We value your security and privacy

At Cheqroom, we prioritize the security and privacy of your data. We understand how important our security measures and practices are to you. While we can't share all the details to prevent potential threats, we want to assure you that we take great care in protecting your data.

Compliance

At Cheqroom, our priority is to keep your data safe.

SOCII

SOC2 Type 1

We are SOC2 Type 1 compliant, demonstrating its strong dedication to protecting user data. This certification validates the implementation of robust controls to ensure the confidentiality, integrity, and availability of information within the asset management platform.

Gdpr

GDPR

We are proud to be GDPR compliant, ensuring the protection of your personal data and respecting your privacy. By adhering to GDPR regulations, we prioritize maintaining the highest standards of data security and transparency for our users.

Pci dss

PCI-DSS

We prioritize the security of your sensitive billing information. The vendors we work with are PCI-DSS compliant and do not store any sensitive billing data, ensuring the secure handling of your payment details and protecting your privacy.

Security

When it comes to security, we prioritize keeping your data safe at Cheqroom.

SSO & MFA

Single Sign-On (SSO) allows you to authenticate users in your own systems without requiring them to enter additional login credentials.

Permissions

You can control user access to specific features by creating roles with customizable permissions. These roles can have different access levels for different sets of features.

Data hosting & storage

Cheqroom services and data are hosted in Amazon Web Services (AWS) facilities located in the USA. The AWS data centers provide high levels of security, scalability, and reliability for Cheqroom services.

Isolated data architecture

Each customer accesses the application through a dedicated database, ensuring complete data isolation. This security best practice minimizes the impact of potential exploits, reinforcing the privacy of each customer's data with separate databases.

Data encryption

Cheqroom ensures the secure transmission of data by employing 256-bit encryption for all information exchanged. Our API and application endpoints exclusively utilize TLS/SSL, receiving an "A+" rating on Qualys SSL Labs' assessments. Cheqroom enforces robust cipher suites and the implementation of features like HSTS and Perfect Forward Secrecy. Additionally, data is safeguarded at rest through the industry-standard AES-256 encryption algorithm.

Backup & disaster recovery

We take backups of our database every 6 hours with point-in-time recovery so that we can quickly recover in case of a disaster. In addition, we store our backups at geographically separated sites so that we can recover even in case of a larger-scale natural disaster. In case of a disaster, Cheqroom has an extensive Business Continuity and Disaster Recovery Plan and yearly tabletop exercises. Cheqroom’s Recovery Time Objective (RTO) for disasters is 48 hours.

Uptime

Cheqroom typically reaches an uptime of 99.9% or higher. You can check our past month's stats at https://status.cheqroom.com.

Penetration tests

Once a year, we engage third-party security experts to perform detailed penetration tests on the Cheqroom application and infrastructure.

Security incident response

Our incident response program addresses events that cause disruptions to the quality of our service. This includes defined escalation paths and engaging the appropriate teams to investigate, communicate, and remediate the incident.

Code validation & security testing

Our source code is validated on a security level before rolling them out in a production environment. We perform multiple iterations of security tests for each major release, enforcing confidentiality, integrity, and availability.

Policies & training

All our team members complete yearly Security Awareness trainings. We have also developed a comprehensive set of security policies covering a range of topics. These policies are updated frequently and shared with all employees.

Privacy

Our privacy program is designed to collaborate closely with customers and vendors, ensuring that we collectively meet the highest standards of privacy compliance.

How we handle your data

At Cheqroom, protecting your privacy is of utmost importance to us. We collect your information to ensure that your experience with our website and services is secure and personalized to meet your needs. We handle your data responsibly, in accordance with your consent and our commitment to providing a high-quality service. Furthermore, we never sell your data to any third party.

Data governance

We are committed to data governance in order to keep our users' data secure, private, accurate, and accessible. Data governance refers to the policies and procedures that govern how data is acquired and used throughout its lifecycle, from creation and collection to processing, distribution, storage, and deletion.

Call to action - light grey

Want to know how Cheqroom can help you?