We understand that the security and privacy of your company’s information is extremely important. To this effect, we make every effort to ensure that your information is always handled responsibly and securely. This page aims to answer some of the questions we frequently receive regarding security practices at webauditr.com. If you have any other questions, please don’t hesitate to contact us
Secure access
All access to the WebAuditr website and application is restricted to HTTPS encrypted connections. WebAuditr does not service insecure HTTP requests.
Hosting
WebAuditr is hosted on AWS servers. See AWS security policy for more information.
Backups
WebAuditr keeps rolling backups for up to 4 months, which are stored securely. Deleted content may remain in backups for this duration.
Password storage
WebAuditr passwords are stored responsibly using BCrypt. They are never stored in plaintext and are not readable by staff.
Code review and auditing
WebAuditr performs regular security audits, including manual and automatic code reviews.
Updates to WebAuditr’s software undergo a code peer review procedure within our development team to ensure quality and security are maintained.
Automated testing is employed to minimise the risk of introducing errors and security vulnerabilities.
Credit card handling and storage
Credit card processing is handled by Stripe. Credit card numbers and CVC numbers are handled exclusively by Stripe in accordance with PCI Data Security Standards (PCI DSS) and are note made available to WebAuditr. Please see Stripe’s Security Documentation for more details about their payment system and security measures.
WebAuditr staff can delete your credit card from Stripe upon request.