九一果冻 Data Privacy & Security
A Secure, Reliable Platform Experience
We鈥檙e Committed to Protecting Your Data
Maintaining the confidentiality, integrity, and availability of your data is critical to our team. As part of our ongoing commitment to putting our customers first, 九一果冻 has built a robust and transparent data protection program.
Software That鈥檚
Secure by Design
-
Certified by Industry Standards
Every year, 九一果冻 undergoes SOC 2 Type II audit by a third-party firm to ensure customers are protected across various levels.
-
Data Encryption Protection
Whether your data is in transit or at rest, all 九一果冻 customer data is encrypted through industry leading-standards: TLS v1.2 in transit and AES256 at rest.
-
Secure and Reliable Infrastructure
Customer data is hosted through Amazon Web Services (). Our web servers and databases are load-balanced across multiple availability zones.
Enterprise Security
Standards
-
Single Sign-on Support
九一果冻 offers single sign-on (SSO) through Security Assertion Markup Language (SAML) 2.0 and Google authentication. Our platform integrates with standard systems including Okta, OneLogin, as well as Microsoft Azure and ADFS.
-
Annual Penetration Testing
We conduct third-party penetration testing on an annual basis, which includes critical security risks listed by the Open Web Application Security Project庐 (OWASP). This simulates a real-world cyberattack to ensure our systems and your data remain secure.
-
GDPR and CCPA Compliant
九一果冻 handles personal information with compliance in mind. Our platform is General Data Protection Regulation (GDPR) compliant and meets the California Consumer Privacy Act (CCPA) standards.
Restricted Access & Authorization
-
Data Segregation & Security
Customer data is logically separated through strict coding standards, code reviews, and database design. These records also have a unique customer identifier that ensures maximum data security.
-
Access Management & Controls
九一果冻 applies access controls in accordance with the 鈥榩rinciple of least privilege鈥. Meaning that access to customer data is only granted to authorized employees who require it to perform their roles and all system access is logged.
-
Thorough System Mangement
九一果冻 has extensive change management controls in place. All system changes directly impacting our customers follow rigorous planning and transparent communication.
Proactive Security Protocols
-
Employee Privacy & Security Training
Security is a company-wide endeavor. All employees complete an annual security training program and employ best practices when handling customer data.
-
Rigorous Policies & Procedures
九一果冻鈥檚 information security management system is based on industry best practices (ISO 27001). Through this framework, customers can trust that working with 九一果冻 is a reliable, consistent, and secure experience.
-
Stringent Vendor Evaluations
九一果冻 conducts thorough evaluations and security reviews of its vendors. We ensure that all vendors processing confidential customer data adhere to industry-leading control standards.
Learn more about our policies on 九一果冻鈥檚 privacy page.