Being a GDPR Compliant Company We Know
- Where your data is being held.
- Ensure you have rights to view, amend, export or delete any information that we have on your behalf.
- Ensure authorized access only
- Ensure that consent is given during the sign-up process and can be withdrawal any time.
Your Data Stored Securely. We follow the following Secure Methods
Patching- We have automated systems in place that monitor the versions and vulnerabilities in all the projects that power Capleo Global.
Encryption at rest-Our database has automatic encryption at rest, cloaking your data in another layer of protection.
CROSS SITE REQUEST FORGERY TOKENS-We verify CSRF tokens at every point possible to help ensure your data can’t be tampered with by malicious 3rd parties.
HTTP STRICT TRANSPORT SECURITY-Our application forces all requests over HTTPS, ensuring all traffic is secured in transit and protecting against protocol downgrade attacks.
Regular external pen tests-We test our own product regularly by hiring specialist security friendlies to attack us from the outside and in.
File Storage-Your uploaded files can only be accessed through Capleo Global, and team members can only get access to the files intended for them.
2 Factor Authentication-We support (and encourage) Capleo Global users to use our two-factor authentication mechanism for additional user account protection.
SSL/TLS-All traffic between Capleo Global and the user's browser is encrypted in transit. We support TLS exclusively and only utilizing strong cipher suites.
Third Party Security Audit-We are ISO 27001 certified company. So, we know the value of CIA(Confidentiality, Integrity and Availability). So, every year we undergo surveillance audits.
Customer Data Regulation-We never move user data out of the secured environment for testing or any other reason. Your data always stays where it’s put.