This article will tell you more about how we securely manage your data at Zelt.
In this day and age where our digital footprint is stronger than ever, it is crucial to know how organisations that you interact with manage your data. Here at Zelt we are advocating for transparency and security when it comes to personal information. That is why we have built Zelt using best practices to ensure a strong and secure service.
We have answered a few of the most popular questions about your data below but if you have any further enquiries please contact us at [email protected].
1. What data does Zelt store?
In line with GDPR principles, any personal data collected by Zelt is for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes. Essentially we will only collect and store mission-critical information to help you manage your company's operations and improve overall employee experience.
This means we never store your passwords, payment information or cookies from other websites (we only use secure cookies, which don’t store any personal information locally). We will also never sell or share your data with third-party providers without your explicit consent, i.e. when connecting a chosen third-party app to Zelt.
Read more about GDPR and check our ICO Register
2. Where and how is data stored?
With Zelt, all your data is stored using Amazon Web Services (AWS), world’s leading cloud computing service provider. AWS is a recognised provider of secure network architecture to protect your information, identities, applications, and devices.
The data is stored in the AWS EU (London) Region that is designed and built to meet rigorous compliance standards including ISO 27001, ISO 9001, ISO 27017, ISO 27018, SOC 1, SOC 2, SOC3, PCI DSS Level 1, and many more.
3. Does my data get transferred?
Every time you access Zelt services on the website you transfer some data across to the browser. We encrypt each transfer at 256-bit and send it through TLS 1.2 (HTTP over TLS), adhering to the FIPS 140-2 certification standard. Each session is limited to 2 hours of idle time.
4. Who can see and access my personal data inside and outside of my account?
We believe that your data belongs to you. That's why Zelt employees do not have access to your company's user accounts inside the app. Also, our infrastructure permissions allow only few individuals (CEO, CTO) to directly access our production databases for the purpose of trouble shooting, and all requests are logged. No-one else can access our production databases.