terms and policies

security practicies

Introduction

Protect your information is our highest priority.
We adhere to industry standards for protecting your data, securing our web application, and processing all your transactions. We’ve created policies across our entire organization to ensure that Scoutfy offers the highest level of security.
Our architecture provides a very strong foundation for security of user identifiable information, with a combination of strong encryption and application security features designed to ensure that common web application security attacks are far less likely to have a negative impact.

Corporate Security Policies & Procedures

Scoutfy’s employees information access
Every Scoutfy employee (“Scouter”) signs a Data Access Policy that binds them to the terms of our data confidentiality policies, available at scoutfy.com/terms and scoutfy.com/privacy. Access rights are based on employee’s job function and role.

Security in our software development life cycle
Scoutfy uses the Git revision control system. Changes to Scoutfy’s code base go through an automated testing system and a round of manual review process. When code changes pass the validation procedure, the changes are first pushed to a standing server where Scouters are able to test changes before an eventual push to production servers and our users base. We also add a specific security review for particularly sensitive changes and features.

Bank-Level Security

State-of-the-Art Technology - Encrypted Transactions
Your transmitted data is kept safe using the highest encryption standards available, including 256-bit SSL encryption and  high-grade TLS and multilayered encryption at rest with AES-128.This is the same technology that banks use to keep your account information safe. All account information you provide, including passwords and personal details, is protected using this technology.

High Availability Infrastructure
We are committed to making Scoutfy consistently available for our users. We use state-of-the-art backup and firewall technology to ensure that your information is always available, no matter what happens. Our system stores backups in multiple secure locations and is updated throughout the day, every day.

Product Features

Administrator Management Features

Creating and Managing Institutional Account
In order to create and manage an Institutional Account, the user must have an institutional email of the Organization and submit complete personal data in the profile to be verified.

User Management
Administrators can manage their users and members' freedom of access, defining which functions they can access, edit and visualize.

User Features - Privacy, Visibility and Sharing Settings
Scoutfy ensures that the users are in control of who has access to their information, and that only parties who are specifically granted access by the user will be able to see their information. We offer the flexibility to determine who can access different categories of data.

Data Center Security

Our data centers maintains several layers of security, including biometric scanning for controlled access, as well as keycard, retina scan and other controls for access. Security cameras monitor all locations 24/7/365 and there are onsite staff to protect.

Google Cloud
As a cloud pioneer, Google fully understands the security implications of the cloud model. Our cloud services are designed to deliver better security than many traditional on-premises solutions. We make security a priority to protect our own operations, but because Google runs on the same infrastructure that we make available to our customers, your organization can directly benefit from these protections - Encryption at Rest, Encryption in Transit and Application Layer Transport Security.

Azure - Microsoft
Azure cloud computing platform has been certified ISO 27018-compliant by the British Standards Institution (BSI), a first for the industry. The testing and certification group found that Microsoft's cloud incorporates controls that are aligned to the ISO/IEC 27018 code of practice for the protection of personally identifiable information (PII) in public clouds acting as PII processors.
For more information on Amazon security processes, visit:
http://azure.microsoft.com/en-in/support/trust-center/security/

Amazon
Amazon employs a robust physical security program with multiple certifications, including an SSAE 16 certification. For more information on Amazon security processes, visit: aws.amazon.com/security.

Privacy

Privacy Policy
Scoutfy’s privacy policy describes how we handle layers of access, user data sharing and data input into the Platform. For more information, visit Privacy Policy.

International Standards and Compliance
We are applying a huge effort to comply with the most reliable and international health standards, such as HIPA Compliance (USA) and EU-US and Swiss-US Safe Harbor (“Safe Harbor”) frameworks and principles.

Want to report a security concern?

Email us at  guidance@scoutfy.com , with the email subject: Security Concern.

terms of service

updating

...
...

privacy policy

updating

...
...