We realise how valuable the salon data stored in our system is. This is why data security and privacy are the number one priority for us.
We have made every effort to ensure the highest possible level of security.
All data entered into the system is stored on rigorously protected servers located in guarded premises. The server rooms are compliant with the ISO 27001 security standard and undergo regular SAS70 audits.
Entrusting us with data can be compared to storing valuable possessions in a safe deposit box. Thanks to the fact that we provide service to hundreds of customers we can ensure a level of security you would not be able to reach on your own.
Data loss prevention
To eliminate the risk of data loss or service interruption, our whole infrastructure is based on n+1 redundancy, which means that all components have at least one independent backup component.
Copies of your data are stored on multiple servers located in independent premises. If any servers are down you can still access your data.
Additionaly, we perform daily backups which are encrypted and stored on another continent. This would enable us to retrieve all data even if some natural disaster affected two separate locations.
Protection against unauthorised access to data
All servers are separated from the public Internet by a firewall which allows only traffic necessary to provide the service. Access to data is possible only through an encrypted connection, which prevents third party interception. The data in our database is protected with AES-256 cipher. This encryption method prevents unauthorised access to data even by people who have physical access to the servers.
Each user needs to be authenticated with a password. Passwords are stored using one-way encryption. This means only the user knows what the password is.
We provide a number of configuration features which enable the administrator to determine different access levels for particular employees. Each operation performed in the system is registered, with the administrator being able to check who makes any changes or removes data from the system. Additionaly, data removed or amended by mistake can be retrieved.
Safe source code
While creating the system we invariably follow good security practices, making sure to equip it with security measures against all common types of attacks.
Compliance with the personal data protection standards
We ensure total compliance with the personal data protection standards. The system fulfills high-level security requirements.
All procedures are subject to regular third party audits.
