Legal

Security Policy

1. Overview

Protecting our customer data is a key value at Sleekplan. We pride ourselves on ensuring that your data is always maintained in a safe and trustworthy environment. We understand the importance of safeguarding your data.

Sleekplan takes your security and the security of your website visitors very seriously. We implemented security best-practices at every level. We constantly improve our services and processes to protect your data and update this document accordingly. The following is an overview of the main areas of our privacy and security protocols.

2. Data privacy

  1. GDPR compliant: Sleekplan and all our third-party providers are compliant with the EU’s General Data Protection Regulation.

  2. Credit cards: Sleekplan does not process or store any credit card details belonging to you or your customers. Your card details are never transmitted through or stored on Sleekplan’s infrastructure.

  3. Passwords: Your password is encrypted and never stored in our database in a readable/unencrypted format. You are responsible for choosing a strong password and keeping it secret. Two-factor authentication is available to all Sleekplan users and we strongly recommended enabling it on your account for an additional layer of security.

3. Data access

At Sleekplan, all new hires, regardless of role, are trained on up-to-date security policies and industry standards.

Your data is your property and will never be sold to third parties. We will only access your Sleekplan account with your permission, in the case of suspicious account activity or if we suspect the Sleekplan terms of service are being violated. All employee access to your data is monitored, persisted, and reviewed continuously.

5. Application security

  1. Encryption in Transit: Data sessions are always protected with TLS protocols and 2,048-bit keys.

    1. Crafting security: Sleekplan considers security during all phases of our software development lifecycle from product ideation to deployment and release. We run automated and manual code analysis and use industry best practices to ensure the highest standards of quality for our services.

  2. Incident policy: Incidents are handled through well-defined and documented process to ensure we do the right things right. We run post-mortems on each incident we experience, in order to prevent such incidents from happening again, and to learn.

6. Resiliency and availability

  1. 99.9% Uptime: Sleekplan's availability consistently exceeds 99.9%. Customer data is backed up to replicas with additional backup snapshots.

  2. 24x7 Monitoring: Our engineering team monitors application, software, and infrastructure behavior through industry-established services that are highly reliable and compliant.

  3. Fault tolerance: Sleekplan provides multiple failover instances to prevent outages due to single points of failure.

7. Data centers and network

Our data center providers maintain ISO 27001, SOC2, along with other certifications. Network attacks are prevented through monitoring and controlled network-level firewalling.