Visor del documento
Nombre Último Cambio
Redbooth (en) - Seguridad y Privacidad 25-may-2018 | 7,29%
Cambio importante no indicado
# Antigua Versión Nueva Versión
0 At Redbooth, we develop professional software for thousands of global organizations. Many of our customers are in the legal, financial services, healthcare and government sectors. At Redbooth, we develop professional software for thousands of global organizations. Many of our customers are in the legal, financial services, healthcare and government sectors.
1 Over a million users and thousands of companies worldwide trust Redbooth to communicate and collaborate securely and in real time. The privacy and security of your data is our main concern, and an area of significant, ongoing investment across the company. Over a million users and thousands of companies worldwide trust Redbooth to communicate and collaborate securely and in real time. The privacy and security of your data is our main concern, and an area of significant, ongoing investment across the company.
2 Our product was designed from the ground for easy setup and use, with the feel of a “consumer” application, but with the security and control of an enterprise business application. Our product was designed from the ground for easy setup and use, with the feel of a “consumer” application, but with the security and control of an enterprise business application.
3 We’ve built sophisticated security infrastructure to allow account administrators to confidently deploy and use Redbooth and focus on getting business value, not on managing security. We’ve built sophisticated security infrastructure to allow account administrators to confidently deploy and use Redbooth and focus on getting business value, not on managing security.
4 Architecture Architecture
5 Our easy-to-use interfaces are backed by infrastructure working behind the scenes to ensure fast, reliable uploads, downloads, sync, and sharing. To make this happen, we’re continually evolving our product and architecture to speed data transfer, improve reliability, and adjust to changes in the environment. In this section, we’ll explain how data is transferred, stored, and processed securely. Our easy-to-use interfaces are backed by infrastructure working behind the scenes to ensure fast, reliable uploads, downloads, sync, and sharing. To make this happen, we’re continually evolving our product and architecture to speed data transfer, improve reliability, and adjust to changes in the environment. In this section, we’ll explain how data is transferred, stored, and processed securely.
6 Redbooth is designed with multiple layers of protection, covering data transfer, encryption, network configuration, and application-level controls, all distributed across a scalable, secure infrastructure. Redbooth is designed with multiple layers of protection, covering data transfer, encryption, network configuration, and application-level controls, all distributed across a scalable, secure infrastructure.
7 Redbooth users can access files and folders at any time from the desktop, web, and mobile clients, or through third-party applications connected to Redbooth. All of these clients connect to secure servers for access to files, allow file sharing with others, and update linked devices when files are added, changed, or deleted. Redbooth users can access files and folders at any time from the desktop, web, and mobile clients, or through third-party applications connected to Redbooth. All of these clients connect to secure servers for access to files, allow file sharing with others, and update linked devices when files are added, changed, or deleted.
8 Data at Rest: Hosting Security Data at Rest: Hosting Security
9 Redbooth’s secure cloud collaboration platform is hosted by Amazon Web Services in a highly secure, fully-redundant data center which has achieved PCI DSS Level 1, ISO 27001 certification and has successfully completed multiple SAS70 Type II audits. Data at rest is stored in Amazon S3 and AWS RDS mysql database is inside a Virtual Private Cloud, which has very tightly controlled access via a gateway machine. Redbooth’s secure cloud collaboration platform is hosted by Amazon Web Services in a highly secure, fully-redundant data center which has achieved PCI DSS Level 1, ISO 27001 certification and has successfully completed multiple SAS70 Type II audits. Data at rest is stored in Amazon S3 and AWS RDS mysql database is inside a Virtual Private Cloud, which has very tightly controlled access via a gateway machine.
10 Redbooth servers and data are monitored 24x7 for up-time, availability and intrusion detection. Redbooth’s provider stands behind a 99.99% SLA. The AWS network provides significant protection against traditional network security issues: packet sniffing by other tenants, Denial of Service (DDoS) attacks, Man-In-the Middle (MITM) attacks and use of Web Application Firewalls (WAF). Redbooth servers and data are monitored 24x7 for up-time, availability and intrusion detection. Redbooth’s provider stands behind a 99.99% SLA. The AWS network provides significant protection against traditional network security issues: packet sniffing by other tenants, Denial of Service (DDoS) attacks, Man-In-the Middle (MITM) attacks and use of Web Application Firewalls (WAF).
