Secure by Design

Protecting your data is our job. Our platform runs 100% on the world's leading cloud provider and we pride to partner with Microsoft Azure to ensure your data is always available and always secure.

Some of the ways we make it secure

  • ISO 27001 & SOC 2

    We are proud to be ISO 27001 and SOC 2 type 2 certified. Along with our vendors and partners such as Microsoft Azure, we strive to adhere to the most strict policies and demonstrate continuous and constant improvements in all our processes and people.

  • Privacy Compliance

    Every country and region enforce strong regulations around privacy and we do our best to support our customers in ensuring that those regulations are met.

  • Monitoring & Logs

    With 3 levels of activity and session logs, as well as internal and external monitoring we are always the first to know when and what happened. 

  • Secure Development

    Our engineering and development team follows a secure software development practice in each phase of the development lifecycle; training, design, implementation, verification, release and response.

  • Continuous Training

    Training our teams is the best way to ensure that we continue to provide the best service and secure our resources and your data.

  • Encryption At-Rest

    Transparent Data Encryption (TDE) does real-time I/O encryption and decryption of data and log files in our databases.  

  • Encryption In-Transit

    All communication to and from servers, database, and client are TLS 1.2 and higher encrypted using private and public certificates.  

  • Penetration Testing

    On demand and at least once a year, we perform penetration testing where a team of ethical hackers and our own engineers attempt to gain access to secured resources.  

  • Vulnerability Testing

    We perform automated vulnerability testing each and every month using a third party service. We support a transparent policy of communicating results to our customers and partners.

  • High Availability

    Your data is stored in multiple databases simultaneously and it is backed up daily with history up to 35 days and long term retention of 3 months.

azure logo

Microsoft Azure

Your data is safely stored in data centers in the region nearest to you,
maintained and monitored by Microsoft, the leading global hosting and infrastructure provider.

Data Center Locations

Your data is placed in the region of your choice among the following: USA, Ireland, UK,
Netherlands, France, Canada, and Australia with mirror data centers in the same region.

secure worldmap datacenter

Certificates & Compliance

ClicData is ISO27001 and SOC 2 certified and with our partner Microsoft Azure we ensure the
highest adherence to compliance and regulatory standards to HIPAA, GDPR and WCAG.

clicdata_support_trust-center-ISO-27001-certified
gdpr
clicdata_support_trust-center-AICPA-SOC-certified
clicdata_support_trust-center-HIPAA-certified
wcag

Secured Payments

ClicData is audited by SecurityMetrics and consistently passes all relevant certifications (PCI DSS) regarding the use of Payment Cards in ClicData.
We do not store your payment information in ClicData and rely on Braintree, a PayPal company for the processing and storage of all payment information.

clicdata_trust-center-PCI_DSS_Validated
clicdata_trust-center-Credit_Card_Safe
company-trustcenter-braintree

Frequently Asked questions

Are you HIPAA compliant?

Yes we are. 

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) required the Secretary of the U.S. Department of Health and Human Services (HHS) to develop regulations protecting the privacy and security of certain health information.

By law, the HIPAA Privacy Rule applies only to covered entities – health plans, health care clearinghouses, and certain health care providers. However, most health care providers and health plans do not carry out all of their health care activities and functions by themselves and they may want to use ClicData to store and process covered data (ePHI).

ClicData can be considered to be a Business Associate of your company if you chose to store and process such data in our application.  If you do, please contact us at compliance@clicdata.com to initiate and sign a Business Associate Agreement

Are you GDPR compliant?

Yes we are.  

The General Data Protection Regulation is a Regulation in EU law on data protection and privacy in the EU and the European Economic Area. The GDPR is an important component of EU privacy law and of human rights law.

Brazil's Lei Geral de Proteçao de Dados (LGPD), the California Consumer Privacy Act, the Canadian Consumer Privacy Protection Act, the Australia’s Privacy Act  and many others follow a similar regulation for which GDPR can be a strong basis and in some cases supersedes the requirements of other acts and regulations.

If you are storing Personal Identifiable Data (PID) in ClicData, we act as a Data Processor and we can define a Data Processing Agreement (DPA) between our companies.  Please contact compliance@clicdata.com for more information. 

 

Are you ISO 27001 and/or SOC certified?

Yes we are.  Both ClicData and our partners are ISO27001 and SOC 2 certified.  

We pride in our continuous improvement Trust Center program that ensures that our employees, partners and vendors support us and our customers in ensuring a safe and secure platform.

Please contact compliance@clicdata.com for more information or to obtain access to our certificates and reports.

How do I contact your Data Protection Officer?

Please use the email address compliance@clicdata.com to reach our Data Protection Officer (DPO) for all enquiries related to your personal data or other requests related to data privacy.

Is ClicData WCAG compliant?

The Web Content Accessibility Guidelines (WCAG) provide a framework for making web content more accessible for people with disabilities. Compliance is measured in a variety of ways and differently from module to module.  Additionally, compliance also affects content that users create using our design for which we have no control.

We perform automated and manual testing of our platform to identify areas that require improvements and we continuously add development requests to increase the accessibility of our platform.

Please contact our compliance team at compliance@clicdata.com to obtain the latest WCAG audit report.