Legal and Security Policies
Legal and Security Policies
Certifier's security hub is where you'll discover all you need to know about our data storage, security standards, and procedures. The security of our services are paramount for us.
Our processes are constantly improving — last updated: March 3, 2024.
Legal Documents
Leveraging our experience, we construct legal agreements that are not only customer-oriented but also compliant with regulations.
Security Protocols
Security and data integrity are paramount at Certifier. Given the nature of our offerings, recognizing and fulfilling our responsibilities is crucial.
Our Commitment
Certifier is deeply committed to safeguarding our customers and their data. Our goal is to continuously enhance our security measures, providing you with a secure, scalable platform that delivers an exceptional certification and credentialing experience.
Our Agreements and Privacy Documents
Discover all essentials on agreements, terms, and compliance
Terms of Service
Read our Terms to understand the rights and obligations we uphold for our clients.
Learn moreSubprocessors
Learn about our trusted partners who help us maintain the highest standards of our service.
Learn moreCompany
Access comprehensive contact details and corporate information, including our legal imprint.
Learn moreCookie Policy
Discover how we use cookies to enhance the experience on our platform for all users.
Learn moreWe take security as our highest priority
Our dedication to keeping customer data secure is unwavering
Data Protection
Regular penetration tests, adherence to GDPR guidelines, and stringent encryption protocols for data at rest and in transit are just the beginning. We take the responsibility of safeguarding your sensitive information very seriously.
Security by design
Certifier is ISO 27001 certified, reinforcing our top-tier security practices. We provide security training for developers and employ automated code analysis tools to preemptively identify and address potential vulnerabilities, ensuring we deliver a reliably secure product to our customers.
Security and Privacy Practices
At Certifier, we adopt enterprise-grade development practices, infrastructure, and compliance certifications to underscore our security.
ISO 27001 Certification
ISO 27001 represents the highest standard in global information security assurance, certifying that Certifier adheres to rigorous international protocols. Upon request, we can share the assessments from independent third-party auditors.
ISO 9001 Certification
ISO 9001 quality management certification confirms that Certifier's software design practices meet the highest standards of excellence. Independent third-party auditor opinions and certificates are available upon request.
GDPR Compliance
Certifier is fully GDPR compliant, ensuring that all subprocessors also adhere to GDPR requirements. We maintain the confidentiality, integrity, and resilience of systems processing personal data.
AWS Security Infrastructure
Certifier's infrastructure is securely hosted on AWS within the Europe region. AWS data centers feature round-the-clock security, biometric scanning, video surveillance, and adhere to various global security and compliance standards.
Penetration Testing
Certifier conducts regular independent third-party penetration tests and vulnerability scans to identify and mitigate potential security risks. Reports from audits are available upon request.
99.9% Application Uptime
Certifier consistently achieves an uptime exceeding 99.9%, with a robust architecture designed to eliminate single points of failure through multiple failover instances.
Disaster Recovery
We employ advanced replication techniques and regular snapshot backups. Our automated backup system for Amazon RDS is a key component of our robust disaster recovery strategy, designed to meet industry standards.
Data Encryption
All data is encrypted in transit using TLS 1.2 or higher and at rest with AES-256 encryption. Access to Certifier's application servers is strictly via HTTPS.
Incident Response
Our incident response strategy is based on the SANS Incident Response methodology, with thorough post-mortem analyses conducted on each incident to prevent recurrence and enhance response measures.
Secure Passwords & 2FA
We take your account security seriously by encrypting all passwords before database storage and advocating for strong password choices on your part. Certifier offers Two-factor Authentication (2FA) to all users, enhancing security.