All of our services run in the cloud. Popwork does not host its own routers, load balancers, DNS servers, or physical servers.

All our services and data are provided and hosted in Google Cloud Platform (GCP) facilities in Brussels, Belgium. Google LLC is certified under both the EU-U.S. and Swiss-U.S. Privacy Shield frameworks. Further detail on subprocessors is available here.

All customer data is stored on our GCP cloud infrastructure in the EU (Belgium) and data at rest is encrypted by default using AES-256 (Advanced Encryption Standards).

All communications between our application servers and backend databases transit through a Virtual Private Cloud (VPC). This means both remain isolated from public networks as they communicate through a private network.

Customer data is stored in multi-tenant datastores, we do not have individual datastores for each customer. However we apply strict privacy controls to ensure data privacy and prevent one customer from accessing another customer's data.

All data sent to or from Popwork is encrypted in transit using strong TLS encryption.

Popwork is served 100% over HTTPS and our API as well as our application endpoints are TLS/SSL only.

All API routes are secured applying a strict access control policy and using an access control list.

Popwork runs a zero-trust corporate network. There are no corporate resources or additional privileges from being on Popwork’s network.

Transactional emails are transmitted to our users over a secured TLS 1.3 protocol using a strong 128-bit encryption key for both encryption and authentication purposes. This combination ensures secure and authenticated communication between the client and the server.

On an application level, we produce encrypted audit logs for all activity. Part of these logs are stored on third party services which all satisfy the highest security standards and are compliant with the European Union requirements. Further detail on subprocessors can be found here.