Security

Effective date: March 8, 2016

We Protect Your Data

At HotGloo we care deeply about the protection of our users’ data and we’ve looked closely at how to ensure that we remain compliant with evolving European law regarding the transfers of European personal data. HotGloo and its affiliates provide proven industry-standard security for all customer data in HotGloo. We work to provide superior technologies and best practices to security, as well as partner with reputable enterprises that uphold the same value standards. With HotGloo you can be sure your data will be as safe and secure as possible.


Physical Security

HotGloo works with Digitalocean, a globally recognized service provider that delivers Cloud and Managed Hosting Solutions. In compliance with the Safe Harbor agreement HotGloo chose their server base to be located in Frankfurt, Germany. Digitalocean adheres to the following information security and related certifications and standards:

  • ISO9001:2008
  • ISO27001:2005
  • ISO22301:2012
  • Safe Harbor

For more info about Digitalocean's security visit here.


PCI Compliance


HotGloo does not process, store or transmit credit card data. We work together with a globally recognized payment provider Stripe. When paying by credit card, HotGloo utilizes a separate PCI compliant system to manage all credit card and financial information. This allows us to ensure that the minimal number of employees have access to any sensitive data.

For more info about Stripe's security and European data transfers visit here.


Application Security

HotGloo data is isolated per customer to prevent the entry of any customer from accessing another customer's data. HotGloo engineers utilize proven, up-to-date security technologies and techniques. Access to production systems and customer data is provided to employees on a 'least access' basis.


Transmission Security

All communications with HotGloo servers are encrypted by default using industry standard SSL. This ensures that all traffic between you and HotGloo is secure during transit.


Operating System Security

HotGloo uses the minimal number of access points to all production servers. All operating systems are maintained at recommended patch levels and are hardened by disabling and removing unnecessary users, protocols and processes.


Data Security

The customer owns all data entered in HotGloo. HotGloo employees do not have access to that data, except where necessary for system management, maintenance, monitoring, backups and support. Data is stored using RAID disks and storage clusters. HotGloo backs up customer data nightly to a secure, off-site location. Database connections are limited to only authorized internal networks.

HotGloo is provided through state-of-the-art cloud networks in a secure environment. HotGloo SaaS runs on a SSAE-16 compliant cloud infrastructure.