Security

Committed to Safeguarding Your Data

At Tidyflow, we prioritize data security, ensuring your data is managed with the highest standards of protection using advanced cloud infrastructure through DigitalOcean and Amazon Web Services (AWS).


Cloud Security and Data Management

Data Hosting: Our servers, managed via DigitalOcean, are equipped with sophisticated monitoring and defense mechanisms to ensure operational excellence and reliability.

Data Storage and Backups: We utilize Amazon's secure cloud storage solutions for all database and file storage requirements. Automated data backups are conducted regularly to secure your information against loss and to support both incident management and disaster recovery. Importantly, all backups are encrypted using AES-256 encryption to ensure the confidentiality and integrity of your data even while stored as backups.


Compliance and Certifications

DigitalOcean and AWS Compliance: Both DigitalOcean and AWS adhere to high standards of compliance, including SOC II, SOC III, GDPR, HIPAA, and other international regulatory requirements, ensuring that the infrastructure holding your data meets stringent security and privacy standards.

Read more about Digital Ocean’s security practices.

Read more about AWS security practices.


Encryption and Security Measures

Encryption at Rest and In Transit: All stored data is protected using AES-256 encryption. Furthermore, data transmitted over the network is secured using SSL/TLS protocols, preventing unauthorized access and data breaches.

Ongoing Security Assessments: We regularly perform security assessments and vulnerability scans to identify and mitigate any potential security risks, ensuring our infrastructure and your data remain secure.


Transparency and Trust

Open Communication: We maintain transparent communication about our security practices. You are always welcome to inquire about how we protect your data and the measures we have in place.

Continuous Improvement: Our security protocols are continually reviewed and enhanced to adapt to new challenges and ensure adherence to the latest security standards.


At Tidyflow, securing your data is a critical component of our service promise. We are dedicated to maintaining the highest standards of data protection. For more information about our security practices or to address any concerns, please contact our support team.


Email Authentication

Authentication to the platform is conducted through an encrypted connection to the user's preferred Microsoft or Google email account.

User Authentication

All customers need to receive and accept an invitation to join a Tidyflow Account before they can access any account data. The chosen authentication provider is registered for the user, and subsequent login attempts must use the same provider. For added security, Tidyflow offers Multi-Factor Authentication (MFA), and Admin users have the option to enforce MFA for all users within their Account. Users are restricted from accessing data outside their Account.

Access Permissions

The web application enables customers to manage user access within their Account. Admin users are responsible for managing access within their Tidyflow Account, ensuring that users with different roles have appropriate access levels.

Administrative Data

Access to production databases is tightly regulated, and only users who need to access production data for customer support or issue resolution are granted access. Upon request, Tidyflow will securely delete a customer’s Tidyflow data.

Payment

Payments are processed securely through Stripe; we do not handle any payment details. This ensures that all financial transactions are safe and protected. Your payment information remains confidential and secure with Stripe.


System Patching

Security practices require evaluating and implementing available software patches and updates to ensure systems remain secure and up-to-date. Performing system patching and updates minimizes the risk of vulnerabilities that could be exploited by malicious actors and cyber threats. Additionally, Tidyflow uses the latest updated versions of software.