Security

Trust starts with security. Learn about the security measures we take to protect your data.

Diego Wyllie avatar
Written by Diego Wyllie
Updated over a week ago

Trust starts with security. That's why every one of us here at TrackingTime is dedicated to protecting your company data against unauthorized usage. This includes not only compliance with US and European data privacy laws, but also responsible usage of application data, and strict adherence to our company's privacy policy.

Secure Hosting

TrackingTime's cloud-based application is hosted on Amazon Web Services (AWS), the internationally leading cloud vendor used by popular online services such as Netflix, Airbnb, Slack and many more. Each subscriber's TrackingTime applications are physically located on a server in one of Amazon's data centers in different regions across the United States. Amazon provides power, hardware, network and the highest on-site security standards for data centers. You can learn more about security at Amazon Web Services here.

Together with our DevOps partner, Nubity, we're responsible for provisioning, monitoring, and managing our servers on Amazon's cloud platform and for providing technical support to TrackingTime customers. The underlying infrastructure for our cloud application is only accessible via an encrypted SSL connection, our servers are protected behind state-of-the-art firewall technology, and all customer data is backed-up on a daily basis. 

Data Storage and Backups

The TrackingTime cloud platform is built on top of enterprise-class Java technologies, the same used by the most prestigious e-commerce platforms and online banks around the world. The frontend application itself runs on a separate hardware node than that on which the data is securely stored. Your account data is physically protected in  data center facilities managed by AWS engineers and safeguarded by redundant systems. Application database backups for TrackingTime are performed daily and retained for 14 days. Off-site backups occur every four weeks.

Data Encryption

All communications between client applications (i.e. the web, desktop and mobile TrackingTime apps used by our customers) and the backend servers are encrypted using SSL and protected by a robust firewall system designed by security experts at the Apache Software Foundation. Furthermore, all user passwords are cryptographically hashed using state-of-the-art algorithms (SHA-256).

Payments

All payments are securely processed by Stripe, our payments provider, in accordance with PCI Data Security Standards. Stripe handles billions of dollars in payment transactions every year and is used by leading internet companies such as Twitter, Shopify, Slack and many more.

When you subscribe to one of our premium plans, Stripe handles all sensitive data for us. Your credit card information is never stored on our servers. We don't even touch it during the subscription process. Your card information is processed by the Stripe payment form, which we just display within our app, and sent to Stripe using an  encrypted SSL connection (HTTPS). You'll notice the "Powered by Stripe" on the payment screen.

You can learn more about security at Stripe on their website.

Privacy

You own your data, and we're committed to protecting your privacy. Our Privacy Policy explains what information we collect about you and why, what we do with that information, how we share it, and how we handle the content you place in our software.

Did this answer your question?