Welcome to D2L’s Privacy Center
Privacy and security are central to D2L’s mission to help make learning more personal and meaningful for everyone. We make no compromises in maintaining your data’s security.
What We Do With Data
You Own Your Data
And we keep it secure. We put the security, confidentiality, availability, and integrity of your data first. We are committed to the highest security standards and best practices.
We Don’t Give Your Data to Advertisers
We don’t collect, track, target, use, or sell learner data for advertising purposes. It’s that simple.
Your Privacy Is Our Starting Point
We always consider your privacy before we ever start building our products and services.
We Obey the Laws Where You Are
D2L hosts data in the cloud. The laws in your country govern its use—no matter where you are located.
A Message from John Baker
Privacy comes first at D2L. It always has and it always will. Our primary goal is to provide technology that can help learners focus on learning, – without having to worry about the safety and privacy of their data. We make no compromises on that.
Your data is your data, it’s really that simple.. You control how and to whom it is disclosed and we will not sell your data to advertisers or other third parties. And D2L will always be committed to high security standards.
This is my commitment to you.
Thank you for trusting D2L,
Our Approach to Security
We believe that privacy and security must be at the core of the development process—not an afterthought. This is why we:
Develop and test D2L Brightspace based on the principles set out in the Open Web Application Security Project (OWASP) Top Ten framework.
Leverage industry-leading AWS to deploy our platform within a highly reliable and secure architecture.
Go further than AWS security certifications with independent third-party audits to ensure our own practices meet and exceed industry standards.
Regularly achieve several key security and privacy certifications of our operational practices—audited annually—such as: ISO27001, SOC 1, SOC 2, ISO27018 and ISO 27017Learn more
Use Brightspace to train our employees on privacy and security to confirm their compliance with our internal security policies.
Run regular tests to ensure our employees are prepared to respond to and protect your data in any situation.
D2L values the vital importance of privacy and data security regulatory compliance. Our Brightspace platform supports compliance with rigorous standards including
- The Privacy Act (Canada)
- GDPR (The General Data Protection Regulation 2016/679)
- FERPA (Family Educational Rights and Privacy Act)
- COPPA (Children’s Online Privacy Protection Act of 1998)
- PIPEDA (Personal Information Protection and Electronic Documents Act)
- LGPD (Brazilian General Data Protection Law)
- FIPPA – Freedom of Information and Protection of Privacy Act (BC Bill 22)
- CCPA – California’s Consumer Privacy Act
- Australian Privacy Act of 1988
- Singapore Personal Data Protection Act (PDPA)
- ISO 27001, ISO 27018, ISO 27017 SOC 1 Type 2 and SOC 2 Type 2, Cloud Security Alliance (CSA), Security, Trust and Assurance Registry (STAR)
- We are a proud signatory of the Student Privacy Pledge
Privacy StatementPrivacy Statement
GDPR PageGDPR Page
D2L Security and PrivacyD2L Security and Privacy
Privacy by DesignPrivacy by Design
Have any questions about our privacy or security practices?
We’d love to hear from you.