Is my data secure and protected?

Taylor Sloane Updated by Taylor Sloane

At HelpDocs we take security and data protection seriously. Here's an overview of some stuff we're doing to keep your data safe. 

End to End Encryption

All accounts come with SSL as standard on the HelpDocs subdomain. You can also optionally enable SSL on your custom domain with one click. Our SSL connections are terminated directly on our application servers, so your traffic's encrypted the whole way. We don't use any third party providers or middleware here, so your data's always safe.

Databases Encrypted at Rest

We encrypt our databases at rest. That means all your data's securely locked when it's not in use.

Frequent Backups

We backup your data every day, and retain months of backups on a rolling deletion schedule. These backups, you guessed it, are encrypted too.

Backup Frequency

Retention Period

Daily

7 days

Weekly

4 weeks

Monthly

3 months

First Class Hosting

All our servers are based in Google Cloud's Iowa datacenter. We have firewalls around all the instances to protect our servers from bad actors. 

Penetration Testing

We conduct regular penetration tests to mitigate against common (e.g. OWASP Top Ten etc.) and emerging threats.

Access to your Data

Account data is strongly namespaced to your account. Unless you choose to make your documentation public other customers will never have access to your data. You're also able to restrict certain content to certain users with our access control features: data will only be shared with those you choose.

Some members of the HelpDocs team do have access to your data. We'll access your data as part of support requests and in case of urgent service issues. Otherwise we'll always ask your permission before accessing your account. Any staff members that have access to your data are subject to strict confidentiality agreements. All data access is audited.

We will respond to subject access requests, request to modify your personal information, requests to delete your own personal data or that of your users, and requests to stop processing all personal data within 10 days of request.

SLA

We don't offer an SLA on our shared hosting plans. If you require an SLA, we may be able to offer one on an Enterprise plan. Get in touch with support if this is something you're interested in.

That said, you can check our historical uptime on our public status page here. It's updated every few minutes.

Privacy Program

In addition to our terms and public privacy policy HelpDocs has a documented internal privacy program that's subject to regular internal reviews. It contains and documents:

  • roles, responsibilities, and governance
  • privacy policies/procedures
  • review and monitoring processes to ensure continuous improvement
  • details of the appointed Data Protection Officer
  • privacy by design and adherence to default principles of privacy when features are built or updated
  • retention schedule for personal data
  • privacy training/awareness program
  • records for the historical and future processing of personal data

We do not process high risk data and are not required to Data Privacy Impact Assessments.

HelpDocs has not been issued with any privacy-related reprimands, fines, or penalties in the past 12 months

Incident & Breach Management

We have a formal and documented incident management and data breach response plan. This plan is regularly tested.

In the event of a data breach we will inform any affected parties as soon as is reasonably possible upon becoming aware.

HelpDocs has not identified or reported any breaches in the last 12 months

What did you think of this doc?

Signing a Data Processing Agreement (DPA)

Get in touch

This site is protected by hCaptcha and its Privacy Policy and Terms of Service apply.