Introduction
Security is an important part of the SanctionsCheck.co platform and we take it very seriously.
We use appropriate technical and organisational security measures to protect any personal information we process about visitors to our application against unauthorised access, disclosure, alteration, and destruction. However, please note that no Internet transmission can ever be guaranteed to be 100% secure, so we encourage you to take care when disclosing personal information online and to use readily available tools such as Internet firewalls, secure e-mail and similar technologies to protect yourself online.
Encryption
Sensitive and private data exchange between the Site and its Users happens over an SSL secured communication channel and is encrypted and protected with digital signatures.
Our platform is built using industry-standard encryption such as encrypting data at rest using AES-256 bit encryption and data in transit using TLS 1.2.
In addition to data being encrypted, passwords are hashed using BCrypt.
Cloud Infrastructure
SanctionsCheck.co is hosted on cloud infrastructure from Amazon Web Services. We perform continuous backups and retain daily snapshots. The app is hosted in Oregon in multiple availability zones with Disaster Recovery systems in Ohio.
Breach Disclosure
In case of an unauthorized security intrusion that materially affects you or your users within SanctionsCheck.co, SanctionsCheck.co will notify you as soon as possible and report the action we took in response.
At present, SanctionsCheck.co has not had any data breaches or security incidents.
Penetration Testing
Penetration testing is regularly performed on SanctionsCheck.co’s Systems. These reports from these pentration tests available to customers on request. SanctionsCheck.co also uses a variety of tools to monitor the running applications, code, and infrastructure continually.
Security Training
All SanctionsCheck.co staff are required to perform Security Training. All employees are anually assessed for their Security Training and receive additional training as required.
Payment Details
SanctionsCheck.co uses Stripe to process our credit card payments and no credit card details are stored on our servers. Stripe has been audited by a PCI-certified auditor, and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available.
Contacting Us
If you have any questions about SanctionsCheck.co’s security, please contact our security team at [email protected].