Security and Privacy
We want to ensure that system security and customer privacy are prioritized at every engineering process step. All employees must undergo security training and best practices for data handling.
ISO27001 shows our commitment towards a continuous effective build and improvement of our system and organization controls regarding security, privacy, availability, and confidentiality. This standard explains the extreme care we take to earn and maintain our users' trust in SmartyMeet, its systems, and its product.
SmartyMeet is committed to ensuring ongoing compliance with the General Data Protection Regulation (GDPR). At SmartyMeet, data security and privacy serve as the major pillars we work with. Consent is a key factor in ensuring the trust of our users
SmartyMeet s built on top of infrastructure and services that use industry-grade security standards. We encrypt your data at rest, including emails, calendar events, and other personally identifiable metadata.
Data - Encryption
Strict controls over data access
We use a 256-bit AES encryption in storage and a 256-bit SSL/TLS encryption in transit. Our database is hosted in a Virtual Private Cloud with AWS. AWS follows top IT security standards, including SOC 2 Type II, SOC 3, PCI-DSS certification, and ISO 27001.
Data - Availability
Uptime and logging
Our production environments have security logging, uptime monitoring, and system availability metrics of our core services. This helps our security team enforce automated monitoring and uptime.
Secure - Development
We implement coding best practices focused on the OWASP Top Ten
Development, testing, and production environments are separated. All code changes are peer-reviewed and tested prior to deployment into production.
Third - party Audits
In addition to our extensive internal scanning and testing program, we employ third-party security experts to perform penetration tests.