The following is general information on some of our security practices. If you have any questions after reading this or any issues, please contact us.
- Our application (including all custom domains) is encrypted with TLS.
- Outbound email is encrypted with TLS (when supported by the recipients server).
- Logins have brute force protection.
- Passwords are one way hashed.
- Multiple levels of logic segregate user accounts and data.
- We monitor all emails for malware, phishing and social engineering.
- Custom data retention policies are available.
- Credit card payments are processed via Stripe a level 1 certified PCI provider, with the credit card information never being sent to our servers.
- A warm standby environment is maintained in a separate physical location with a 30 minute delay from the production environment.
- Data backups are performed through the day, encrypted and stored off site.
- Our services are hosted on Amazon Web Services (AWS) within their secure data centers.
- Our offices are secured with keycard access and monitored with CCTV cameras.
Policies and Procedures
- Employees sign an agreement outlining their responsibility in protecting customer data.
- Employees are educated and trained on security, social engineering and phishing attacks.