Data Protection

Treating customer data with care and respect is important to us. We take technical as well as organisational measures to operate our services securely and responsibly. Below you find a brief overview of key measures and principles put in place to ensure the confidentiality, integrity and continued availability of the data entrusted to us.

Contact information for responsible disclosure can be found at the bottom of this page.

Technical Measures

Encryption in Transit All user data is transmitted via encrypted HTTPS connections, with modern versions of TLS. Our systems only ever use plain HTTP when specifically required, such as when detecting captive portals in WiFi networks.

Encryption at Rest Our backend and database servers are encrypted at rest in production (FIPS 140-2 Level 1).

Rate Limited Authentication Authentication endpoints of our servers are rate limited to protect against brute forcing.

Passwords and Access Tokens Passwords are set by organization owners and sub-account holders when creating their accounts. Both passwords and access tokens are salted and hashed with modern algorithms before storage.

Automatic Scanning Our codebase is automatically scanned for security vulnerabilities in code and dependencies. Public code is additionally scanned for accidentally revealed secrets. Our infrastructure is automatically scanned for misconfiguration of TLS, SSH and other security measures.

Automated Backups Encrypted backups of our databases are automatically created at regular intervals and stored at distance from our servers. We perform regular rehearsals for backup restoral. Backups are automatically deleted after a limited retention period.

Uptime Monitoring External services perform continuous monitoring to ensure the availability of our infrastructure from several global locations.

Event Logging Our backend servers forward a log of internal events to a centralised logging platform. Sensitive or personally identifiable information is removed or pseudonymised before transmission to the log storage. Logs are kept for a limited period only.

Managed Servers Our backend servers are operated by Nine, an ISO 27001 and ISO 9001 certified hosting provider. The servers are housed in physically protected data centers in Switzerland. They are frequently patched for improved security and stability. Additional servers are operated in other, equally access-protected data centers in Europe.

Organisational Measures

Staged Deployments Our application releases move gradually from development to production environments, increasing the chance that bugs can be caught before reaching customers. A small number of validation partners help us to test code under real world conditions before general deployment.

Password Advice Our applications provide interactive feedback on password quality instead of applying static rules, following current advise from NIST.

Peer Review and Version Control New code undergoes peer review before it is integrated into our applications. Both code and core infrastructure configuration are version controlled, so that builds and deployments are traceable and reproducible.

Continuous Integration Automatic builds and test suites run for code added to our version control system.

Staff Access All members of our development and operations team are equipped with hardware tokens for two-factor authentication and secret protection. Team members receive access levels that are appropriate for their responsibilities. Signing of a GDPR-informed confidentiality agreement is a prerequisite for access to production systems.

Incident Reports Any operational incident is followed by a written postmortem to analyse the events and determine a set of appropriate preventative measures. This happens irrespective of whether the incident causes a disruption to our users.