menu

Security

Data Centers

Dedupely’s app infrastructure is exclusively hosted on the Google Cloud platform within a U.S. region. We strictly prohibit database access from leaving Google Cloud to ensure your data is kept private and doesn’t pass through other networks.

Google Cloud complies with the following security standards ISO 27001, SOC 2, PCI DSS and more that be found on their compliance page.

Data Encryption

All of your data is encrypted both on-disk and over network transfers in the backend. All of your interactions with Dedupely, on home page, dashboard, or anywhere else under our domain is secured with SSL (TLS 1.2+).

Security Audits

We run automated security audits on each package and new piece of code that’s pushed to the live site. If an automated code audit fails, the code is not allowed into production until it’s been fixed.

Automated container scanning makes us instantly aware of vulnerabilities that require attention on each build.

Our website undergoes more than 9,000 various security tests on a daily basis checking for malware, reported vulnerabilities, OWASP Top 10 and more.

We are instantly notified on code bugs, downtime, crashes, and what goes on in our cloud.

An overview of our audits include but are not limited to:

  • SSL Labs
  • NPM Audit
  • Docker container vulnerability scans
  • Website security scan by 3rd party vendors
  • WordPress security scan and vulnerability scan

Subprocessors & Third Party Apps

We work with third-party apps, integrations and services that are GDPR compliant and have a well established reputation in the industry.

Dedupely sends a newsletter when a there is a change or addition of subprocessors that handles personal data of our customers’ data.

You can see our list of subprocessors here.

Best Practices

Our technical team follows industry standard best practices to avoid every attack possible. This includes database injection attacks, DDOS attacks, brute force logins, cross site scripting. We’ve gone above and beyond to ensure we cover every aspect of our technical security.

Team Security

We keep audit logs regarding what each individual team member has accessed. We also keep logs to track bugs on both the front and backend.

Our team is trained on privacy measures to take on a daily basis, GDPR guidelines and data privacy.

We provide our team members secured emails accounts, cloud drives and communication channels to keep Dedupely data all in one place.

Vulnerability Disclosure

By law we are required to report data breaches, vulnerabilities and security issues to the customers that were affected by the breach.

If a security breach is reported to us we will investigate the affected parties and contact them within one business day via email.

More Information

If you want to learn more about our security procedures or have a question please email us.