How we protect your data
Last updated: July 3, 2026
OpenCEU runs on trust: BCBAs trust their CEU records to us, and providers trust us with their attendees. This page explains, in plain language, what we collect, why, who can see it, and how it's protected. The full legal versions are the Privacy Policy and Terms of Service.
The short version
- We keep detailed CEU records — attendance checks, quiz answers, certificates — because that’s what protects you in a BACB audit.
- We never sell your data. Sponsors who advertise here get click counts, not names. The only way a sponsor learns who you are is if you click their ad and fill out a form on their site.
- Certificates never carry ads and your CEU documents are never shared for marketing.
- We never collect anything about the clients you serve — this platform holds your professional records, not clinical data.
- Marketing email is separate from the service: one-click unsubscribe, and unsubscribing never affects your CEUs.
If you earn CEUs here
What we keep about you: your name, email, BACB certification number (it has to appear on certificates), which events you registered for and attended, your attendance-check answers with timestamps, quiz responses, and the certificates you earned. For live events we also log an identity confirmation (that the email you typed matched your account, plus the network address it came from) — that record is what makes your certificate audit-proof.
Why so much?If the BACB ever audits you, “I watched it” isn’t evidence. A timestamped trail of attendance checks and quiz results is. We keep those records for seven years — even if you delete your account — so your CEUs stay verifiable for a full audit cycle and beyond.
Who can see it:you; the provider who hosted the event (they are required to keep completion records for their own BACB compliance, and may contact you about their future events); and the BACB if a completion needs to be verified. That’s the list.
Email: signing up adds you to the OpenCEU list so we can tell you about new CEUs. Every one of those emails has an unsubscribe link that works the first time. Reminders and certificate deliveries for events you registered for are part of the service itself.
If you host CEUs here
Your attendee records are your compliance backbone.For every event you host, we maintain the roster, attendance logs, quiz results, issued certificates, and audit PDFs — organized so a BACB audit is a download, not a scramble. You can export your registrant list for your own communications; once exported, it’s yours to protect.
Your credentials are locked down.Payout account identifiers and any integration credentials you connect are stored server-side, are never sent to browsers, and are writable only by our internal systems — attendees (and the public) can’t read them, and application accounts can’t modify them.
Your money goes to you. Paid events run through your own Stripe account. We never hold your revenue, and refunds stay in your control.
What sponsors get (and don't)
Sponsor ads keep OpenCEU free. Every unit is labeled “Ad · Sponsor of OpenCEU,” ads never appear on certificates, and ad time never counts toward CEU instruction time. Sponsors see aggregate performance — how many people saw and clicked their ads — never who those people are. There is no data handoff, no pixel from a sponsor on our pages, no pre-filled forms. If you click an ad, you land on the sponsor’s website as an anonymous visitor, and anything you share there is between you and them.
Separately, we use standard analytics tools (like Google Analytics) and may use advertising pixels to market OpenCEU itself — those measure our own audience and never touch your CEU records. Details in the Privacy Policy.
How the platform is secured
- Encryption in transit (TLS) and at rest, for the database and all backups.
- Row-level security + least privilege: sensitive tables (attendance records, rosters, quiz answer keys, credentials) are not readable by client applications at all — reads happen server-side through narrowly scoped access, and database-level rules block privilege escalation even if application code has a bug.
- Payments never touch our servers — Stripe handles every card.
- Nightly encrypted backups with an independent off-site copy at a second provider, so no single failure — or single vendor — can lose your records.
- Rate limiting and audit loggingon sensitive operations, and token-gated video delivery (recordings can’t be hot-linked).
- Access control: only employees have database access, on named accounts.
- Regular security review:we audit the platform’s security controls and remediate findings on an ongoing basis, most recently with a full internal audit in July 2026.
- If a breach ever affects you, we tell you— without undue delay, with what happened and what we’re doing about it.
Who processes data for us
These are the companies under the hood, and the one job each does:
| Provider | Role | What it means |
|---|---|---|
| Supabase | Database & sign-in | Stores platform data with row-level security; passwords are hashed |
| Vercel | Application hosting | Runs the openceu.com application |
| Cloudflare | Video delivery | Streams event video through token-gated links |
| Stripe | Payments | Processes all payments — card numbers never touch our servers |
| Brevo | Sends transactional and newsletter email | |
| LiveKit | Live video | Powers the live event streaming sessions |
| Backblaze | Off-site backups | Holds an independent encrypted copy of nightly backups |
| Google / Meta | Analytics & our own ads (when enabled) | Measures OpenCEU's own audience and marketing — never receives your CEU records |
Your data, your requests
Want a copy of your data, a correction, or deletion? Email matt@openceu.com — we respond within 30 days. Account deletion is self-serve in Settings; compliance records (your earned certificates and their audit trail) are retained for seven years because they’re the proof your CEUs are real.