Skip to main content
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Partner Listing: GoReact

Partner Listing: GoReact




Website: Documentation:  Support:
Orem, UT Release Notes: twitter.png  facebook.png  linkedin.png  youtube.jpeg

Sales Contact: Peter Morgan



GoReact is reshaping education by humanizing and accelerating skills-based learning. More than 650 colleges and universities worldwide use GoReact to facilitate scalable video observation, coaching, and assessment for rapid skill development. With simple, interactive tools for collaborative learning and personalized feedback, GoReact helps all learners demonstrate skill competency with greater human connection and engagement. Learn more at


Video Assessment For Skill Development & Feedback | GoReact

Accessibility is designed to comply with applicable software accessibility requirements of Section 508 of the U.S. Rehabilitation Act. The system is designed to work with native accessibility tools within Windows and Mac operating systems as well as the enhanced functions included in modern web browsers.  This includes screen readers like JAWS®

For details related to our Section 508 compliance, please see our Voluntary Product Assessment Template (VPAT). is also designed to comply with the Web Content Accessibility Guidelines (WCAG) version 2.1, levels A and AA.

For more about WCAG 2.1 compliance, see: Web Content Accessibility Guidelines (WCAG) 2.1


HECVAT status Complete
Data encryption All GoReact authentication and page requests are passed to and from the user's browser via TLS/SSL, and all GoReact-stored data is encrypted both in transit and at rest in the database.
Countries of data storage Amazon AWS US East, N. Virginia.
Data storage method Cloud
Data retention policy AWS adheres to DoD and NIST standards for data destruction and media reuse. These standards cover, among other things, the proper application of clearing/overwriting, purging/degaussing and multiple methods of destruction, depending on need for reuse and media types. When a storage device has reached the end of its useful life, AWS procedures include a decommissioning process that is designed to prevent customer data from being exposed to unauthorized individuals. AWS uses the techniques detailed in DoD 5220.22-M (“National Industrial Security Program Operating Manual “) or NIST 800-88 (“Guidelines for Media Sanitization”) to destroy data as part of the decommissioning process. All decommissioned magnetic storage devices are degaussed and physically destroyed in accordance with industry-standard practices.
Incident management program, policy, and testing The incident response plan takes into consideration all legal requirements, notification requirements, and remediation obligations.
Disaster recovery and business continuity plan and testing Our Business continuity encapsulates steps to recover systems, infrastructure, and data needed to restore full service functionality. The BCP also accounts for complete loss of our primary cloud vendor by utilizing infrastructure as code allowing restoration within another vendors cloud.
Security Standard Certificates PCI DSS, IMS Global Self Certification
Third party testing and security controls practices Third party providers are regularly reviewed to ensure that they are adhering to industry best practices, standards, availability and compliance. Data Privacy Agreements are also implemented to ensure customer data is safeguarded.



Privacy policy link
COPPA policy link
Privacy department/officer contact:  Aaron Gibson
Types of data collected LTI Parameters
Personally identifiable or personal data collected Name, Email Address, and other identification parameters permitted through LTI
Data Deletion Request Process Requests can be made through
Third Party Data Sharing & Opt-out

The U.S. Family Educational Rights and Privacy Act (FERPA) is designed to protect student identity and academic information from unauthorized disclosure to third parties. GoReact complies with all relevant provisions as follows:

  • Student account information is private in the system, viewable only by authorized instructors and IT administrators. Such permissions must be explicitly granted within GoReact.
  • Student grading information is viewable only to authorized instructors, reviewers, IT administrators, and to the individual student themselves.
  • Authorized GoReact staff may access the account information solely for the purpose of providing service and support to the instructor and students. Such access is limited to authorized service and support staff only. Consent for this limited use of their account information is granted by each student user upon signup with required acceptance of the User Terms.
Cookies or Tracking Technologies used Cookies
Analytics performed on Customer Data None
Data correlation practices Self serviced Course and Rubric reports available
Privacy Certifications or Seals PCI Security Certificate
Targeted Advertising using user data None
Privacy or data protection impact assessments Our DRP aligns with our BCP around restoring backups and enlisting new services through automation. Customer data is backed up daily via AWS RDS snapshots as WARM availability, and offsite for protection around disaster recovery planning in a COLD format.
Privacy Law Compliance SOC and SSAE, PCI, FERPA, HIPPA, COPPA, CCPA, EU Privacy Shield and GDPR Compliant

Integration Instructions

LMS specific administrator setup instructions

Version history
Last update:
‎04-01-2022 09:27 AM
Updated by: