Our #1 priority is keeping your content and student data safe
Key Security Features
Secure cloud hosting & daily backupsTrust that your site and content are safe with reliable, secure cloud hosting.
Instant access to updatesNever worry about missing a version. All updates are automatic, so you always have access to the latest features.
Service Level Agreement (SLA) 99.5% & 24/7 monitoringRest easy. We make sure your site is always available and working optimally for you and your students.
Built in security and SSLBuild trust with your audience using Thinkific’s seamless built-in SSL certificates, and feel confident that your course content is automatically served securely.
Where and how is Thinkific Plus’s data stored?
All our information is stored in a secure database hosted on the AWS cloud platform within the United States of America. It runs on the same highly reliable infrastructure used by other Amazon Web Services.
We have provisioned the data storage as a Multi-AZ database where its data is synchronously replicated to a standby instance in a different Availability Zone (AZ) for failover purposes. It is also SSD-backed optimized for high-performance applications.
Where can Thinkific Plus’s data be accessed from?
Although the database is currently stored within the US, the database servers are not accessible outside our AWS security network. Access to the database is only made available to our application servers hosted within the same AWS secured network and to a very limited number of Thinkific technical employees for support purposes.
Although there is no data encryption enabled for the stored data itself, security is mainly provided through limited accessibility. For more information on AWS’s data privacy, please see here.
What is the frequency of backups? How long is it stored for?
Snapshots are taken daily and backed up for up to 30 days.
What are Thinkific’s security and privacy policies?
Can we do penetration tests?
If you would like to complete your own penetration test, you must contact our solutions team prior to running the test so that we can best assist you. Please reach out to us at firstname.lastname@example.org if you are planning to conduct a penetration test.
Is Thinkific GDPR Compliant?
Many of Thinkific LMS Platform’s business customers operate in Europe or have European citizens as users of our platform and need to comply with the European Union’s General Data Protection Regulation (GDPR). The GDPR specifies the number of requirements companies must meet around protecting personal data.
Thinkific is fully compliant with GDPR across Thinkific LMS services. Customers can review and sign our Data Processing Agreement.
Does Thinkific Plus have on-demand scalability to increase resources for increased capacity?
We take site reliability seriously at Thinkific Plus and we are proud of the 99.9% uptime that we maintain in our application.
Thinkific Plus is built for companies at scale and is able to adapt to your traffic needs. This means that we can easily increase its compute and storage capacity automatically and with no downtime. For larger launches, such as virtual summits, you can work with your Customer Success Manager directly and the product team for extra resources and peace of mind for launch.
For example, in April 2020, a medical school in Asia released a course on COVID-19 and had over 500,000 students register and take their course within 11 days of launch. Our platform was able to easily handle the capacity alongside our thousands of other course creators’ sites.
Have any tests been undertaken to prove proper customer data isolation?
Yes, we have a comprehensive suite of unit tests that verify the isolation of customer data.
Can clients maintain the keys to encrypted data?
Yes, custom SSL certificates are available on Thinkific Plus and we will work with you to install it on your Thinkific site.
How often is the platform monitored?
Our platform is monitored 24 hours a day, 7 days a week.
What methods are used for user authentication?
We have minimum password requirements and are able to enable password complexity.