Please view our current privacy policy HERE.
Confidentiality
We place strict controls over our employees’ access to the data you and your users make available via the Revelation Pets services.
The operation of the Revelation Pets services requires that some employees have access to the systems which store and process Customer Data. For example, in order to diagnose a problem you are having with the Revelation Pets services, we may need to access your Customer Data.
All our employees and contract personnel are bound to our policies regarding Customer Data and we treat these issues as matters of the highest importance within our company.
Compliance
The following security-related audits and certifications are applicable to the Revelation Pets services:
PCI: Revelation Pets is compliant with the Payment Card Industry Data Security Standards. We use a third party to process credit card information securely (Braintree payments)
The environment that hosts the Revelation Pets services maintains multiple certifications for its data centers, including ISO 27001 compliance, FedRAMP authorization, PCI Certification, and SOC reports. For more information about their certification and compliance, please visit the AWS Security website, AWS Compliance website
Deletion of Customer Data
Revelation Pets provides the option for business Owners to delete Customer Data at any time during a subscription term.
Data Encryption In Transit
The Revelation Pets services support secure cipher suites and protocols to encrypt all traffic in transit.
Availability
We understand that you rely on the Revelation Pets services to work. We're committed to making Revelation Pets a highly-available service that you can count on. Our infrastructure runs on systems that are fault tolerant, for failures of individual servers. Our operations team tests disaster-recovery measures regularly and staffs an around-the-clock on-call team to quickly resolve unexpected incidents.
Disaster Recovery
Customer Data is stored redundantly at multiple locations in our hosting provider’s data centers to ensure availability. Customer Data and our source code are automatically backed up nightly. The Operations team is alerted in case of a failure with this system.
Incident Management & Response
In the event of a security breach, Revelation Pets will promptly notify you of any unauthorized access to your Customer Data. Revelation Pets has incident management policies and procedures in place to handle such an event.
External Security Audits
We contract with respected external security firm (Security Metrics) who perform regular audits to monitor services for new vulnerabilities discovered by the security research community.
Network security
Revelation Pets divides its systems into separate networks to better protect more sensitive data. Systems supporting testing and development activities are hosted in a separate network from systems supporting Revelation Pets' production website.
Administrative access to systems within the production network is limited to those engineers with a specific business need.
Network access
Network access to Revelation Pets' production environment from open, public networks (the internet) is restricted. Only a small number of production servers are accessible from the internet. Only those network protocols essential for delivery of Revelation Pets' service to its users are open at Revelation Pets' perimeter. Revelation Pets deploys mitigations against distributed denial of service (DDoS) attacks at its network perimeter. Changes to Revelation Pets' production network configuration are restricted to authorized personnel.
Revelation Pets logs, monitors, and audits system calls and has developed rules and automation for system calls that indicate a potential intrusion.
Comments
0 comments
Please sign in to leave a comment.