Our main goal is to keep our clients’ data safe at all times. This summary gives a broad overview of the security procedures implemented to achieve this goal.
All our services run in the cloud. We don’t have our own routers, load balancers, DNS servers, or physical servers, we don’t host them. Providers such as Microsoft Azure, Google Cloud and CyberFolks are the foundations of our service. They ensure that our infrastructure is protected by robust security mechanisms that are compliant with most certifications.
Security in data centers
Our data center is based in the European Union. Various security methods are used to secure data center facilities around the clock (security, CCTV, electronic access control, etc.). Monitoring and alerts are applied in the event of security, power, HVAC or temperature breaches.
Monitoring and security at the network level
Our network security architecture consists of multiple security zones. We use the following technologies to monitor and protect our network to prevent unauthorized access: a firewall that monitors and controls inbound and outbound network traffic; intrusion detection and prevention solution; and an IP address filter that monitors and blocks potentially malicious packets.
We protect our consumers from data breaches by preventing the Brutal Force method from trying to guess passwords.
In line with industry best practices, data sent to or from our infrastructure is encrypted in transit. Encryption at rest: In the database, all user passwords are encrypted using combat-proven encryption methods.
Disaster recovery and business continuity
All our necessary resources are backed up to ensure a speedy recovery in the event of a disaster.
We track changes to the software and make sure that none of the applications have any known security vulnerabilities.
We adhere to the General Data Protection Regulation (GDPR). The purpose of the GDPR is to protect the private information of EU individuals and give them greater control over their personal data.
All processing of payment instruments is safely outsourced to Przelewy24.pl, PayPal or Stripe (depending on the selected payment method). Each provider is a certified payment provider.
All our accounts come with role-based access control, which allows administrators to set roles and permissions.
We have a strict internal system that prohibits any employee from accessing your information.
To protect our clients’ personal information, all our employees sign a confidentiality agreement when they join the company.