ABCDEFGKLMNOPQRSTUVWXYZ
2
HECVAT™ Solution Provider Response - Start Here
Version 4.1.4
3
Date Completed
3/6/2026
4
Instructions for Solution Providers
5
1. Complete the "Start Here" tab and review the "Required Questions" guidance to find the other sections are required for your product or service.
6
2. Complete the "Organization" tab and the applicable questions in each of the next 5 tabs (Product through Privacy) that apply, based on your answers to the "Required Questions."
7
3. Guidance in column E may change based on your answers to prompt details in "Additional Information." If leaving an answer blank, you must also state why in "Additional Information".
8
4. DO NOT complete any fields in the "Evaluation" sheets or the "Analyst Notes" column.
9
5. Return the completed file to institutions.
10
* Denotes critical questions. Critical questions are those deemed most important to institutions by higher education volunteers.
11
For full instructions, please visit educause.edu/HECVAT
12
General Information
13
GNRL-01Solution Provider NameKritik Education Corp.
14
GNRL-02Solution NameKritik
15
GNRL-03Solution DescriptionKritik is a peer-grading platform that distributes fair and accurate assessments by harnessing collective intelligence to simplify workflows and reduce turnaround time on feedback. Kritik is the only peer-to-peer solution designed to enhance students' learning experience and outcomes. AI authorship enables instructors to have full visibility into student submissions preventing false plagiarism accusations or inappropriate AI use.
16
GNRL-04Solution Provider Contact NameMark Deepwell
17
GNRL-05Solution Provider Contact TitleCo-founder & CTO
18
GNRL-06Solution Provider Contact Emailmark@kritik.io
19
GNRL-07Solution Provider Contact Phone Number1-604-880-9066
20
GNRL-08Country of Company HeadquartersCanada
21
GNRL-09Employee Work Locations (all)Canada
22
Company Information
AnswerAdditional InformationGuidanceAnalyst Notes
23
COMP-01Do you have a dedicated software and system development team(s) (e.g., customer support, implementation, product management, etc.)?*YesThe team consists of a CTO with 10+ years experience building scalable and secure platforms and 4 full time developers. One developer is dedicated to customer service technical requests each week. Our customer service team contains on Onboarding and Customer Success Lead as well as a Customer Service agent which aids in immediate customer support questions from all users via Live Chat or Phone/Email. Besides the Executive Leadership team who oversee the Customer Service side of the product and Product Management there is also a Director of Product who works with collecting customer requests and works with the development team to prioritize and implement different improvements and features. Describe the structure and size of your software and system development teams. (e.g., customer support, implementation, product management, etc.).
24
COMP-02Describe your organization’s business background and ownership structure, including all parent and subsidiary relationships.Our founding leadership team has a combined 20+ years of experience in the Education Technology space, with our co-founder previously founding Top Hat, an education company being used by thousands of educators and millions of students across the world. Although we are a separate entity, Kritik has an existing and strong relationship with Top Hat and have leaned on their leadership from an advistory perspective with regards to data, security, and privacy of student data which we hold in the highest regard. We also have partnerships with companies such as D2L, ApplyBoard, and Turnitin to enhance the student experience. Kritik does not have any subsidiaries or parent companies.Include circumstances that may involve offshoring or multinational agreements.
25
COMP-03Have you operated without unplanned disruptions to this solution in the past 12 months?Yes
26
COMP-04Do you have a dedicated information security staff or office?YesThe Engineering Department handles all security responsibilities; it's a team of 4 staff.Describe your information security office, including size, talents, resources, etc.
27
COMP-05Use this area to share information about your environment that will assist those who are assessing your company's data security program.Services are hosted on Amazon Web Services (AWS) and secured with Two-Factor Authentication (2FA). All web traffic is encrypted using industry standard protocols. Transfer and retention of personal data are minimized. Kritik does not store any PII from partner organizations, and we use the minimum amount of data required to successfully operate Kritik. We therefore have a overall reduced risk due to the lack of sensitive data we collect from LMS users.

We have numerous public facing policies on our website that we adhere to when it comes to security, data, privacy and more.
Terms of service: https://www.kritik.io/policy/terms-of-service
Acceptable Use Policy: https://www.kritik.io/policy/acceptable-use-policy
Privacy Policy: https://www.kritik.io/policy/privacy-policy
Master Subscription Agreement: https://www.kritik.io/policy/master-subscription-agreement
Security: https://www.kritik.io/policy/security

Additionally, we setup a page specifically for vendors which includes further information including our Business #, contact info, data flow. This documentation also includes numerous other policies that we adhere to such as our BYOD Policy & Security Breach Protocol:
https://www.notion.so/kritik/Enterprise-Kritik-dbc54706e1b241b08dee9a69fac12414

In terms of third parties, we work with reputable companies such as AWS and Stripe, and all of their environment and data security documentation can be provided upon request.
Share any details that would help information security analysts assess your solution.End Table Data
28
Required Questions
AnswerAdditional InformationGuidanceAnalyst Notes
29
REQU-01Are you offering a cloud-based product?YesDO complete the Product and Infrastructure worksheets
30
REQU-02Does your product or service have an interface?YesDO complete the IT Accessibility worksheet.
31
REQU-03Are you providing consulting services?NoDO NOT complete the Consulting section in the Case-Specific worksheet
32
REQU-04Does your solution have AI features, or are there plans to implement AI features in the next 12 months?YesDO complete the Artificial Intelligence (AI) worksheet
33
REQU-05Does your solution process protected health information (PHI) or any data covered by the Health Insurance Portability and Accountability Act (HIPAA)?NoDO NOT complete the HIPAA section in the Case-Specific worksheet
34
REQU-06Is the solution designed to process, store, or transmit credit card information?NoDO NOT complete the PCI-DSS section in the Case-Specific worksheet
35
REQU-07Does operating your solution require the institution to operate a physical or virtual appliance in their own environment or to provide inbound firewall exceptions to allow your employees to remotely administer systems in the institution's environment?NoDO NOT complete the On-Prem section in the Case-Specific worksheet
36
REQU-08Does your solution have access to personal or institutional data?YesDO complete the Privacy tabEnd Table Data
37
Note: The "Organization" tab is required for ALL products and services.
38
Copyright © 2025 EDUCAUSE
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104