Safe. Private. Secure.

Nothing is more important to us than protecting your safety while using our website.

Please read our Terms of Use and Privacy Policy. Every website has them. We're particularly proud of ours. We believe that we have a Safety/Privacy and Practices Policy second to none. Nothing is more important to us than protecting your safety while using our website.

At SweatMonkey, we have taken every effort to ensure that our members are safe. First, there are no public profiles for individuals on SweatMonkey. There is no member-to-member communication within SweatMonkey. Organizations do not contact students on SweatMonkey. Until a member contacts an organization to learn more about them or to register for an opportunity or event, their anonymity is maintained.

SweatMonkey currently holds the three most difficult safety/privacy certifications that websites can obtain - we will never knowingly compromise our members' trust. We do NOT sell, contribute, or give our members identities or private information to a third party. Only a member may reveal their information.

TrustE logo

TRUSTe

The TRUSTe seal ensures that we have met or exceeded the following standards*:

  • Organization for Economic Cooperation and Development (OECD) Guidelines on the Protection of Privacy and Transborder Flows of Personal Data
  • The Federal Trade Commission and Department of Commerce's Fair Information Practices (concerning the use of your personal information)
  • California Online Privacy Protection Act
  • CAN-SPAM Act

*As a TRUSTe certified sealholder we are required to undergo regular compliance monitoring.

Verisign logo

VeriSign

Our VeriSign Secure Certificate protects SweatMonkey users using 256-bit encryption from unauthorized access to their session and SweatMonkey browsing experience. This ensures that any and all sensitive data including hours worked, employer addresses, etc are protected by 256-bit encryption.

The trusted VeriSign name also assures the authenticity of the SweatMonkey website. Receiving a Secure Certificate from VeriSign is accomplished only by satisfying their rigorous identity verification process.

Better Business Bureau logo

Better Business Bureau

Means that the BBB has determined that the business meets accreditation standards which include a commitment to make a good faith effort to resolve any consumer complaints. BBB code of business practices represents standards for business accreditation by the BBB. Business that meet these standards and complete all application procedures will be accredited by BBB.

State of the Art Technology

Our Security Policy
  • No uploading of a student member's photographs.
  • No sale or exchange of a student member's personal info.
  • Parental consent required for under 18s.
  • No student to student messaging.
  • No instant messaging.
  • No contact initiated by organization, only by student.
  • Constant IP tracking of users.
Your data is safe with us:
  • Firewall with sophisticated rules to prevent, detect and actually stop attacks.
  • Many websites are running on Servers which are shared by multiple customers. The SweatMonkey website and database DO NOT exist in a shared hosting environment. We run on dedicated servers owned by Treetop Software Company.
  • User's passwords are encrypted. The personal identifying information that we store (which has been audited by TRUSTe) are names, email addresses and, for certain forms, the user can disclose a contact telephone number. User home addresses are not stored.
  • When using the Hour Tracking feature, users give some details of employment history such as job title, employer, and dates. Business addresses and phone numbers are stored for organizations with a directory presence on SweatMonkey.
Your privacy is our top priority:
  • All SweatMonkey hosting servers are physically protected within a state of the art data center using Biometric, card and PIN access with 24x7x365 ADT-Kantech video surveillance.
Construction
  • The SweatMonkey site is coded in PHP using a MVC framework. The framework and our application code takes steps to prevent common attacks such as SQL injection. Our application also does authorization checks to keep private data (names, email addresses, employment history) private.
  • The servers run Apache, Linux and MySQL database server.
Backup
  • We replicate data in real time between the main server and a 2nd server. The 2nd server is available for disaster recovery.
  • (Currently weekly) We generate a backup of all data and encrypt it for storage in 2 offsite locations.
Data protection
  • The live data is protected by firewall, general system hardening, and database credentials.
  • Backup data stored off site is encrypted and can only be accessed by SweatMonkey personnel.
  • We retain this backup data as a historical archive, and to assist in disaster recovery should this be required.
Account Suspension
  • A user can request that their account be suspended. This will prevent log in unless re-activated by an email authentication process (similar to that used in signup).
Moderation
  • Postings on the SweatMonkey site can be flagged or removed by community action if objectionable material appears.
  • Flagged material is reviewed by staff moderators.
  • Profanity is automatically checked and blocked when posting is attempted, and continued attempts will result in automatic disablement of the offending account.
State of the Art Technology
  • Signatures on the SweatMonkey site log the user's full name and date of a declaration. We collect these declarations when On the Job Training (OJT) hours are submitted and approved, and also when granting "administrator" rights to manage organization profiles on SweatMonkey. We "verify" these to the extent that we associate with a specific SweatMonkey user identity.
Have a Concern?

Then contact us for more information and let us put your mind at ease!