Security StatementMarch 22, 2021 2021-07-06 9:50
This Security Statement applies to the products, website and apps offered by Ronin Pixels S.L. We refer to those products, websites and apps collectively as the “services” in this Statement. This Security Statement also forms part of the user agreements for RoninPixels customers.
Data Storage and Encryption
Our services use and manage content (e.g., to configure your dashboards, for reporting, settings, datasources, gadgets, templates, etc.), but all the content is handled and stored on the Atlassian Cloud platform.
Although we don’t store your data in our services, we encrypt all sensitive data using 256 AES before storing it in the Atlassian Cloud platform.
People and Access
Access to RoninPixels’ technology resources is only allowed through secure connectivity (VPN, SSH, …) and requires multi-factor authentication. Our production password policy requires complexity, expiration, lockout and disallows reuse.
Our services have limited access to customer data, although they need to access public and private customer data, all data is obtained following the Atlassian Connect protocols (including public/private key based authentication) or other data providers secure connections.
Our global support team have access to our Cloud applications and may access customer data only for purposes of services’ status monitoring and performing, and upon customer request via our support system.
Third Party Services
Our services are hosted in Heroku, a cloud platform of Salesforce. You can find Heroku Security Statement here.
Our services also store some installation and configuration details on MongoDB Atlas cloud service. You can find security and privacy details here.
Reporting Security Vulnerabilities
We aim to create a strong security services, and because this is essential for us, we may need your help.