Security and Compliance

This page is dedicated to outlining our comprehensive measures and protocols designed to ensure the confidentiality, integrity, and safety of your data.

Data Security and Compliance

Certified Data Centers

To ensure the highest standard of security for our users, our company relies on certified data centers. These state-of-the-art facilities adhere to rigorous industry standards like ISO/IEC 27001, guaranteeing the most protection for your data.

Encryption

We employ state-of-the-art encryption protocols to safeguard your information during transmission and storage. Data transmission from your browser to our servers is encrypted by using TLS with modern ciphers. Personal data is stored encrypted.

File Retention and Removal

We store your files only as long as necessary for their intended use. They are automatically deleted either within 24 hours or immediately upon your request by clicking the 'Delete' button.

Payment Information

We've teamed up with Stripe and PayPal for our payment processing needs. Both companies are certified under the Payment Card Industry Data Security Standards (PCI DSS). They handle payments securely on our behalf, ensuring that credit card numbers are never disclosed to us.

GDPR

Our company strictly adheres to the General Data Protection Regulation (GDPR), a comprehensive set of rules designed to safeguard your personal data. With GDPR compliance, we prioritize your rights, giving you control over your data and ensuring that it is processed securely and responsibly. A data processing agreement (DPA) can be downloaded at any time from the user dashboard.

Network and Infrastructure Security

Network Communications

Our network uses advanced technologies for strong defense against threats. With a Content Delivery Network (CDN), we ensure fast and secure data access. Robust security protocols, including DDoS protection, safeguard your information. We have implemented a secure digital environment, protecting your data from evolving threats and ensuring uninterrupted access.

Network Security

We use advanced tech and strong protocols to guard against unauthorized access, data breaches, and cyber threats. Our multi-layered system includes firewalls, intrusion detection, and encryption, ensuring secure transit and storage of your information. Constant monitoring and updates to our network defenses reinforce our dedication to a resilient and secure digital setup.

Availability & Fault Tolerance

We implement redundant systems, real-time monitoring, and resilient architecture to minimize downtime and maintain continuous access. In the face of unexpected events or system failures, our fault-tolerant design ensures seamless operations and data integrity.

Controlled Physical Access

We are controlling the physical access to our facilities and require them from datacenters. Restricted entry points, biometric authentication, surveillance, and comprehensive access logs are integral components of our robust security protocols.

Scalability

Our infrastructure scales effortlessly to handle peak traffic with increased demand. Founded in 2011, we have learned how to deal with high traffic projects, even during unforeseen events.

Internal Security Practices

Principle of Least Privilege

At our company, we uphold the principle of least privilege as a fundamental pillar of our security strategy. This principle ensures that individuals, systems, and processes are granted only the minimum level of access necessary to perform their specific functions.

Development Principles

Development principles guide our approach to creating secure and robust systems. We prioritize security from the beginning of the software development lifecycle, implementing best practices such as secure coding, code reviews, manual and automated testing.

Organizational Principles

We prioritize a culture of accountability, transparency, and continuous improvement across all levels of our organization. Our teams adhere to the highest ethical standards, ensuring the responsible handling of your data. Regular audits, training programs, and policy reviews further underscore our dedication to maintaining a secure environment.

Employee Onboarding and Offboarding

Rigorous training and access controls, coupled with a meticulous offboarding process, ensure that only authorized personnel have access to sensitive information.