Security Policy
PageProofer takes the security and privacy of customer data very seriously. We have implemented the following security policies to ensure the highest possible level of security.
Server Security
All PageProofer infrastructure is hosted in secure Digital Ocean facilities. DigitalOcean is AICPA SOC 2 Type II and SOC 3 Type II certified.
Data Security
All data is transmitted using secure HTTPS 256 bit encryption which can not be viewed by a third party. All data is stored in secure data centers with physical controls to prevent unauthorized access. All customer data is stored with dual redundancy to ensure loss protection. All authentication credentials (ie integration tokens and passwords) are additionally encrypted using AES-256 within in our secure databases.
Software Security
All our systems run the latest available operating systems with up to date security patches. Automated security updates are applied weekly. We also monitor documented threats from public security research groups and apply security patches as soon as they are publicly available.
Payment Security
We process your payments through a third party payment processor (Stripe), which stores and maintains your complete payment information on our behalf. Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1. We do not store any of your payment card information.
Employee Access
All employee access to our IT infrastructure is controlled and restricted by our carefully managed security policy. All employees are required to use strong passwords and a password manager. Any access to customer data requires two factor authentication (2FA).
Security Audits
We conduct regular internal security audits of our hardware, software, and network configurations to ensure the highest level of protection.
GDPR
PageProofer adheres to GDPR and is bound by Canadian PIPEDA regulations. Please refer our privacy policy for more information.
Data Processors
PageProofer uses the following data processors:
- Stripe - Payment Processing
- Drift - Customer Communication
- Wildbit - Customer Communication
- Google - Analytics
- Asana - Integration
- Basecamp - Integration
- GitHub - Integration
- Jira - Integration
- Slack - Integration
- Trello - Integration
- Teamwork - Integration
Security Disclosure
We do not have a bug bounty program. We gratefully receive any report of suspected security problems. We will acknowledge any security contribution made on our website. Please report any security issues to support@pageproofer.com.
Additional Information
Please contact us at support@pageproofer.com and we will be happy to answer any questions you have.