The following summary is provided in the context of the cellLoop application provided by Kyndling Limited.
● Security Summary: Below
● Subprocessors: Below
● Website Terms & Condition: Here
● Product Terms & Conditions: Here
Kyndling operates a cloud-based network within Amazon Web Services (AWS), which provides secure hosting of network and production systems.
Our platform is hosted and managed with Amazon Web Services (AWS) secure data centers. These data centers have been accredited under:
We make significant use of the services provided by AWS to increase privacy and network access throughout our system. More information on AWS security is available at AWS Services in Scope.
Our services are protected by firewalls provided by AWS and not directly exposed to the Internet.
Subprocessors and key vendors
We audit our subprocessors and key vendors to ensure they maintain suitable security. Many of our vendors have SOC2 or similar. More on our subprocessors below.
Kyndling data stores are accessible only by servers that require access.
We maintain secure encrypted backups of important data for up to 90 days. We do not retroactively remove deleted data from backups as we may need to restore it, if removed accidentally.
We utilise security experts, Auth0, to maintain access to the platform and store passwords. We do not store your account passwords in Kyndling databases.
We provide user roles with different permissions levels within the product: Owner, Editor, Sharing and Viewer.
All Kyndling web traffic is served over HTTPS.
Our primary databases, including backups are fully encrypted at rest. In addition, data is encrypted in transit. We use industry standard encryption algorithms.
The cellLoop platform collects the following service data to ensure operation of the platform. We only collect this information whilst you are recording within the cellLoop tool. No Service Data is collected when you are not recording a loop.
● Media: we record video and sound from your webcam and/or microphone. We also store any media you have uploaded;
● Clicks: we log your clicks around the spreadsheet whilst you are recording, only;
● Input: we log your input into the spreadsheet whilst you are recording, only.
This Service data is encrypted at rest and in-transit via the aforementioned methods above.
Personal Data may include, but is not limited to:
● First and last name
● Contact information (e.g. email, billing address, shipping address, ‘phone number(s))
● Timezone (e.g. user preference or derived from contact information)
If you have any concerns or discover a security or privacy issue, please email us at firstname.lastname@example.org and we will quickly investigate.
● Amazon Web Services, Inc, United States (“AWS”) is a cloud service provider used within LoyaltyLion as primary infrastructure provider for the LoyaltyLion service.
● Auth0, Inc, United States (”Auth0”) is an identity management platform for application builders and developers. It provides Auth0, a web-scale cloud solution that includes APIs and tools that enable developers to eliminate the friction of authentication and authorization of their applications and APIs.
● Mailgun Technologies Inc, United States (”Mailgun”) Mailgun enables developers to tightly integrate email into their apps, i.e. give real email mailboxes to their users, their web pages or any objects in their apps.
● Stripe, Inc, United States (”Stripe”) is an Irish-American financial services and software as a service company dual-headquartered in San Francisco, United States and Dublin, Ireland. The company primarily offers payment processing software and application programming interfaces for e-commerce websites and mobile applications.