Data Security and Privacy
Security of your data and your privacy is a business priority at Teamble. We build everything with customer trust and security in mind. For us, security is not a set of guidelines to meet but it is one of the most critical service features we provide. Here are our Data Security and Privacy Features:
Key Security Features
Secure Cloud Infrastructure
Teamble’s data and services are hosted with world’s leading cloud provider Amazon Web Services (AWS) in its US facilities, spread across multiple availability zones to ensure reliability and disaster recovery. AWS data centers are monitored by 24X7 security, biometric scanning, video surveillance and are SOC 1, SOC 2, and SOC 3 certified.
Data Permissions and Authentication
Access to customer data is limited to authorized employees whose job functions require it. Additionally, 2FA and strong password policies on all tools used internally are strictly implemented for all Teamble employees to ensure third-party access to these cloud services are protected.
All data is transmitted over HTTPS, and any data stored is encrypted in transit and at rest using 256-bit encryption. Our application endpoints are TLS/SSL only and score an “A” rating on Qualys SSL Labs‘ tests. This means we only use strong cipher suites and have features such as HSTS and Perfect Forward Secrecy fully enabled.
Teamble has a protocol in place for handling various security incidences, all of which employees are informed and trained on. Breaches will be communicated within a reasonable amount of time, and vulnerabilities are fixed ASAP.
SSO and 2FA
Teamble inherits the same authentication method that you use for your Slack workspace, including Single Sign-On (SSO) and Two Factor Authentication (2FA). These methods allows you to authenticate users in your own systems without requiring them to enter additional login credentials
Teamble has different levels of user permissions and settings within the platform for your organization and teams.
Enterprise Ready Compliance
As of April 2nd, 2020 Teamble is GDPR compliant. Organizations who employ EU-based individuals can rest assured that Teamble is handling their personal information in compliance with the latest EU laws
As of January 1st, 2020 Teamble is CCPA compliant in how it handles data of California residents.
All payments to Teamble are processed through our partner, Stripe. To learn more about their security setup and PCI compliance, you can visit Stripe’s security page.
Commitment to Security
Teamble have been diligent in conducting more awareness and training with employees around data protection and incident response on potential issues like data breaches. All employees complete an annual security training program and employ best practices when handling customer data.
Teamble has a set of comprehensive security and awareness policies that cover a wide range of topics. These policies are updated as necessary and shared with all employees.
All employee and contractor contracts include a confidentiality agreement contingent on acceptance of employment or contracted project work.
Handling Data Subject Rights Requests
Teamble implemented compliance measures to make it easy to handle requests such as deletion or update requests of your personal data. To do so, simply email firstname.lastname@example.org with your request.
Third party audits
Teamble audited all the services it uses fromsubprocessors to ensure that they are either GDPR compliant or don’t gain access to personal data. Our sub processors are: Amazon Web Services Inc., cloud infrastructure service provider in the US. Twilio Inc., cloud based communications platform in the US, Zendesk Inc., cloud based customer service and support provider in the US, Stripe Inc., cloud based payment infrastructure provider in the US.