Security
Your data is our responsibility
GradeSense handles sensitive student data. We take that responsibility seriously with enterprise-grade security, Indian data residency, and full audit trails.
Encryption at Rest & In Transit
All data is encrypted using AES-256 at rest and TLS 1.3 in transit. Encryption keys are managed through hardware security modules (HSMs).
Indian Data Residency
Student and institutional data is stored on ISO 27001-certified data centers located in India. No data leaves Indian jurisdiction without explicit consent.
Access Controls
Role-based access control (RBAC) ensures that only authorized personnel can access specific data. All access events are logged and auditable.
Audit Trail
Every grading action — AI scores, teacher overrides, feedback edits, and data exports — is logged with timestamps, user IDs, and action details.
SOC-2 Aligned Practices
Our security practices are aligned with SOC-2 Type II standards. We follow the principle of least privilege across all systems and services.
How we use data with AI
GradeSense uses AI to read handwritten text, evaluate answers against rubrics, and generate feedback. This process involves sending answer sheet images and rubric data to our AI partners (Google Cloud AI, Anthropic) through secure, encrypted connections.
We do not:
- Use your data to train third-party AI models
- Share student data with any party for marketing or advertising
- Retain student data beyond the evaluation lifecycle unless explicitly requested
We do:
- Use anonymized, aggregated data to improve our own grading accuracy
- Give institutions full data export and deletion capabilities
- Log all AI processing events in the audit trail
Read our policies
Full details on how we collect, use, and protect your data.
Have security questions?
We're happy to discuss our security practices in detail. Schedule a call with our team.