unimark is committed to meeting the highest standards of data protection, security compliance, and regulatory requirements for educational institutions.
Service Organization Control 2 certification covering security, availability, and confidentiality trust service criteria.
Full compliance with the Digital Personal Data Protection Act (DPDPA) 2023 for handling personal data of Indian citizens.
International standard for information security management systems (ISMS), covering risk management and security controls.
Aligned with the Family Educational Rights and Privacy Act standards for protecting student education records.
We ensure that institutional data is stored and processed in compliance with local data residency requirements. Indian institution data is stored within Indian data center regions, ensuring compliance with DPDPA and other applicable regulations.
We provide Data Processing Agreements (DPAs) to all institutional customers, clearly defining data handling responsibilities, sub-processor lists, and breach notification procedures as required by applicable data protection laws.
Our compliance team conducts quarterly internal audits and annual third-party assessments to ensure continued adherence to all applicable frameworks and regulations. Audit reports are available to institutional customers upon request.
All third-party vendors and sub-processors undergo rigorous security assessments before onboarding. We maintain an up-to-date list of sub-processors and notify institutional customers of any changes.