Below are a few of the specific steps we take to protect you and your data:
Specific Security Measures
- We use industry-accepted electronic and physical standards of security to reduce the risk of improper access to or manipulation of information during transmission and storage. We also use TLS 1.2 protocol to protect data during the information exchange between the customer and our physical servers, located in the U.S.
- In addition to SSL, we employ Cross-Origin Resource Sharing (CORS). We use the header Access-Control-Allow-Origin header to prevent any other applications besides our own from accessing our internal resources.
- Through the use of the header Content-Security-Policy, we prevent others from embedding our apps in iframes. We conduct regular security audits to identify potential vulnerabilities.
- Our engineers are prepared to safely rollout updates to our application within minutes. We regularly rollout multiple updates per day, which means we are prepared to rollout any necessary security fixes out quickly.
- Our team has been educated on security policies. In the event of an incident, we have a documented response plan.
Have any additional questions or concerns about your security or the privacy of your data? Feel free to email [email protected].