #9000n
Chicago, IL 60654

Hong Kong Office
Unit 1502, 15th Floor
99 Hennessy Road, Wanchai
Hong Kong

London Office
76 Watling Street
London, EC4M 9BJ
United Kingdom

Taipei Branch Office
6F, No.259
Section 1, Dunhua S. Road
Da’an District, Taipei City 10689

Shanghai Office
7th Floor, No. 77 Jiang Ning Road
Jingan District, Shanghai, 200040

Call Us
us +1 866 297 7022
 +44 208 133 7489
 +852 8175 8152
+61 2 8006 2335

Faria Education Group is a leader in international education systems & services.