11 Accounts Accounts
12 To use Redbooth, you'll need to create an account, either via Redbooth or through your account with a third-party service such as Google. In the latter case, your Redbooth account will be created using the information you provided to that service, such as your name and email address and other personal information that your privacy settings on that service permit us to access. To use Redbooth, you'll need to create an account, either via Redbooth or through your account with a third-party service such as Google. In the latter case, your Redbooth account will be created using the information you provided to that service, such as your name and email address and other personal information that your privacy settings on that service permit us to access.
13 Passwords Passwords
14 Passwords are hashed using SHA2 and salted several times to defend against dictionary attacks. Passwords are hashed using SHA2 and salted several times to defend against dictionary attacks.
15 Physical Security Physical Security
16 Physical access to our servers is strictly controlled and all precautions are taken including: power redundancy, temperature control and fire detection. Physical access to our servers is strictly controlled and all precautions are taken including: power redundancy, temperature control and fire detection.
17 Amazon data centers are surrounded by three physical layers of security. The outermost, or “perimeter one” is a fence which is either crash-rated to prevent a vehicle from penetrating it or backed by the state of the art aka Jersey Barriers. Amazon data centers are surrounded by three physical layers of security. The outermost, or “perimeter one” is a fence which is either crash-rated to prevent a vehicle from penetrating it or backed by the state of the art aka Jersey Barriers.
18 Access to “perimeter two,” an area which houses chillers, switchboards and generators, is blocked by another wall. Entrance requires both a badge swipe and a personal pin. The only authorized entrants are the engineers required to service this sort of gear. Access to “perimeter two,” an area which houses chillers, switchboards and generators, is blocked by another wall. Entrance requires both a badge swipe and a personal pin. The only authorized entrants are the engineers required to service this sort of gear.
19 Each door is under video surveillance with the feed monitored both locally and remotely. The space between perimeters is studded with internal trip-lights that are also monitored and managed around the clock. The innermost perimeter comprises the data halls with servers and networking gear. These doors are monitored by video cameras and require another badge swipe and pin number for entry. They are also equipped with metal detectors. Each door is under video surveillance with the feed monitored both locally and remotely. The space between perimeters is studded with internal trip-lights that are also monitored and managed around the clock. The innermost perimeter comprises the data halls with servers and networking gear. These doors are monitored by video cameras and require another badge swipe and pin number for entry. They are also equipped with metal detectors.
20 Data in Motion: Network security Data in Motion: Network security
21 Redbooth data always travels over a secure connection. It is encrypted for transfer using SSL and it is only accessible via https (never via http). Redbooth data always travels over a secure connection. It is encrypted for transfer using SSL and it is only accessible via https (never via http).
22 Passwords are stored with one-way encryption on our servers meaning that our own internal team can never access a password. Connections are encrypted with SHA2 2048-bit (TLS 1.2) encryption, the very same high-security standard used in online banking. Passwords are stored with one-way encryption on our servers meaning that our own internal team can never access a password. Connections are encrypted with SHA2 2048-bit (TLS 1.2) encryption, the very same high-security standard used in online banking.
23 Redbooth Application Security Redbooth Application Security
24 Redbooth is designed from the ground up to provide a private and secure environment for each user. Redbooth is designed from the ground up to provide a private and secure environment for each user.
25 Each user builds a private workspace which may only be accessed by explicitly invited users. Redbooth tightly segregates the data for each group of users so it is not available to non-members of the group. Each user builds a private workspace which may only be accessed by explicitly invited users. Redbooth tightly segregates the data for each group of users so it is not available to non-members of the group.
