At Databroker, we take the security and privacy of our data very seriously. Please find an overview of our security measures below.
Where do you store my data and how is it protected?
Contact data gathered from ourselves in any form (over the phone, via email submissions, via website form submissions for example) are stored using our Infusionsoft CRM system.
Some of the infrastructure used to host the data is wholly owned and controlled by Infusionsoft and the remaining are provided by carefully verified and selected third party service providers.
The data is stored in a primary data centre based in Chandler, Arizona. Additionally, the data is mirrored to a secondary data centre in near-real-time ton ensure a further layer of security.
The secondary data centre is geographically remote from the primary data centre.
CRM Physical Security Controls
- Access to all data centres is restricted to authorised personnel only.
- The data centres are secured by professional security guards.
- Entry and exit points of all data centres are secured via access control systems (ID cards and/or biometrics).
- All visitors to the data centres are escorted by an authorised employee at all times.
CRM Technical Security Controls
- The CRM software and associated systems are regularly scanned/monitored for vulnerabilities.
- Known issues are patched as soon as they are identified.
- External points of connectivity to the system are protected by firewalls.
- All network and database activity are logged and monitored for potential security threats.
- User passwords to the system are stored in a one-way-hash.
CRM Administrative Security Controls
- Access to IT systems that process the data is limited to authorised personnel with a requirement for doing so.
- Prior to employment, background checks are undertaken as a further layer to ensure employee reliability.
CRM Access from Databroker
- Access to the CRM system by employees of Databroker is restricted to authorised personnel with a requirement to do so.
- All authorised personnel have specific user accounts with tailored permission rights based on their role and subsequent requirements.