Secure by Design

Protecting your data is our job. Our platform runs 100% on the world's leading cloud provider and we pride to partner with Microsoft Azure to ensure your data is always available and always secure.

Some of the ways we make it secure

ISO 27001 & SOC 2

We are proud to be ISO 27001:2022 and ISO 27001:2019, and SOC 2 type 2 certified. Along with our vendors and partners such as Microsoft Azure, we strive to adhere to the most strict policies and demonstrate continuous and constant improvements in all our processes and people.
Privacy Compliance

Every country and region enforce strong regulations around privacy and we do our best to support our customers in ensuring that those regulations are met.
Monitoring & Logs

With 3 levels of activity and session logs, as well as internal and external monitoring we are always the first to know when and what happened.
Secure Development

Our engineering and development team follows a secure software development practice in each phase of the development lifecycle; training, design, implementation, verification, release and response.
Continuous Training

Training our teams is the best way to ensure that we continue to provide the best service and secure our resources and your data.

Encryption At-Rest

Transparent Data Encryption (TDE) does real-time I/O encryption and decryption of data and log files in our databases.
Encryption In-Transit

All communication to and from servers, database, and client are TLS 1.2 and higher encrypted using private and public certificates.
Penetration Testing

On demand and at least once a year, we perform penetration testing where a team of ethical hackers and our own engineers attempt to gain access to secured resources.
Vulnerability Testing

We perform automated vulnerability testing each and every month using a third party service. We support a transparent policy of communicating results to our customers and partners.
High Availability

Your data is stored in multiple databases simultaneously and it is backed up daily with history up to 35 days and long term retention of 3 months.

Microsoft Azure

Your data is safely stored in data centers in the region nearest to you,
maintained and monitored by Microsoft, the leading global hosting and infrastructure provider.

Data Center Locations

Your data is placed in the region of your choice among the following: USA, Ireland, UK,
Netherlands, France, Canada, and Australia with mirror data centers in the same region.

Certificates & Compliance

ClicData is ISO27001 and SOC 2 certified and with our partner Microsoft Azure we ensure the
highest adherence to compliance and regulatory standards to HIPAA, GDPR and WCAG.

clicdata_support_trust-center-HIPAA-certified

Secured Payments

ClicData is audited by SecurityMetrics and consistently passes all relevant certifications (PCI DSS) regarding the use of Payment Cards in ClicData.
We do not store your payment information in ClicData and rely on Braintree, a PayPal company for the processing and storage of all payment information.

Frequently Asked questions

Are you HIPAA compliant?

Yes we are.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) required the Secretary of the U.S. Department of Health and Human Services (HHS) to develop regulations protecting the privacy and security of certain health information.

By law, the HIPAA Privacy Rule applies only to covered entities – health plans, health care clearinghouses, and certain health care providers. However, most health care providers and health plans do not carry out all of their health care activities and functions by themselves and they may want to use ClicData to store and process covered data (ePHI).

ClicData can be considered to be a Business Associate of your company if you chose to store and process such data in our application. If you do, please contact us at compliance@clicdata.com to initiate and sign a Business Associate Agreement.

Are you GDPR compliant?

Yes we are.

The General Data Protection Regulation is a Regulation in EU law on data protection and privacy in the EU and the European Economic Area. The GDPR is an important component of EU privacy law and of human rights law.

Brazil's Lei Geral de Proteçao de Dados (LGPD), the California Consumer Privacy Act, the Canadian Consumer Privacy Protection Act, the Australia’s Privacy Act and many others follow a similar regulation for which GDPR can be a strong basis and in some cases supersedes the requirements of other acts and regulations.

If you are storing Personal Identifiable Data (PID) in ClicData, we act as a Data Processor and we can define a Data Processing Agreement (DPA) between our companies. Please contact compliance@clicdata.com for more information.

Are you ISO 27001 and/or SOC certified?

How do I contact your Data Protection Officer?

Is ClicData WCAG compliant?

The Web Content Accessibility Guidelines (WCAG) provide a framework for making web content more accessible for people with disabilities. Compliance is measured in a variety of ways and differently from module to module. Additionally, compliance also affects content that users create using our design for which we have no control.

We perform automated and manual testing of our platform to identify areas that require improvements and we continuously add development requests to increase the accessibility of our platform.

Please contact our compliance team at compliance@clicdata.com to obtain the latest WCAG audit report.

Secure by Design

Some of the ways we make it secure

ISO 27001 & SOC 2

Privacy Compliance

Monitoring & Logs

Secure Development

Continuous Training

Encryption At-Rest

Encryption In-Transit

Penetration Testing

Vulnerability Testing

High Availability

Microsoft Azure

Data Center Locations

Certificates & Compliance

Secured Payments

Frequently Asked questions

Give ClicData a try with your own data

contact@clicdata.com