26 Users can be invited on two different levels: Users can be invited on two different levels:
27 Organizations and Workspaces, and can be easily removed anytime. Organizations and Workspaces, and can be easily removed anytime.
28 Typically, an Organization is used for a company. As shown in the example below: “Redbooth” is the organization. Typically, an Organization is used for a company. As shown in the example below: “Redbooth” is the organization.
29 Workspaces are used to create a discrete area for collaboration and can only be accessed by members of the specific workspace. Workspaces are used to create a discrete area for collaboration and can only be accessed by members of the specific workspace.
30 Redbooth’s role-based permission offers 2 different access levels, Administrator, which has the ability to add/remove users or User, which has access, but cannot add or remove users. Redbooth’s role-based permission offers 2 different access levels, Administrator, which has the ability to add/remove users or User, which has access, but cannot add or remove users.
31 Content Security Policy (CSP) Content Security Policy (CSP)
32 We put a lot of effort to protect Redbooth from common XSS vulnerabilities by activating the following directives: We put a lot of effort to protect Redbooth from common XSS vulnerabilities by activating the following directives:
33 base-uri base-uri
34 font-src font-src
35 media-src media-src
36 objectt-src objectt-src
37 plugin-types plugin-types
38 style-src style-src
39 frame-ancestors frame-ancestors
40 report-uri report-uri
41 Our Data Privacy Policy Our Data Privacy Policy
42 Your data is private and only visible to your team Your data is private and only visible to your team
43 Information we collect and store Information we collect and store
44 We collect and store the text, information, tasks and files you upload or access with the Redbooth Service. When you access Redbooth, we may automatically record information from your device, its software, and your activity using the service. This may include your device’s IP address, browser type, the web page visited before you came to our website, location, locale preferences, date and time stamps and other metadata concerning your interactions with the service. We collect and store the text, information, tasks and files you upload or access with the Redbooth Service. When you access Redbooth, we may automatically record information from your device, its software, and your activity using the service. This may include your device’s IP address, browser type, the web page visited before you came to our website, location, locale preferences, date and time stamps and other metadata concerning your interactions with the service.
45 Cookies Cookies
46 We use “cookies” to collect information and improve our services. A cookie is a small data file that we transfer to your device. We may use “persistent cookies” to save your registration ID and login password for future logins to the service. You can configure your browser by changing its options to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. If you do not accept cookies, however, you may not be able to easily access all aspects of the Redbooth service and may need to manually enter user and password information. We use “cookies” to collect information and improve our services. A cookie is a small data file that we transfer to your device. We may use “persistent cookies” to save your registration ID and login password for future logins to the service. You can configure your browser by changing its options to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. If you do not accept cookies, however, you may not be able to easily access all aspects of the Redbooth service and may need to manually enter user and password information.
47 Our Use of Your Personal Information Our Use of Your Personal Information
48 In the course of using the Service, we may collect personal information that can be used to contact or identify you (“Personal Information”). Personal Information is or may be used: (i) to provide and improve our Service, (ii) to administer your use of the Service, (iii) to better understand your needs and interests, (iv) to personalize and improve your experience, and (v) to provide or offer software updates and product announcements. If you no longer wish to receive communications from us, please follow the “unsubscribe” instructions provided in any of those communications. In the course of using the Service, we may collect personal information that can be used to contact or identify you (“Personal Information”). Personal Information is or may be used: (i) to provide and improve our Service, (ii) to administer your use of the Service, (iii) to better understand your needs and interests, (iv) to personalize and improve your experience, and (v) to provide or offer software updates and product announcements. If you no longer wish to receive communications from us, please follow the “unsubscribe” instructions provided in any of those communications.
49 Geo-Location Information Geo-Location Information
50 Some browsers allow applications to access real-time location-based information (for example, GPS). Our mobile apps do not collect such information as of the date this policy went into effect, but may do so in the future with your consent to improve our Services. Some browsers allow applications to access real-time location-based information (for example, GPS). Our mobile apps do not collect such information as of the date this policy went into effect, but may do so in the future with your consent to improve our Services.
