Skip to content

Security

The security and of the platform and the protection of our customers’ data are of utmost importance to Trackado! We have implemented a comprehensive range of security measures to ensure a safe and secure environment.

Hosting Environment

To make everything as safe as possible, we do not use our own server infrastructure. Instead, we rely on Microsoft Azure for hosting, one of the most secure solutions available in the industry. Microsoft Azure holds all relevant security certifications. All application data is stored and kept in Western European data centers.

Data Storage and Encryption

The data that you choose to transfer to our servers is encrypted before we store it (“encryption at rest”). You also have the option to have your files stored on another storage solution you might already be using (for example Dropbox) and only add links to your files.

Data Transfer and Encryption

We encrypt all communication between your browser and our servers by TLS/SSL (“encryption in transit”).

Availability and Back-Ups

We use a setup that allows for efficient workload distribution and high scalability without downtimes. All data is automatically replicated and backed-up for redundancy and to assure availability.

Monitoring and Logging

We have continuous monitoring processes in place and store customer and system activity logs for traceability, troubleshooting and support purposes.

Development and Testing

We use a DevOps setup including a continuous integration and continuous delivery (CI/CD) approach for automating and streamlining the software delivery and infrastructure management processes. We have a well-defined quality assurance process in place and all new features, product updates or bug fixes are tested and reviewed in multiple test environments before they are released to the production environment.

Vulnerability Testing

We run regular vulnerability assessments and penetration tests of the whole application on a recurring basis.

Retention and Data Deletion

We have a retention policy in place and delete customer data in accordance with this policy. Customer data is usually retained for up to 18 months after a subscription was cancelled (unless otherwise required by law) to assure the availability of the data for a set period even after a cancellation. Of course, earlier deletion is possible based upon a customer’s request.

Trusted Sub-processors

To help us deliver our services we engage selected sub-processors for certain processes:

  • ChargeBee – Subscription management and billing (USA)
  • Hubspot – Customer relationship management (USA)
  • Intercom – Customer support and messaging (USA)
  • Microsoft – Hosting / Cloud services (EU)
  • SignRequest – E-Signing services (EU)
  • Stripe – Payment processing (USA)
  • Twilio – Email communication and text messaging (USA)

More information can also be found in our Privacy Policy and Terms & Conditions.