We appreciate the value of salon data stored in our system. This is why data security and privacy are the number one priority for us.
We have made every effort to ensure the highest possible level of security.
Data entered into the system is stored on rigorously protected servers located in guarded premises. The server rooms are compliant with the ISO 27001 security standard and undergo regular SAS 70 audits.
Entrusting us with data can be compared to storing valuable possessions in a safe deposit box. Thanks to the fact that we provide service to thousands of users we can ensure a level of security you would not be able to reach on your own.
Data loss prevention
To eliminate the risk of data loss or service interruption, our whole infrastructure is based on n+1 redundancy, which means that all components have at least one independent backup component.
Copies of your data are stored on multiple servers located in independent premises. If any servers are down you can still access your data.
Additionaly, we perform daily backups which are encrypted and stored on another continent. This would enable us to retrieve all data even if some natural disaster affected two separate locations.
Protection against unauthorised access to data
All servers are separated from the public Internet by a firewall which allows only traffic necessary to provide the service.
Access to data is possible only through an encrypted connection, which prevents third party interception.
The data in our database is protected with AES-256 cipher. This encryption method prevents unauthorised access to data even by people who have physical access to the servers.
Each user needs to authenticate with a password. Passwords are stored using one-way encryption. This means only the user knows what the password is.
We provide a number of configuration features which enable the administrator to determine different access levels for particular employees. Each operation performed in the system is registered, with the administrator being able to check who made any changes or removed data from the system. Additionaly, data removed or amended by mistake can be retrieved.
One of the most interesting features improving security is the customer data protection mode.
Safe source code
The source code is written exclusively by our developers (we do not outsource), who have undergone web application security trainings. While creating the system we invariably follow security good practices, making sure to equip it with security measures against all common types of attack. Third party libraries are updated on a regular basis.
Compliance with the Data Protection Act
We ensure total compliance with the Data Protection Act.
The system fulfills high-level security requirements, with all procedures undergoing regular third party audits.
If you have any questions on security matters, email us at firstname.lastname@example.org