IT Security and Data Protection

Eurekos takes great pride in protecting your personal data because it's the foundation for your trust in us as your LMS provider.

Whether it’s about organizational procedures or technical security measures we will always be in the safe zone.

Below is a brief overview of:
  • Eurekos and the EU General Data Protection Regulation (GDPR)
  • Certificates and Procedures
  • Platform Security
  • Server Security
  • Our commitment to data privacy
  • Personal Data and Privacy by Design

Eurekos and EU General Data Protection Regulation (GDPR)

Eurekos is committed to helping our users understand the rights and obligations under the General Data Protection Regulation (GDPR), which took effect on May 25, 2018.

We take full responsibility for making sure that both we and all our sub processors are compliant to GDPR in order to secure your personal data. All sub processors are using EU Model Clauses as legal basis for data transfer if based outside the EU/EEA.

Platform Security Features

At Eurekos we have implemented numerous security features to ensure that unauthorized access or alteration of the platform is prevented.

Role Permissions

The platform is designed so that every user has a role and allowed actions, so it’s only possible, as an example to alter the platform configuration for a very limited number of users. The same role and permission settings allow for us to continuously rectify and update personal data as required.

Advanced Password Authentication

We maintain strong password requirements that require the password to meet a certain combination to be valid. Furthermore, users are blocked after a number of failed attempts to login.

As an extra security measure, we have geolocation alerts that alert the user if their credentials are used to login from a position more than a configurable distance away from their last position. The same trigger also alerts the user if their credentials are used from a different device or browser than usual.

Two-Factor Authentication is of course also an option.

Single Sign On

Customers may use Single Sign On (SSO) which requires users to be authenticated via an identity provider. Other authentication tools or social login possibilities like Facebook, LinkedIn and Google can be used as well.

Server Security


There are two different types of firewalls in use. The first is on the server side and the second is a third-party service provided by the hosting partner. Both firewalls only allow connections that are vital to the system, and in addition, they block unsuccessful login attempts and brute force attacks.


We have an antivirus and antimalware scanner checking the site proactively. On server level, all executables and script injections are prevented from input fields and files provided by users.

Encrypted connection

The connection between the end user and the platform are encrypted, making it harder to read the data that is transferred. The performance of the SSL web server has the A+ score, which is the highest level achievable.


Commitment to Data Privacy

As a data processor, following local regulations is only one component of our commitment to privacy.
Our mission is to treat you and your customers with the respect you deserve.

Data Processing Agreement

Our Data Processing Agreement (DPA) reflects the requirements of the GDPR.

Chief Privacy Officer

We have appointed a Chief Privacy Officer to oversee our ongoing compliance efforts.

Personal Data and Privacy by Design

Personal Data

Eurekos is responsible for hosting the personal data on your platform. The types of personal data depend on what you decide to place in it. All we require is the name and e-mail. A unique user id will also be generated. Besides this data, you can add phone number, address, location and more.

Privacy by Design

Eurekos continuously improves the LMS with “Privacy by Design” in mind alongside honoring our core idea of an LMS founded and driven by social and collaborated learning and sharing. We have ensured that even though a user is deleted from the platform, courses they might have produced will still be available and the author will be anonymous. This gives your users the right to be forgotten at any time.

Get a personalised demo

Experience the Eurekos LMS with no-risk and no-obligation