facebook Skip to main content

Trust Center

Acorn’s Compliance Commitment

Opting for performance and learning software that aligns with crucial compliance standards is vital for maintaining your company’s security. That’s why we go the extra mile to establish safeguards, ensuring your company’s protection.

Security

Protect your data with our cutting-edge security measures, ensuring your information stays safe and secure.

Infosec Registered Assessors Program (IRAP)

To ensure the highest standards of information security, both Acorn and the AWS infrastructure have undergone thorough third-party IRAP (Information Security Registered Assessors Program) assessments. These assessments are designed to evaluate and validate the effectiveness of our security measures, ensuring that we adhere to industry best practices and meet the stringent requirements necessary to safeguard sensitive data.

SOC 2

Acorn has completed a SOC2 Type II evaluation, underscoring our commitment to safeguarding your data with industry-leading security standards.

Data Protection and Encryption

Acorn has implemented Amazon Web Services (AWS) Key Management Service (KMS) as our preferred encryption and key management solution. AWS KMS, encrypts data at rest and in transit using our Customer Master Key (CMK). AWS KMS allows Acorn to enforce strict key access policies and regular key rotation. All web connections to the application are encrypted using Transport Layer Security (TLS) which ensures that the data exchanged between systems and networks is secure.

Data Center Security

Acorn is housed in a Tier 1 data centre that is managed by Cloud Service Provider (CSP) Amazon Web Services (AWS). Acorn examines AWS’s ISO 27001 scope and SOC2 reports annually to make sure security procedures are aligned with our internal protocols.

Business Continuity

Acorn’s Business Continuity and Disaster Recovery Plan considers a broad variety of events that could impact our platform availability. Our protocols for handling security incidents and data breaches ensure that any problems are resolved promptly and effectively. Our main priorities are functionality and uptime, and Acorn has averaged consistently had 99.99% uptime in the past.

Privacy

Share your data confidently, knowing we use industry-leading practices to protect your sensitive information.

GDPR Compliance

Acorn’s internal data processing practices and policies are continuously examined and enhanced in accordance with the fundamental tenets of international privacy legislation.

Third-Party Disclosure

Our third party service providers must adhere to Acorn’s rules and procedures. Acorn abides by the standards of client data confidentiality and does not sell or trade customer information to third-parties.

AWS ‘Well Architected’ Review

Acorn contracted an external AWS auditor to conduct an AWS ‘Well Architected’ Review. This has been completed and recommended remediation has been addressed.

Data Regions

The AWS regions we currently host in are Australia (Sydney), East US (Northern Virginia), Europe (London), and Canada (Central).

Accessibility

Experience seamless usability with our software, designed to be accessible for everyone, everywhere.

Web Content Accessibility Guideline (WCAG 2.0)

Acorn is committed to accessiblity for all and follows the Web Content Accessibility Guideline (WCAG 2.0). WCAG 2.0 is a standard that ensures products and services are thoughtfully designed to cater to individuals with disabilities. Our dedication to accessibility means that everyone can interact with our software effortlessly, making the digital world more accessible and user-friendly.

Voluntary Product Accessibility Template (VPAT)

Acorn has completed the VPAT to outline the accessibility of our products with Section 508 standards. The document can be made available upon request.

Further Information

For our full security, privacy, and compliance information, get in touch via the box below.