Keeping our customers data safe (and encrypted) is the most important thing that Popwork cares about. We go to considerable lengths to ensure that all data sent to Popwork is handled securely.
All of our services run in the cloud. Popwork does not host its own routers, load balancers, DNS servers, or physical servers.
All our services and data are provided and hosted in Google Cloud Platform (GCP) facilities in Brussels, Belgium. Google LLC is certified under both the EU-U.S. and Swiss-U.S. Privacy Shield frameworks. Further detail on subprocessors is available here.
Data and encryption
All customer data is stored in the EU (Belgium).
Data at rest is encrypted using AES-256 (Advanced Encryption Standards).
All communications between our application servers and backend databases transit through a Virtual Private Cloud (VPC). This means both remain isolated from public networks as they communicate through a private network.
Customer data is stored in multi-tenant datastores, we do not have individual datastores for each customer. However we apply strict privacy controls to ensure data privacy and prevent one customer from accessing another customer's data.
Data transfer and authentication
All data sent to or from Popwork is encrypted in transit using strong TLS encryption.
Popwork is served 100% over HTTPS and our API as well as our application endpoints are TLS/SSL only. These are the most secure authentication and encryption protocols your browser and web servers can use to communicate and exchange information.
All API routes are secured applying a strict access control policy and using an access control list.
Popwork runs a zero-trust corporate network. There are no corporate resources or additional privileges from being on Popwork’s network.
On an application level, we produce encrypted audit logs for all activity. Part of these logs are stored on third party services which all satisfy the highest security standards and are compliant with the European Union requirements. Further detail on subprocessors can be found here.