Security Policy Overview
We understand the importance of data security for our clients. The Company employs procedural and technological measures that are reasonably designed to help protect the data clients upload to their account (portal) from loss, unauthorized access, disclosure, alteration or destruction. The Company may use encryption, secure socket layer, firewall, password protection and other physical security measures to help prevent unauthorized access to the clients data. The Company may also place internal restrictions on who in the company may access data to help prevent unauthorized access. Below, you will find the details related to data security the Company implements.
Hosting Facilities
The Company uses high-quality secure hosting facilities that provide multiple levels of Data Center protection and reliability measures. This includes multi-redundant network connections, physical access control, surveillance cameras, access with electronic keys, modern fire alarm systems, etc. Our hosting partners ensure minimum 99% of the network availability.
You can familiarize yourself with the list of our hosting providers at the Trust page.
Data Security
User data is protected with strong SSL encryption, so it cannot be intercepted by third parties.
Note: If a Client configures a custom domain name for their Portal, they are responsible for acquiring and installing an SSL certificate for their custom domain name. Without installing an SSL certificate for your custom domain, your data will be transferred over the Internet without encryption. Our Support Team will be happy to assist with applying a custom SSL certificate - contact support@clickhelp.com with any questions.
Data Isolation
Our infrastructure is built in a way when the data of different clients is stored in isolated containers. Every documentation portal uses its own container for data storage, and this container is never shared among accounts. This means that one client cannot access data of another client even by mistake or due to software issue.
Account Access Security
Account access is protected with a password both for Authors and Power Readers. The system enforces all users to specify a password that contains 5 or more characters to avoid passwords that are easy to guess. We also recommend using strong passwords that consist of lower and upper case letters, numbers and special symbols. Customers are responsible for maintaining the security of their own login information.
Passwords are not stored in plain text anywhere. All passwords are stored in a hashed form that makes it impossible to decrypt them.
During the login process, the password and the user name are transferred over the network in an SSL-encrypted form. When a Client uses a custom domain name for their portal, the Client is responsible for installing a custom SSL certificate to protect the login process.
Data Usage and Ownership
All Clients own the data they upload to their documentation portal, and are responsible for the content licensing.
The Company does not share Clients data with third parties, does not sell it. The Company may only use the Client portal data internally for technical support and product improvement purposes.
Payment data is not stored or processed by the Company. All payments are handled by our payment processing and eCommerce partners.
Data Backups
Portal database backups are performed automatically on a daily basis. All data backups are encrypted with a 192-bit key, this ensures total safety of customer data. The system stores five latest backups.
This document was last updated on March 26, 2020