51 Third-Party Applications Third-Party Applications
52 We may share your information with a third party application with your consent (Google Drive, Dropbox or similar service), for example, when you choose to access our Services through such an application. We are not responsible for what those parties do with your information, so you should make sure you trust the application and that it has a privacy policy acceptable to you. We may share your information with a third party application with your consent (Google Drive, Dropbox or similar service), for example, when you choose to access our Services through such an application. We are not responsible for what those parties do with your information, so you should make sure you trust the application and that it has a privacy policy acceptable to you.
53 Encryption Encryption
54 Redbooth will not be able to decrypt any files that you encrypted prior to storing them on Redbooth. Redbooth will not be able to decrypt any files that you encrypted prior to storing them on Redbooth.
55 Analytics Analytics
56 We also collect some information (using third party services) using logging and cookies. We use this information for the above purposes and to monitor and analyze use of the Service, to increase our functionality and user-friendliness. As of the date this policy went into effect, we use Google Analytics and KISSMetrics. We also collect some information (using third party services) using logging and cookies. We use this information for the above purposes and to monitor and analyze use of the Service, to increase our functionality and user-friendliness. As of the date this policy went into effect, we use Google Analytics and KISSMetrics.
57 Business Transfers Business Transfers
58 If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you (for example, via email and/or a prominent notice on our website) of any change in control or use of your Personal Information or Files, or if either become subject to a different Privacy Policy. We will also notify you of choices you may have regarding the information. If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you (for example, via email and/or a prominent notice on our website) of any change in control or use of your Personal Information or Files, or if either become subject to a different Privacy Policy. We will also notify you of choices you may have regarding the information.
59 Changing or Deleting Your Information Changing or Deleting Your Information
60 If you are a registered user, you may review, update, correct or delete the Personal Information provided in your registration or account profile by changing your “account settings.” If your personally identifiable information changes, or if you no longer desire our service, you may update or delete it by making the change on your account settings. If you are a registered user, you may review, update, correct or delete the Personal Information provided in your registration or account profile by changing your “account settings.” If your personally identifiable information changes, or if you no longer desire our service, you may update or delete it by making the change on your account settings.
61 Data Retention Data Retention
62 Redbooth will retain your information for as long as your account is active or as needed to provide you services. If you wish to cancel your account or request that we no longer use your information to provide you services, you may delete your account. We will try to delete your information quickly upon request. Please note, however, that there might be latency in deleting information from our servers and backed-up. Redbooth will retain your information for as long as your account is active or as needed to provide you services. If you wish to cancel your account or request that we no longer use your information to provide you services, you may delete your account. We will try to delete your information quickly upon request. Please note, however, that there might be latency in deleting information from our servers and backed-up.
63 Changes to our Privacy Policy Changes to our Privacy Policy
64 This Privacy Policy may change from time to time. If we make a change to this privacy policy that we believe materially reduces your rights, we will provide you with notice (for example, by email). And we may provide notice of changes in other circumstances as well. By continuing to use the Service after those changes become effective, you agree to be bound by the revised Privacy Policy. This Privacy Policy may change from time to time. If we make a change to this privacy policy that we believe materially reduces your rights, we will provide you with notice (for example, by email). And we may provide notice of changes in other circumstances as well. By continuing to use the Service after those changes become effective, you agree to be bound by the revised Privacy Policy.
65 If you have any questions or concerns about security or data privacy on our website or through our service, you should review this entire Security and Data Privacy Policy Page or contact us at info@redbooth.com . If you have any questions or concerns about security or data privacy on our website or through our service, you should review this entire Security and Data Privacy Policy Page or contact us at info@redbooth.com .
66 We go to great effort to make our Redbooth products as secure as possible, however if you have discovered a security vulnerability in Redbooth we would appreciate your help to disclose this to us in a responsible manner. We go to great effort to make our Redbooth products as secure as possible, however if you have discovered a security vulnerability in Redbooth we would appreciate your help to disclose this to us in a responsible manner.
