Built to protect student data, payments, and access
Schools trust DeanDesk with sensitive information about families, applicants, and students. Here is a plain-English look at the measures that keep that data protected — what we do, and how.
How we protect your school's data
The safeguards below are built into the way DeanDesk handles every request, payment, and record.
Payments handled by Stripe
Tuition, application fees, and donations are processed by Stripe — a PCI-compliant payment provider. Card details are entered directly into Stripe's secure fields and never pass through or get stored on DeanDesk servers.
Encrypted in transit
Every connection between families, staff, and DeanDesk is secured with HTTPS/TLS, so data moving between the browser and our servers is encrypted end to end.
Role-based access control
Access is governed by roles — public, applicant, parent, student, member, teacher, and admin. Every protected request is checked against the roles required for that action, so people only reach the data their role permits.
Per-school data isolation
DeanDesk is multi-tenant by design. Every database query is automatically scoped to the requesting school, so one school's records are never returned to another.
Family account controls
Parent and child accounts are modeled explicitly. Child accounts must be linked to a parent, and payment methods and billing flow through the responsible adult's account.
Trusted cloud infrastructure
Uploaded documents are stored in Amazon S3 and transactional email is sent through Amazon SES — established AWS services that schools and enterprises rely on every day.
Authenticated sessions
DeanDesk uses signed JSON Web Tokens (JWT) for authentication. Every protected request must present a valid token, which is verified server-side before any data is returned.
Account protection
Accounts can be locked to block sign-in when needed, and roles are re-checked from the database on each request — so permission changes take effect immediately rather than living only inside a stale token.
Card data never touches our servers
When a family pays tuition, an application fee, or makes a donation, their card details go straight into Stripe's secure payment fields. Stripe handles the sensitive data and the processing; DeanDesk only ever sees the confirmation it needs to record the payment against the right account.
- Card details are entered into Stripe-hosted fields, not DeanDesk forms.
- Stripe is a PCI-compliant payment processor used by millions of businesses.
- Payments are confirmed against secure intents generated server-side.
- DeanDesk stores references to payments — never raw card numbers.
Security questions, answered
Where is our school's payment data stored?
Payment card data is never stored on DeanDesk servers. Card details are entered directly into Stripe's secure payment fields, and Stripe — a PCI-compliant provider — handles processing and storage. DeanDesk only keeps the references it needs to associate a payment with the right family and school.
Can one school see another school's data?
No. DeanDesk is multi-tenant, and every database query is automatically scoped to the school making the request. A school's applicants, students, and records are isolated from every other school on the platform.
How do you control who can see student records?
Access is governed by role-based permissions. Each account holds one or more roles — such as parent, student, teacher, or admin — and every protected action checks the roles required for it. Staff only reach the data their role allows.
How is data protected while it travels over the internet?
All traffic between the browser and DeanDesk is encrypted using HTTPS/TLS. Information entered by families and staff is encrypted in transit between their device and our servers.
What if we have a security requirement not covered here?
We're happy to talk through your school's specific security and data-protection requirements. Reach out and our team will answer your questions directly.
Questions about our security practices?
Evaluating DeanDesk for your school and need to dig deeper on data protection, access controls, or compliance requirements? Our team is glad to walk you through the details.