Data Security and Protection
Data, File storage, and API Logs
- PDF Templates: A template is a design with a preset layout or preset styles for formatting, which only consists of static data. Your templates are stored in AWS RDS and the underlying storage is encrypted.
- Generated PDF files and uploaded files: The temporarily generated PDF files are stored on the cloud storage AWS S3 with strong encryption at rest.
- Pre-signed URLs for PDFs: A generated PDF URL is a pre-signed URL. Pre-signed URLs are created, signed using our credentials, and have a controllable expiry date. The expired PDF documents will be purged periodically.
- API logs: API logs are generated for troubleshooting and it’s retained for up to 7 days. The logs do not consist of data you send via API and it’s stored within the selected region.
Data protection for regional API endpoints
A regional API endpoint is intended for customers in the same region. The data for the request and generated PDFs are processed and stored within the region.
It gives you the flexibility to control where your data is stored, based on your specific needs. The supported regions are as follows:
- Asia-Pacific Region – Singapore
- Asia-Pacific Region – Australia
- US East Region – N. Virginia
- Europe Region – Frankfurt
The API logs are stored and retained for 7 days in the respective region.
Data In transit and Communication
We force HTTPS for all of our services using TLS(SSL) including websites, REST API.
When a user sends a request to our services, we secure the data in transit with HTTPS protocol. It provides authentication, integrity, and encryption, using HTTPS with a certificate from a public certificate authority.
Data Encryption and Backup
Our database is hosted with AWS RDS(Amazon Relational Database Service).
Amazon RDS encrypted DB instances use the industry-standard AES-256 encryption algorithm to encrypt the data of the Amazon RDS DB instances. After the data is encrypted, Amazon RDS handles authentication of access and decryption of the data transparently with a minimal impact on performance.
Our database is scheduled to backup daily and the backups are retained for 5 days.
Hosting and Physical Security
The physical infrastructure of our services is hosted and managed within Amazon’s secure data centers and utilizes the Amazon Web Service (AWS) technology.
Our webserver and database are hosted in AWS Singapore region, the PDF generation services are in the respective regions:
- Asia-pacific Region(Singapore)
- Asia-pacific Region (Australia)
- US East Region(N. Virginia)
- Europe Region(Frankfurt)
Amazon AWS continually manages risk and undergoes recurring assessments to ensure compliance with industry standards. Amazon’s data center operations have been accredited under:
- ISO 27001
- SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
- PCI Level 1
- FISMA Moderate
- Sarbanes-Oxley (SOX)
We do not store your credit card information. All the credit card accounts and credit card transactions are managed by our payment partner – Stripe.
Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry.