Last updated: April 9, 2018
Many businesses trust in Zoomph to handle their consumers’ personal data. Since 2014, we have taken many measures to protect the way that this information is collected, stored, and used. We also respect the concerns of global consumers, including multiple social network providers, and adhere to the ever-changing requirements of various governments around the world.
Your Zoomph Account to include the Zoomph (Platform/Software), Your Visitors, and Users are safe with Zoomph. There are a number of steps we take to ensure that your Account, Organization, User Data, and first-party data are secure.
All data Zoomph collects is stored electronically on the Amazon Web Services (AWS) infrastructure, US-East-1 Datacenter. Our application servers and database servers run inside an Amazon VPC, Virtual Private Cloud. The database containing User, Visitor, and Usage Data is accessible from the application servers and approved engineers. No outside sources (third-party contractors) are allowed to connect to the database. All data stored by Zoomph is encrypted at rest.
Only Zoomph approved engineers required to perform their job are given access to backend services and data. Different engineers are given different access rights on different system components as well, depending on what their job requires. Engineers who do have access have their own credentials, which are only valid when used from specific IPs. Secure authentication is used for server access as well as required to be on a secure VPN.
Full database backups are taken every day, stored on Amazon Cloud Storage (AWS S3), and kept for 30 days as an electronic copy. Backups are encrypted.
Compliance, certifications and audit reports
Zoomph adheres to industry best practices, applicable laws, rules and regulations, and provides a secure environment. The following standards describe our architecture and processes related to security; this is not meant to be an exhaustive listing of what can be required for a secure integrated environment between Zoomph and Customer/Client.
Zoomph maintains and implements policies and procedures for information security, privacy, business continuity, and disaster recovery, and complies with such policies.
In addition, non-consumer (employees and administrators) passwords are required to:
Consumer (public profiles) are required to:
Zoomph’s current approved hosting providers are Microsoft Azure and Amazon Web Services (AWS). Zoomph has obtained security assurances and service level agreements from these providers, and passes those protections to its clients/customers.
As a United States data company, we respect all consumer data to include global consumer protection and transparency. Our technology and processes thereby adhere to the strictest legal privacy requirements.