Security Policy

For us security is a process. It needs to, start before the first line of code and continue throughout the life of the service.

It is with this guideline in mind that we made all technical choices (see below) that give our clients the best security possible. Unfortunately, perfect security does not exist, so if you find any security issues please contact us.

Servers

The Zipi SASS work on AWS servers are located in Ireland (EU).

We use a TLS certificate issued by Let's Encrypt, with last TLS cipher recommendation of the Mozilla foundation. The online SSL/TLS testing tools SSLLabs.com give us the best rating (A+). Test yourself

Upload

When you upload an archive for processing, it's uploaded to our AWS S3 bucket and encrypted using a very strong encryption algorithm (AES-256). All archives uploaded are removed 1 hour after the upload.

Code

Our code runs on Laravel, a very popular framework build with good security practices.

Your account

Billing credentials are managed by Stripe our PCI Service Provider Level 1 payment gateway Read more about their security.

All your drive auth credentials are encrypted in our database. Your user password is hashed, that means nobody (same us) can guess it.