Security and Reliability
Thank you for your interest in Aditazz Inc. (“Aditazz,” “we,” “us,” or “our”), the Aditazz Platform, and all related materials, products, software, services, data, documentation, and information (collectively, with the Website, the “Service”).
This Aditazz Security Policy (“Security Policy”) describes the steps we take to secure and manage the transfer and storage of the information that you or your Authorized Users provide to us or that we collect in connection with your or your Authorized Users’ use of the Service, including your Customer Data (collectively, “Data”).
For purposes of this Security Policy, “you” “your” and “Customer” shall mean the Customer who is a party to the Aditazz Terms of Service (“Terms of Service”), to which this Security Policy is incorporated by reference. Any capitalized term used but not defined in this Security and Reliability Policy shall have the meaning ascribed to such term in the Terms of Service.
By using the Service and authorizing Authorized Users to use the Service, you hereby consent to the security practices described in this Security Policy on your behalf and on the behalf of your Authorized Users.
When you or your Authorized Users upload or otherwise submit Data on or through the Service, we require authentication of the sender and we establish a secure, encrypted connection to send such data to the Service.
The web-based portion of the Service is protected by industry standard firewalls, which limit non-essential connections and/or communications with devices outside of our network. Depending on your configuration, our Platform is hosted using Amazon AWS, Google’s cloud services, and other reputable providers, as well as through hybrid cloud services hosted on the service provider of you or your Authorized Users.
Data is stored inside physically secure data centers and is encrypted at rest. This means that it is stored on disk in the datacenter in encrypted form only. Such stored information can only be decrypted by software authorized by Aditazz. All Data is encrypted in transit between Aditazz’s servers and all public servers or client applications.
Data Security Technical Details
- All connections between Aditazz’s servers and Authorized Users are secured with TLS encryption and follow industry encryption in transit standards.
- We protect authentication tokens from other potentially malicious websites.
- We enforce HTTP Strict Transport Security and take measures to prevent cross-site scripting attacks.
- Data on disk is encrypted using 256-bit AES encryption.
Data Reliability and Control
Customer Data is backed up by Aditazz multiple times per day, and we maintain a trail of backups for approximately one (1) year. The foregoing practices minimize the likelihood that Customer Data will be accidentally lost. Backups are replicated across multiple, geographically dispersed data centers.
Upon termination of your account, we will delete your Data within a reasonable period of time after such termination in accordance with our data retention policies.
An important part of maintaining the security of your Data is being able to authenticate the identity of you and your Authorized Users upon the access of such Data. We identify you and your Authorized Users by email address, which you and your Authorized Users will be required to verify upon registration. You and your Authorized Users will also be required to set a password upon registration to protect your user accounts. Your and your Authorized Users’ passwords for accessing the Service are only stored in salted and hashed form in accordance with commercially reasonable industry practices.
What you can do
Despite all of our efforts described above, we will never be able to absolutely guarantee the security of your Data. You should always take every precaution available to help protect access to your account and ensure the security of your Data. Here are some suggested best practices for helping to keep your account secure:
- Use a strong, secure password for your account.
- Don’t reuse passwords from other sites.
- Don’t share your password with others, including Aditazz Inc. staff. Aditazz Inc. staff will never ask for your password.
- Avoid accessing Aditazz from any computer that is not administered by you or someone you trust.
- When accessing Aditazz from shared computers, be sure you logout when done.
- Report security issues/questions. If you have a question, or think you’ve found a problem, please report it to us by emailing.
- Aditazz will not be responsible for loss, damage, corruption, theft or unauthorized access of or to your Data that occurs despite Aditazz’s precautions described above.
Aditazz Inc. Security and Reliability Version 1.0, August 2017