67 In order to do so please send an email to security@redbooth.com explaining the issue and provide detailed steps on how to reproduce the vulnerability. In order to do so please send an email to security@redbooth.com explaining the issue and provide detailed steps on how to reproduce the vulnerability.
68 EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield
69 When transferring data from the European Union, the European Economic Area, and Switzerland, Redbooth, Inc. relies upon a variety of legal mechanisms, including contracts with our users. Redbooth, Inc. complies with the EU-U.S. and SwissU.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, the European Economic Area, and Switzerland to the United States. You can find Redbooth, Inc.'s Privacy Shield certification here. You can also learn more about Privacy Shield on its website . When transferring data from the European Union, the European Economic Area, and Switzerland, Redbooth relies upon a variety of legal mechanisms, including contracts with our users. Redbooth complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Notion Inc. has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/ .
70 Redbooth, Inc. is subject to oversight by the U.S. Federal Trade Commission. JAMS is the US-based independent organization responsible for reviewing and resolving complaints about our Privacy Shield compliance — free of charge to you. We ask that you first submit any such complaints directly to us via privacyshield@redbooth.com . If you aren't satisfied with our response, please contact JAMS. In the event your concern still isn't addressed by JAMS, you may be entitled to a binding arbitration under Privacy Shield and its principles. Redbooth is subject to oversight by the U.S. Federal Trade Commission. JAMS is the US-based independent organization responsible for reviewing and resolving complaints about our Privacy Shield compliance — free of charge to you. We ask that you first submit any such complaints directly to us via privacyshield@redbooth.com . If you aren't satisfied with our response, please contact JAMS at https://www.jamsadr.com/file-an-eu-us-privacy-shield-or-safe-harbor-claim . In the event your concern still isn't addressed by JAMS, you may be entitled to a binding arbitration under Privacy Shield and its principles.
71 Within the scope of our authorization to do so, and in accordance with our commitments under the Privacy Shield, Redbooth, Inc. will provide individuals access to personal data about them. Redbooth, Inc. also will take reasonable steps to enable individuals to correct, amend, or delete personal data that is demonstrated to be inaccurate. Within the scope of our authorization to do so, and in accordance with our commitments under the Privacy Shield, Redbooth will provide individuals access to personal data about them. Redbooth also will take reasonable steps to enable individuals to correct, amend, or delete personal data that is demonstrated to be inaccurate.
72 Redbooth, Inc. Redbooth uses a limited number of third party providers to assist us in providing the Services to our customers. These third parties may access, process or store personal data in the course of providing services like hosting services and marketing automation, but based on our instructions only.
73 If we receive personal data subject to our certification under the Privacy Shield and then transfer it to a third-party service provider acting as an agent on our behalf, we have certain liability under the Privacy Shield if both (i) the agent processes the personal data in a manner inconsistent with the Privacy Shield and (ii) we are responsible for the event giving rise to the damage.
74 Redbooth may disclose personal data when we have a good faith belief that such action is necessary to: conform to legal requirements or to respond to lawful requests by public authorities, including to meet national security or law enforcement requirements; or to enforce our contractual obligations.
75 is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Redbooth, Inc. complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions. Redbooth is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Redbooth complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
76 Redbooth Data Backup & Disaster Recovery Redbooth Data Backup & Disaster Recovery
77 Redbooth Data Backup enables you to back up your data whenever you want. A couple of clicks and you can download a compressed folder with all your tasks, task lists and projects. Redbooth Data Backup enables you to back up your data whenever you want. A couple of clicks and you can download a compressed folder with all your tasks, task lists and projects.
78 This feature is only available for Business customers. If you’re interested in this plan, contact our sales team. This feature is only available for Business customers. If you’re interested in this plan, contact our sales team.
79 If you’re already a Business customer, follow these steps to back up your data: If you’re already a Business customer, follow these steps to back up your data:
80 Go to the Redbooth Data Backup landing page. (It isn’t hosted in your Redbooth account, so if you need the link, please reach out to our support team.) Go to the Redbooth Data Backup landing page. (It isn’t hosted in your Redbooth account, so if you need the link, please reach out to our support team.)
