To further guarantee our GDPR compliance, our team maintains an internal record of data processing activities to document how we process personal data for each of our products.
tl;dv hosts its software in Google Cloud Platform and Amazon Web Services (AWS) facilities. Google and AWS data centers are certified as ISO 27001, PCI DSS Service Provider Level 1, and/or SOC 1 and 2 compliant.
tl;dv’s database is located in a Virtual Private Cloud (VPC) with Google and protected by restricted security groups. Only the minimal required communication to and between the servers is allowed.
tl;dv follows coding best practices focused on the OWASP Top Ten. Web application architecture and implementation are built in NodeJS.
tl;dv regularly scans production infrastructure, applications, and networks for vulnerabilities using off-the-shelf tools to identify potential vulnerabilities.
Single Sign-On (SSO) allows you to authenticate users in your own systems without requiring them to enter additional login credentials.
All connections to tl;dv are encrypted using SSL, and any attempt to connect over HTTP is redirected to HTTPS.
We use industry-standard PostgreSQL, and Mongo DB data storage systems hosted at Google and/or by the respective vendors.
Code development follows a standardized process. All code changes are reviewed for security and extensively tested prior to deployment into production. tl;dv development and testing environments are separate from the production environment.
Vulnerability Disclosure: Your privacy & security is of the highest importance to us. If you have discovered a privacy or security issue that we should address, please always let us know at [email protected]. Our security team will respond within 24 hours.