Data Security

Gapsquare has achieved ISO 27001 certification for information security management systems. A widely known security accreditation, this certification is confirmation that we utilise the very best practice when managing the security of data and information assets. Our certification number is 18191-ISN-001 and is available to view here.

  Communication and transport

• Our online software is accessed through a secure connection link with HTTPS protocol
• This means that data send between a user and our servers is encrypted and transferred over a secure connection, preventing privacy breaches, forging of information and tampering with data

  Password

• Users passwords must meet a set of requirements and be changed every 90 days
• In case of password leaks, users registered as administrators can act to enforce a password change to protect the user’s data

  Two-Step Factor Authentication

• Users can enable Two-factor authentication, facilitated by a time-limited code generated either by an external, trusted app (e.g. Google authenticator) or by email

  Data Encryption

• All user data is stored in an encrypted form. Only specialised, vetted personnel from Gapsquare – all of whom have signed a non-disclosure agreement – know the procedure for decrypting and unlocking data.

  Google Cloud

• Our platform is facilitated via the Google Cloud, with Google providing the security for the underlying physical environment, computer hardware and operating systems

  Data Storage

• Currently data is stored in the Google Cloud SQL (mySQL) database in the europe-west2 region (London)
• Database backups are performed daily and all backups are stored on separate servers (for a week) to prevent data loss

  Other Cloud Providers

• If required, our platform can be delivered via other Cloud providers, following further discussion with us.