81 Click on “Get Started Now” and authorize the application. Click on “Get Started Now” and authorize the application.
82 Click on “Collect Information” and you will see a summary of your data. Click on “Collect Information” and you will see a summary of your data.
83 Click on “Generate the Archive” to proceed. Click on “Generate the Archive” to proceed.
84 Now you can go back to Redbooth, as you wait for the email that’ll contain the download link for the backup file. Now you can go back to Redbooth, as you wait for the email that’ll contain the download link for the backup file.
85 Data Privacy: Cookies in Redbooth Data Privacy: Cookies in Redbooth
86 This website, like many others, uses small files called cookies to help optimize your experience. This website, like many others, uses small files called cookies to help optimize your experience.
87 This section contains information on what ‘cookies’ are, the cookies used by Redbooth and how to turn cookies off in your browser. If it does not provide the information you were looking for, or you have any further questions about the use of cookies on Redbooth, please contact us at info@redbooth.com . This section contains information on what ‘cookies’ are, the cookies used by Redbooth and how to turn cookies off in your browser. If it does not provide the information you were looking for, or you have any further questions about the use of cookies on Redbooth, please contact us at info@redbooth.com .
88 What are ‘cookies’? What are ‘cookies’?
89 ‘Cookies’ are small text files that are stored by the browser (for example, Google Chrome or Safari) on your computer or mobile phone. They allow websites to store things like user preferences. You can think of cookies as providing a ‘memory’ for the website, so that it can recognize you when you come back and respond appropriately. ‘Cookies’ are small text files that are stored by the browser (for example, Google Chrome or Safari) on your computer or mobile phone. They allow websites to store things like user preferences. You can think of cookies as providing a ‘memory’ for the website, so that it can recognize you when you come back and respond appropriately.
90 How does Redbooth use cookies? How does Redbooth use cookies?
91 A visit to a page on Redbooth may generate the following types of cookies: A visit to a page on Redbooth may generate the following types of cookies:
92 Redbooth user cookies Redbooth user cookies
93 Anonymous analytics cookies Anonymous analytics cookies
94 Third-party cookies Third-party cookies
95 Redbooth use and policies for cookies Redbooth use and policies for cookies
96 When you use Redbooth, we may send one or more cookies to your computer to uniquely identify your browser and let Redbooth help you log in faster and enhance navigation through the site. A cookie may convey anonymous information to us about how you browse the Service. A persistent cookie remains on your hard drive after you close your browser, so that it can be used by your browser on subsequent visits to the Service. A session cookie is temporary and disappears after you close your browser. When you use Redbooth, we may send one or more cookies to your computer to uniquely identify your browser and let Redbooth help you log in faster and enhance navigation through the site. A cookie may convey anonymous information to us about how you browse the Service. A persistent cookie remains on your hard drive after you close your browser, so that it can be used by your browser on subsequent visits to the Service. A session cookie is temporary and disappears after you close your browser.
97 Anonymous analytics cookies Anonymous analytics cookies
98 Every time someone visits our website, software provided by another organization generates an ‘anonymous analytics cookie’. These cookies can tell us whether or not you have visited the site before. Your browser will tell us if you have these cookies and, if you don’t, we generate new ones. This allows us to track how many individual users we have, and how often they visit the site. Every time someone visits our website, software provided by another organization generates an ‘anonymous analytics cookie’. These cookies can tell us whether or not you have visited the site before. Your browser will tell us if you have these cookies and, if you don’t, we generate new ones. This allows us to track how many individual users we have, and how often they visit the site.
99 Unless you are signed in to Redbooth, we cannot use these cookies to identify you or any other individuals. We use them to gather statistics, for example, the number of visits to a page. If you are logged in, we will also know the details you gave to us for this, such as your username and email address. Unless you are signed in to Redbooth, we cannot use these cookies to identify you or any other individuals. We use them to gather statistics, for example, the number of visits to a page. If you are logged in, we will also know the details you gave to us for this, such as your username and email address.
