From the start, we have taken significant measures to protect your personal data on our platform and within our company processes. Below we describe the steps and process we take to ensure the security and privacy of your data.
The General Data Protection Regulation (GDPR) is a comprehensive EU data privacy law states that everyone has a right to protection of their data. Verifiable complies with the guidelines provided under GDPR which are detailed in our GDPR Compliance Policy.
All customer data is encrypted with the latest recommended secure cipher suites and protocols. All data in transit is encrypted using 256-bit SSL. Customer and system data as well as all backups and snapshots are encrypted at rest with 256-bit AES encryption. User communication is done via HTTPS using TLS v1.3 A-grade, which can be verified here.
Verifiable is hosted with Amazon Web Services (AWS) which maintains enterprise-grade standards and certifications, including ISO 2700 compliance, PCI Certification, and SOC reports. Further information about AWS compliance is available here.
Data Backups and Retention
Customer data is backed up twice a day and stored in a separate, secure location. This ensure data recoverability in case there is a data center failure by one of our providers. All data backups are encrypted with 256-bit AES encryption.
Proactive Vulnerability Monitoring
We continuously scan dependencies within our product and network for possible vulnerabilities to prevent possible attacks or failures.
We are committed to continuous uptime for our users and customers. Our systems are protected against server and data center failures, and we have proper measures in place to respond quickly in case of any incidences.
Security Process and Policies
Data protection is addressed throughout our product and organization, from how we implement technology features and restrict data access only to specific team members when necessary. We regularly review and update our processes to ensure continuous improvement with how we secure user data.