Advanced Security

All our information is stored in a secure database hosted on the AWS cloud platform within the United States of America. It runs on the same highly reliable infrastructure used by other Amazon Web Services.
We have provisioned the data storage as a Multi-AZ database where its data is synchronously replicated to a standby instance in a different Availability Zone (AZ) for failover purposes. It is also SSD-backed optimized for high-performance applications.

Many of Thinkific LMS Platform’s business customers operate in Europe or have European citizens as users of our platform and need to comply with the European Union’s General Data Protection Regulation (GDPR). The GDPR specifies the number of requirements companies must meet around protecting personal data. Thinkific is fully compliant with GDPR across Thinkific LMS services. Customers can review and sign our Data Processing Agreement.

Although the database is currently stored within the US, the database servers are not accessible outside our AWS security network. Access to the database is only made available to our application servers hosted within the same AWS secured network and to a very limited number of Thinkific technical employees for support purposes.
Although there is no data encryption enabled for the stored data itself, security is mainly provided through limited accessibility. For more information on AWS’s data privacy, please see here.

We take site reliability seriously at Thinkific Plus and we are proud of the 99.9% uptime that we maintain in our application.
Thinkific Plus is built for companies at scale and is able to adapt to your traffic needs. This means that we can easily increase its compute and storage capacity automatically and with no downtime. For larger launches, such as virtual summits, you can work with your Customer Success team directly and the product team for extra resources and peace of mind for launch.
For example, in April 2020, a medical school in Asia released a course on COVID-19 and had over 500,000 students register and take their course within 11 days of launch. Our platform was able to easily handle the capacity alongside our thousands of other course creators’ sites.

Snapshots are taken daily and backed up for up to 30 days.

Yes, we have a comprehensive suite of unit tests that verify the isolation of customer data.

All Thinkific customers are in agreement with our Terms of Service and Privacy Policy. If you require a custom agreement, please contact our solutions team to discuss it as part of our Thinkific Plus package.

Yes, custom SSL certificates are available on Thinkific Plus and we will work with you to install it on your Thinkific site.

If you would like to complete your own penetration test, you must contact our solutions team prior to running the test so that we can best assist you. Please reach out to us at technicalsupport@thinkific.com if you are planning to conduct a penetration test.

Our platform is monitored 24 hours a day, 7 days a week.

We have minimum password requirements and are able to enable password complexity.

Yes, you can use Okta via our OpenId connect app