How does Happydemics protect my data?

Our clients' data security is paramount to Happydemics. We take extensive actions to ensure that all data sent to Happydemics is handled securely - Happydemics' security is fundamental to the nature of our business.

However, we want to share some details on how we work to keep your data secure, and how we are continually working to improve data security.

This is a developing document and we will be updating it occasionally. If you have any questions, please do not hesitate to contact us at privacy@happydemics.com.

Our team has in-depth experience

Our team includes people who have had key roles in designing, building and operating highly secure online systems, such as payment processing platforms, cloud services and content distribution networks in ISO 27001 companies. We also have people who have successfully created a number of startups from scratch, as well as others who have worked in mature online businesses.

We host our data in world-class facilities

The vast majority of our services and data are hosted on Amazon Web Services facilities in Europe (Ireland, France, Germany). Further details of the extensive measures taken by Amazon to secure their facilities and services can be found here: https://aws.amazon.com/compliance/

We follow the industry's best practices

We follow the industry's best practices

At Happydemics, we follow several best practices to improve our security policy. Here are a few examples:

  • We have implemented a functional and frequently used automation to safely and reliably deploy changes to both our app and our operating platform in a matter of minutes. We typically deploy dozens of times a week, so have great confidence in our ability to quickly deliver a security fix if required.

  • All data sent to Happydemics is encrypted in transit. Our API and app points are TLS/SSL only. We also encrypt data at rest.

  • We regularly collaborate with renowned third-party auditors to audit our code and infrastructure, and work with them to resolve potential issues.

  • Our infrastructure is managed using Terraform. We use technologies such as Graylog and AWS Cloudtrail to provide an audit trail on our infrastructure and Happydemics apps. Auditing enables us to perform custom security analyses, track changes to our configuration and audit access to each layer of our stack.

  • We use two-factor authentication wherever possible. We don't yet offer SSO, SCIM and MFA to our users, but we plan to do so. We discourage sharing accounts on any system - when we have no choice, we use Dashlane to securely share logins. We regularly review which accounts can access our systems and the permissions they have.

  • We have implemented in-house tools to keep our teams up to date on security best practices such as Riot.

  • We have set up compliance tools that will audit all our assets in real time.

  • We have a documented incident emergency plan, and we train all staff in security procedures and policies. ​

We do not store payment details

Happydemics does not store or process payments. All payments made on Happydemics are processed by our banking partners.

Last updated