We would like to make two things clear. First, we respect your privacy and take significant efforts to protect all your data. Second, we would never do anything without your consent.
Keeping our customers’ data secure is the most important thing that FlowMapp does. We go to considerable lengths to ensure that all data sent to FlowMapp is handled securely – keeping FlowMapp secure is fundamental to our business.
We can also assure that we don’t sell any data we receive from our users.
Customer Data Security
No one has access to your data. Unless you give us your temporary customer support token.
We make sure that every under-the-hood service needed to run our cloud is up-to-date. The same goes for the application itself, which always runs the latest version of FlowMapp. The cloud is also the first place that gets security fixes.
Every connection to your cloud account is SSL only. Non-encrypted communication is not allowed. We also follow all best HTTPS security practices. That means we use HTTP Strict Transport Security as well as Forward secrecy. Strong AES256 encryption is used to handle the transmission (some older browsers fallback to the AES128 cipher, which is still strong enough).
Full Redundancy and Backup
All cloud systems are redundant. We use a multiple layer infrastructure architecture – load balance, application, database, storage layer. Every layer is replicated. Along with the standard MySQL replication, we even create database backup, which leaves us time to go back in time if needed, without restoring backups (which would be more time consuming).
Backups are done regularly over the day, on-site as well as off-site.
Our system is monitored around the clock, using internal as well as external services. In case of a problem, we get a report in real time and are instantly ready to take care of any potential issues.
We always target to increase our uptime. You can check our past month stats at https://stats.uptimerobot.com
Firewalled and Secured Access
The whole system is behind a firewall. Just the necessary ports are open to the outside network. Also, only authorized personnel, using SSH keys, have access to the system. Access is enabled only over a VPN connection.
The server systems are located in Canada (OVH cloud service provider). Access is strictly monitored. To avoid any intrusions or risks, each perimeter is secured with barbed wire fences. The area is also monitored by constant video surveillance and motion detection sensors. Activity both within and outside of the datacentres is monitored and recorded on secure servers, with surveillance teams working on site, 24/7.
In order to control and monitor access to the OVH premises, strict security procedures have been put in place. Each staff member receives a RFID name badge, which is also used to restrict their access. Employee access rights are reassessed regularly, according to their remit. To access the premises, employees must hand in their badges for verification before passing through the security doors.
The data centres have an even higher level of protection, as only authorized personnel can gain entry. OVH installations are strictly for our own use.
FlowMapp is not subject to PCI obligations. All payment instrument processing is outsourced to FastSpring.