Reeliant logo — home
Security & Compliance

Built for institutions. Trusted by IT.

Reeliant is engineered around the security, privacy, and compliance requirements that higher education IT teams answer to every day — from SOC 2 attested infrastructure to FERPA-aligned data handling.

Cloud Hosting

Hosted on Railway — SOC 2 Type II and SOC 3 compliant.

Reeliant's entire production environment runs on Railway Cloud Hosting, an infrastructure provider with both SOC 2 Type II and SOC 3 attestations from independent auditors. That means the underlying compute, network, and data controls Reeliant relies on are independently verified against the AICPA Trust Services Criteria — Security, Availability, Processing Integrity, Confidentiality, and Privacy.

  • SOC 2 Type II — operational effectiveness of security controls verified over time.
  • SOC 3 — public-facing attestation report available for your IT and procurement review.
  • Data centers backed by major cloud providers with ISO 27001 and additional certifications.
Attestations
SOC 2
Type II
SOC 3
Public Report
FERPA-aligned
Student data handling
Infrastructure

Enterprise-grade hosting controls.

The same controls IT teams expect from any modern SaaS platform — applied consistently across every Reeliant product.

Isolated cloud infrastructure

Reeliant runs on Railway's managed cloud platform with isolated compute, private networking, and automated patching.

Encryption in transit & at rest

All traffic is TLS 1.2+ encrypted end-to-end. Data at rest is encrypted with AES-256 across application databases and backups.

Automated, encrypted backups

Continuous, point-in-time backups with encrypted storage and tested restore procedures.

Monitoring & audit logging

24/7 infrastructure monitoring, intrusion detection, and full application audit trails for every sensitive action.

FERPA & Student Data

Schedule Planner handles FERPA-protected data — and we treat it that way.

Schedule Planner ingests student records — enrollment, course history, program of study, and degree audit data — all of which is FERPA-protected. Reeliant is designed from the ground up to give your IT, registrar, and compliance teams confidence that student data is handled with the controls FERPA requires.

Every Schedule Planner deployment includes a Data Processing Agreement designating Reeliant as a school official with legitimate educational interest, so your institution stays in full control of the data it shares.

Role-based access control

Least-privilege roles ensure faculty, staff, and administrators only see the student data their role requires.

Complete audit trail

Every record view, change, and export is logged with user, timestamp, and context — defensible for FERPA reviews.

Data minimization

We only ingest the student data fields required for Schedule Planner to function — nothing more.

School official designation

Reeliant operates as a 'school official' with legitimate educational interest under FERPA §99.31(a)(1), governed by a Data Processing Agreement.

For IT & Security Reviews

The checklist your IT team is looking for.

SOC 2 Type II attested infrastructure (Railway)Yes
SOC 3 public report available on requestYes
FERPA-aligned data handling for Schedule PlannerYes
Data Processing Agreement (DPA) availableYes
TLS 1.2+ encryption in transitYes
AES-256 encryption at restYes
Role-based access control (RBAC)Yes
Full audit logging of data accessYes
SSO / SAML supportAvailable
Automated, encrypted backupsYes
Incident response & breach notification processYes
Sub-processor list available on requestYes

Need our SOC 3 report, DPA, or a security questionnaire completed?

We work directly with institutional IT and procurement teams to make security review fast and straightforward.

Email security@reeliant.io Request a Demo