100 Third-party cookies Third-party cookies
101 On some pages of our website, other organizations may also set their own anonymous cookies. They do this to track the success of their application, or to customize the application for you. Because of how cookies work, our website cannot access these cookies, nor can the other organization access the data in cookies we use on our website. On some pages of our website, other organizations may also set their own anonymous cookies. They do this to track the success of their application, or to customize the application for you. Because of how cookies work, our website cannot access these cookies, nor can the other organization access the data in cookies we use on our website.
102 For example, when you like Redbooth using the Facebook like button on redbooth.com , the social network that has created the button will record that you have done this. For example, when you like Redbooth using the Facebook like button on redbooth.com , the social network that has created the button will record that you have done this.
103 How do I turn cookies off? How do I turn cookies off?
104 It is usually possible to stop your browser accepting cookies, or to stop it accepting cookies from a particular website. However, some features of our service may not function properly if you disable accepting cookies. It is usually possible to stop your browser accepting cookies, or to stop it accepting cookies from a particular website. However, some features of our service may not function properly if you disable accepting cookies.
105 All modern browsers allow you to change your cookie settings. You can usually find these settings in the ‘options’ or ‘preferences’ menu of your browser. To understand these settings, you can use the ‘Help’ option in your browser for more details. All modern browsers allow you to change your cookie settings. You can usually find these settings in the ‘options’ or ‘preferences’ menu of your browser. To understand these settings, you can use the ‘Help’ option in your browser for more details.
106 How We Maintain Security 24x7 How We Maintain Security 24x7
107 Aside from our own testing, we rely on industry experts to help maintain security through: Aside from our own testing, we rely on industry experts to help maintain security through:
108 Continuous Automated Penetratation Testing Continuous Automated Penetratation Testing
109 Continuous Manual Penetration testing and ethical hacking Continuous Manual Penetration testing and ethical hacking
110 AWS’ stringent Security infrastructure monitoring, testing and policies AWS’ stringent Security infrastructure monitoring, testing and policies
111 Compliance Compliance
112 There are many different compliance standards and regulations that may apply to your organization. Our approach is to combine the most accepted standards — like ISO 27001 and SOC 2 — with compliance measures geared to the specific needs of our customers’ businesses or industries. Our data centers, and our managed service provider undergo regular third-party audits. There are many different compliance standards and regulations that may apply to your organization. Our approach is to combine the most accepted standards — like ISO 27001 and SOC 2 — with compliance measures geared to the specific needs of our customers’ businesses or industries. Our data centers, and our managed service provider undergo regular third-party audits.
113 ISO 27001 – Our datacenter is ISO 27001 certified (published certificate) under the International Organization for Standardization (ISO) 27001 standard. ISO 27001 is a widely-adopted global security standard that outlines the requirements for information security management systems. It provides a systematic approach to managing company and customer information that’s based on periodic risk assessments. In order to achieve the certification, a company must show it has a systematic and ongoing approach to managing information security risks that affect the confidentiality, integrity, and availability of company and customer information. ISO 27001 – Our datacenter is ISO 27001 certified (published certificate) under the International Organization for Standardization (ISO) 27001 standard. ISO 27001 is a widely-adopted global security standard that outlines the requirements for information security management systems. It provides a systematic approach to managing company and customer information that’s based on periodic risk assessments. In order to achieve the certification, a company must show it has a systematic and ongoing approach to managing information security risks that affect the confidentiality, integrity, and availability of company and customer information.
114 Our datacenter is under a formal program to maintain the certification. This certification reinforces our commitment to providing transparency into our security controls and practices. Our datacenter is under a formal program to maintain the certification. This certification reinforces our commitment to providing transparency into our security controls and practices.
115 Do you have questions or require more information? Please contact us at security@redbooth.com . Do you have questions or require more information? Please contact us at security@redbooth.com .