1. Security Architecture
Nexus SMS runs on Google Sheets and Google Apps Script with role-based application controls. School data is logically separated and accessed through authorized workflows.
2. Access Control
- Role-based permissions for Admin, Teacher, and Accountant access scopes.
- Restricted visibility so users only see data required for their role.
- Account-level controls to reduce unauthorized data exposure.
3. Authentication and Session Safeguards
- Password hashing and secure authentication flows.
- Session controls and validation checks for active logins.
- First-login password updates and lockout protections where configured.
4. Data Transmission and Handling
Requests are transmitted over secure HTTPS channels. We avoid unnecessary data collection and process only the information needed for school operations, support, and platform reliability.
5. Backups and Recovery
- Support for scheduled CSV/ZIP backups as configured by schools.
- Email-based backup delivery for operational continuity.
- Recovery plans based on available backup sets and school configuration.
6. Monitoring and Logging
We maintain operational logs for troubleshooting, performance checks, and investigation of abnormal activity. Logs are reviewed as needed to maintain platform integrity.
7. Incident Response
If a security issue is detected, we prioritize containment, root-cause analysis, and corrective actions. Affected schools are contacted through designated communication channels when required.
8. Shared Responsibility
Security is a shared responsibility. Schools should enforce strong internal password practices, limit account sharing, and keep authorized contact details up to date for security communication.
9. Compliance and Policy Alignment
Our data handling approach aligns with platform terms and privacy commitments. For legal details, review the Privacy Policy and Terms of Service pages.
10. Contact for Security Matters
For urgent security concerns, contact us at digitaloutwork@gmail.com.