Data Safety and Security Information

Know how we protect you.

Last updated: April 9, 2018

We have always put privacy and security first.

Many businesses trust in Zoomph to handle their consumers’ personal data. Since 2014, we have taken many measures to protect the way that this information is collected, stored, and used. We also respect the concerns of global consumers, including multiple social network providers, and adhere to the ever-changing requirements of various governments around the world.

We have recently taken a serious look at our terms of service, privacy policy, and new regulations so that we can continue to provide meaningful analytics without compromising ethics, integrity, and governance.

Your Zoomph Account to include the Zoomph (Platform/Software), Your Visitors, and Users are safe with Zoomph. There are a number of steps we take to ensure that your Account, Organization, User Data, and first-party data are secure.

Data Storage

All data Zoomph collects is stored electronically on the Amazon Web Services (AWS) infrastructure, US-East-1 Datacenter. Our application servers and database servers run inside an Amazon VPC, Virtual Private Cloud. The database containing User, Visitor, and Usage Data is accessible from the application servers and approved engineers. No outside sources (third-party contractors) are allowed to connect to the database. All data stored by Zoomph is encrypted at rest.

Data Collection and Transmission

Zoomph Employee Server Access and Authentication

Only Zoomph approved engineers required to perform their job are given access to backend services and data. Different engineers are given different access rights on different system components as well, depending on what their job requires. Engineers who do have access have their own credentials, which are only valid when used from specific IPs. Secure authentication is used for server access as well as required to be on a secure VPN.

Data Backup 

Full database backups are taken every day, stored on Amazon Cloud Storage (AWS S3), and kept for 30 days as an electronic copy. Backups are encrypted.

Compliance, certifications and audit reports

Zoomph Architecture & Processes related to Security

Zoomph adheres to industry best practices, applicable laws, rules and regulations, and provides a secure environment. The following standards describe our architecture and processes related to security; this is not meant to be an exhaustive listing of what can be required for a secure integrated environment between Zoomph and Customer/Client.

Zoomph maintains and implements policies and procedures for information security, privacy, business continuity, and disaster recovery, and complies with such policies.

Authentication/Authorization Requirements

In addition, non-consumer (employees and administrators) passwords are required to:

Consumer (public profiles) are required to:

Zoomph Hosting

Zoomph’s current approved hosting providers are Microsoft Azure and Amazon Web Services (AWS).  Zoomph has obtained security assurances and service level agreements from these providers, and passes those protections to its clients/customers.

Infrastructure

Updating your Privacy Policy for use with Zoomph

As a United States data company, we respect all consumer data to include global consumer protection and transparency. Our technology and processes thereby adhere to the strictest legal privacy requirements.

While we always recommend that you seek legal advice within your territory, we suggest that you review the provisions of our Privacy Policy and ensure that your own policy mirrors the same principles we have included.

Need more details or have any questions?

Contact us at info@zoomph.com.