Security at orah

Secure and private by default

We take the responsibility of managing your data seriously. That’s why security and privacy are key focus areas of our organisation and product development.

Certified to the highest global standards

Orah’s security and privacy program is based on and aligned with industry-standard frameworks, and we maintain a comprehensive suite of certifications and attestations to further demonstrate our commitment to security and privacy.

GDPR Compliant
General Data Protection Regulation
HIPAA Compliant
Health Insurance Portability And Accountability Act
Student Privacy Pledge
Student Privacy Pledge Signatory
COPPA Compliant
Children's Online Privacy Protection Act
ISO/IEC 27001 Certified
Information Security Management System (ISMS)
View Certificate
(Valid until 24 Aug 2024)
View Certificate
(Valid from 24 Aug 2024)
ISO/IEC 27018 Certified
Protection of Personally Identifiable Information (PII)
View Certificate
(Valid until 24 Aug 2024)
View Certificate
(Valid from 24 Aug 2024)
DPA Compliant
Data Protection Act (UK)
PIPEDA Compliant
Personal Information Protection and Electronic Documents Act

Read more

Cloud Security Whitepaper
Our procedures and responsibilities for ensuring the protection of customer information in the cloud.
Information Security Whitepaper
Our processes, policies and security standards we employ.
Data Processing Agreement
These are our GDPR Data processing terms and agreement requests.
GDPR Center
Everything you need to know about our commitment to GDPR.

Security questions or issues

If you think you may have found a security vulnerability or have a question about our security, please get in touch with our security team here