At Docupilot, we prioritize the security and confidentiality of your data. Our commitment to security is demonstrated through our adherence to industry-standard security measures and our efforts to achieve compliance with multiple regulatory frameworks.
Data Security Measures
- Encryption: We ensure that all data is encrypted in transit and at rest.
- Secure Development: Our Software Development Life Cycle incorporates rigorous code review standards, segregated environments, and automated testing to ensure the integrity and confidentiality of our service.
Data Center and Network Security
- Cloud Infrastructure: Our services operate on a secure cloud infrastructure, provisioned by AWS, ensuring full redundancy and robust disaster recovery protocols. We employ strict firewall rules, continuous monitoring, and limited access controls.
- Access Control: Strict access controls and policies limit data access, with specific provisions for severe incidents. Our team undergoes regular security training and adheres to strict confidentiality agreements.
- Reliability and Service Level Agreements (SLAs): We ensure high service availability with multiple redundancies and daily data backups. Our historical uptime exceeds 99.9%, and we maintain rigorous incident response and disaster recovery protocols. Service status can be accessed here: https://status.docupilot.app/
Compliance and Certifications
- SOC 2 Type II Certification: Docupilot is in the process of obtaining SOC 2 Type II certification, ensuring consistent and reliable safeguards for customer data.
- ISO 27001 Certification: We are also pursuing ISO 27001 certification, affirming our dedication to effective information security management.
- GDPR, HIPAA, and Data Privacy: We are committed to GDPR and HIPAA compliance, ensuring stringent data privacy and security measures.
Your role in Security
- Strong Passwords: Create robust, unique passwords and update them regularly.
- Vigilance and Awareness: Stay informed about the latest data security practices and be cautious of phishing attempts and suspicious communications.
- Secure Access: Always access Docupilot services exclusively via the official docupilot.app domain. Avoid using unverified or third-party domains.
- Report Suspicious Activities: If you notice any unusual activity or suspect a security issue, please contact us immediately at email@example.com.
Together, we can ensure a safer and more secure environment for everyone.
Transparency and Reporting
- Reporting Vulnerabilities: To report a potential vulnerability or for any security-related inquiries, contact our security team at firstname.lastname@example.org
Please note that we do not currently have a bug bounty program or provide compensation for reports.
Docupilot is dedicated to maintaining the highest standards of data security and privacy, continually enhancing our practices to protect and secure your data.