Security is a top priority for us. We have systems in place to protect your personal data and various procedures for the continuous improvement of your security systems.
We use SSL (HTTPS) encryption when transmitting your data from our servers to your browser to ensure that no one can intercept any personal data during transfer.
We use a physical infrastructure and software architecture that ensures that you data is replicated properly and not subject to single points of failure.
We perform full backups of your data every hour and all backups are encrypted using the AES-256 algorithm and stored safely on Amazon Web Services (AWS) servers.
Data center security
Your data are physically stored in data centers managed by OVH in France and Amazon Web Services (AWS) in the United States. Both offer high levels of infrastructure security and are compliant with the strictest security standards: ISO/IEC 27001, SOC 1 TYPE II, SOC 2 TYPE II.
PCI-compliance for your billing information
Your credit card information is handled securely over SSL/HTTPS by Stripe which is our payment processor. Stripe is certified to PCI Service Provider Level 1, which is the highest level of certification available in the payments industry.
You can ensure that all user accounts and logins inside your Searchness's organization are compliant with your company internal authentication process. Using our SAML 2.0 single sign-on feature, members of your organization can sign in easily using their company-issued credentials and you can maintain your organization internal system as the single source for handling authentication and user accounts.
Access monitoring and role-based permissions
Thanks to our audit log feature, you can monitor all actions taken inside your Searchness's organization with a high level of granularity. Using Searchness's role-based permissions feature, you can also define precisely the type of actions that any member of your organization is allowed or not allowed to take.
In compliance with article 33 of the GDPR, we shall notify you without undue delay of any data breach that comes to our knowledge. If you are in the European Union, we shall inform the supervising authority not later than 72 hours after becoming aware of the breach.
When notifying you, we shall describe the nature of the personal data breach including where possible, the categories and approximate number of persons concerned and the categories and approximate number of personal data records concerned. We shall communicate the name and contact details of our data protection officer and any other appropriate contact point where more information can be obtained.
When notifying you, we shall also describe the likely consequences of the personal data breach. We shall describe the measures taken or planned to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects. If it's not feasible to provide you with all the information at the same time, we shall inform you in phases, without undue delay, as soon as more information is available.
If you wish to report a security incident or have any security-related questions, please contact our data protection officer, Ismaël Sow, at the following email address: firstname.lastname@example.org.
Last updated: January 20th, 2020