Effective: April 10, 2020
Is your data secure?
Yes. From owning, storing, transferring, accessing, backing up, monitoring, to testing & reviewing our security procedures, every aspect is covered to meet industry best practice standards and is legally compliant. Your security questions answered:
Is my data secured?
Who owns your data?
Where and how is our data stored?
All your data is stored using DigitalOcean and the data is stored in the United Kingdom, allowing you to meet European regulations as no data is transferred outside the EU and is physically secured by trained and audited Security staff around the clock, 365 days a year.
Sensitive data is encrypted, using an AES 256 based encryption key.
Is the transfer of my data secure?
Your data is transferred with high-grade TLS 1.2 (https) technology. This is industry standard technology, used by everybody from Google to the big banks.
We limit the duration of inkscroll sessions and will automatically log you out of inkscroll after a certain time, and we only use secure cookies (which don’t store any personal information locally).
Who can access my data?
We have 3 types of parties that can get access to your data:
You and your network – you and your chosen network will have access to data items that you have chosen to share from your data vault. This will be accessible after securely logging to their account. You can control who you will share a data item with and who can view a data item.
Our staff – a small number of periodically trained authorized inkscroll personnel as defined in our security policy can gain access to your data. Any inkscroll team member doing so will be performing specific (audited) tasks on your request via our support desk. Access to all sensitive data requires two-factor authentication by these personnel.
In some cases, based on your consent, data will be provided, per your request, to 3rd party service providers for specific business purposes (e.g. getting a quote for services).
Is my data backed up?
Our data centers back up your data at least once a day and your data is fully restorable within a reasonable time in the unlikely event of a problem.