Pertama Education

Your Trust, Our Priority

Security & Data Privacy

We understand that schools entrust us with sensitive information. Here's how we protect it.

Our Security Commitments

Data Encryption

All data is encrypted in transit (TLS 1.3) and at rest (AES-256). We never store sensitive information in plain text.

Secure Infrastructure

Our systems are hosted on enterprise-grade cloud infrastructure with SOC 2 Type II certified providers.

Access Controls

Strict role-based access controls ensure only authorized personnel can access your data, with full audit logging.

Regular Audits

We conduct regular security assessments and penetration testing to identify and address vulnerabilities.

Staff Training

All Pertama team members complete annual security awareness training and background checks.

Incident Response

Documented incident response procedures ensure rapid detection, containment, and notification of any security events.

Compliance & Certifications

PDPA (Singapore)

Full compliance with Singapore's Personal Data Protection Act

Compliant

PDPA (Thailand)

Adherence to Thailand's Personal Data Protection Act requirements

Compliant

GDPR Principles

We follow GDPR principles for data processing and protection

Aligned

FERPA Awareness

Understanding of US educational privacy requirements for international schools

Aware

Data Handling Practices

What data do we collect during training programs?

We collect participant names, roles, and email addresses for training delivery and certification. We may collect feedback and assessment responses to measure program effectiveness. We never collect student data directly.

How long do we retain your data?

Training records are retained for 3 years for certification verification. Contact information is retained while you remain an active client. You can request deletion at any time.

Do we share data with third parties?

We do not sell data. We may share limited data with technology providers (e.g., video conferencing, learning management) necessary for service delivery, all bound by data processing agreements.

Where is data stored?

Data is primarily stored in Singapore-based data centers. For clients in other regions, we can discuss data residency requirements.

How can you access or delete your data?

Contact privacy@pertamagroup.com to request access to, correction of, or deletion of your personal data. We respond to requests within 30 days.

For IT Directors & Security Teams

Need more detailed security documentation for your vendor assessment? We're happy to provide:

  • Completed security questionnaires (SIG, CAIQ, custom)
  • Data processing agreements
  • Architecture and data flow documentation
  • Subprocessor lists

Contact security@pertamagroup.com for security documentation requests.

Questions About Our Security Practices?

We're happy to discuss our security measures and compliance in detail.

Contact Security TeamView Privacy Policy