Your Data Security with Causey: Our Commitment
We deeply value the trust you place in us, and we take the security of your personal and organizational data very seriously. Here’s how we ensure the utmost protection:
1. Transmission and Storage
- Secure Data Transmission: All data exchanged with Causey is transmitted over secure channels using SSL (Secure Sockets Layer).
- World-Class Hosting: We trust Amazon Web Services (AWS) and Render for secure database and web application hosting.
- Redundancy: All user data is primarily stored in AWS databases in Oregon, USA, and is redundantly backed up nightly in the Virginia region. Furthermore, for cross-infrastructure assurance, we initiate a monthly manual backup stored on Google's cloud infrastructure.
2. Best-in-Class Payment Security
Our partnership with Stripe ensures that all your credit card information is processed securely. Not a bit of this data touches our servers, and Stripe's certification to PCI Service Provider Level 1 stands as a testament to their robust security. You can learn more on Stripe's website.
3. Password Protection
User-set passwords are encrypted at rest using a robust hashing algorithm (argon2). We have stringint password requirements (at least two characters and avoiding dictionary-based password). We never store passwords in plain text and ensure our hashing and password requirement approach aligns with the best industry practices.
4. Data Management
- Expunging Data: If you ever decide to leave Causey, we respect your data rights. Upon request , we'll expunge your data from our systems and third-party partners within 60 days. Email help at causey dot app to start that process.
- Retention: Data backups are retained for a minimum of 30 days to a maximum of 2 years.
5. IT and Internal Protocols
- Our team relies on Google Workspace Business Apps for various operations, and we prioritize security by enforcing multi-factor authentication (MFA).
- Every service or vendor we consider is vetted using an approval process for security.
6. Continuous Monitoring and Audits
- We are proactive: Our team conducts regular code checks for outdated or insecure dependencies, utilizes static code analysis to identify potential vulnerabilities, and monitors our systems for anomalies.
7. Legal Documents
For detailed information on our terms and how we handle data, please see our Privacy Policy and Terms of Service.
The above information is provided for transparency and is not intended to form a binding contract or guarantee. While we strive to ensure the utmost security for your data, no system is infallible. We recommend users maintain their own backups and employ good security practices in their interactions online. Always consult our official Terms of Service and Privacy Policy for definitive information on how we handle and protect data.