Data privacy means making sure that your client's data, as well as your employees' data, is safe and private.
Keeping your client’s data private is DataSnippers highest priority. DataSnippers intelligent audit platform is running locally, all data is stored in Excel Workbooks. Therefore, DataSnipper is secured through the configurations of your Microsoft Excel and your organization's document management systems. None of your client’s data is shared with DataSnipper servers.
Optionally, users are able to leverage Azure Text Recognition, to read text from scans and images. All traffic between Azure and the user is fully authenticated and TLS-encrypted. All Data is deleted within 24 hours. For more information read the full article from Microsoft: Data, privacy, and security for OCR.
By default, DataSnipper collects limited call-to-home data and anonymized user metrics. This ensures the stability and performance of the DataSnipper applications. This data is aggregated and removed over time and is not traceable to any specific person. All data is stored with encryption on ISO 27001 certified Azure servers in the Netherlands.
Application Security means making sure every component of the system is secure, for example, application code, databases, configurations, and third-party libraries. DataSnipper has developed a robust set of processes to guarantee secure environments.
Application security is a team effort. When developing DataSnipper applications, security is DataSnippers top priority. DataSnippers team of developers consistently carries out code reviews to ensure that only high-quality secure code makes its way into our product. DataSnipper teams run many manual and automated tests that check the security of potential weak points like Remote Code Execution, SQL injections, cross-site scripting, session and authentication weaknesses, and much more. In addition, we carry out regular penetration tests.
Application Availability is about making sure the DataSnipper application and servers run continuously.
DataSnipper is a local application and it keeps working without an internet connection. If any issue arises it can always be solved by reinstalling a stable version of DataSnipper or the operating system. During development, every code change is tested against a large set of unit and static tests, and is only merged after approval from a senior developer. Before every release, DataSnipper QA team performs a wide range of security, functionality, and availability tests to ensure the quality of our applications.
Backups are created daily and available for a limited time, always fully encrypted. DataSnippers development team and 3rd parties carry out regular disaster recovery and security tests on DataSnipper applications and infrastructure to ensure continuity of the operations.
For any questions regarding information security at DataSnipper, please reach out to our security team at firstname.lastname@example.org