Security Statements
Keeping your data secure
Discover how we keep your data and files secure with state-of-the-art security practices.
Infrastructure
Our service is built on several cloud service providers, including Linode. These providers have robust security mechanisms to protect our infrastructure.
All communications are performed through end-to-end HTTPS encryption. We frequently and consistently review our SSL configuration and make appropriate updates in the unlikely case new SSL vulnerabilities are discovered.
Our inbound and outbound traffic is monitored and controlled using web application firewall, which also protects us from Distributed Denial of Service (DDoS) attacks.
Our servers are secured using Fail2Ban, Firewalls, and port-blocking software.
We use separate environments for testing and production.
Your data
Your data is hosted in Europe (Germany).
All our user data is encrypted at rest using AES 256-bit encryption algorithm.
If you want your files to be deleted please uninstall the app.
We does not share your data with anyone. If you decide to cancel your account, we make it easy for you to delete all your data.
Our API Access
We only required the API scopes
that are required for the product to work and we try to keep this as restrictive as possible. In case of DeskBase we only required read-access so we can never modified or delete your data.
How we keep your data secure
At DeskBase we value your privacy and the confidential nature of your information, so we take the following precautions:
We can't access your account unless you explicitly say we can.
Your files are encrypted both at rest and in transit.
Files are kept on an encrypted disk, separate from the main server.
Redundant protection against data loss
We regularly make backups of DeskBase’s databases, as well as full-disk images of DeskBase’s servers (excluding uploads). These backups are saved and encrypted on storage services off-site, then systematically tested for integrity.
Your Credit Card Data is Safe
Your credit card data is never stored on our servers. Payments are handle 100% trough Atlassian.
People
We require all employees and freelancers to sign a confidentiality agreement and comply with our cybersecurity policy.
By default, our employees and freelancers don't have access to user data. Exceptions can be made for customer support.
Reporting Incidents
Please send urgent and/or sensitive security reports directly to support@deskbase.io Please let us know how we can securely contact you.