Webbula’s processes and services comply with data standards, including Europe’s General Data Protection Regulation (GDPR), and California’s upcoming privacy law, The California Consumer Privacy Act (CCPA). Since day one Webbula has been committed to the highest possible standards when it comes to data security, safety, and responsibility. Our passion and our mission has always been, and will remain, Truth in Data – a statement that encapsulates everything we do on behalf of our customers and their data.
Our adherence to the GDPR and CCPA changes are just another opportunity for Webbula to demonstrate our commitment to protecting our customer’s data security, and privacy, and empower consent in how that data is collected, recorded, and used.
Overall Data Security & Governance
- Our staff passes thorough background checks, bound by contracts, trained and retrained monthly on security and follow industry standards for passwords and password management.
- All of the data we process is encrypted in motion and at rest.
- Code reviews and vulnerability management programs are in place in order to continuously manage, prioritize, identify and remediate risk.
- Webbula maintains a full time security team to monitor, manage and investigate security incidents.
- State-of-the-art security platforms are in place to monitor production servers and networks for security incidents. The network security monitoring platform is configured to log, analyze, and report network events and security incidents.
- Company system and networks have been architected to safeguard against external intrusion by following secure baseline configuration standards and practices.
- Our Operating systems and third-party software are automatically patched and updated daily.
- Antivirus and anti-malware signatures are updated hourly.
- Web Application and APIs are protected by Web Application Firewall to secure all customer interactions from a multitude of attacks providing quick detection and mitigation capabilities.
There are multiple ways to securely transfer data to Webbula for processing. Our API and Web-based UI secure client and server communications utilize 2048-bit SSL / TLS encrypted data streams. These secure encrypted channels are utilized to transfer your data to us for processing. The final results are returned using the same secure connection.
Availability, Backup, & Recoverability
All data backups occur locally, and a duplicated copy is sent over encrypted channels to two offsite storage location to ensure recoverability.
Data Retention & Destruction
Data is only collected for the purposes of rendering services. Webbula does not collect in the traditional sense for the purpose of storing data. Webbula simply processes the data and hands it back to the data owner.
Customers that are sending data to Webbula for processing and need to be compliant with the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) please request a copy of the Data Privacy Agreement at firstname.lastname@example.org.