Txoj Cai Kev Ruaj Ntseg
At AhaSlides, our users’ privacy and online security are our top priorities. We’ve taken all the necessary steps to ensure that your data (presentation content, attachments, personal information, participants' response data, et. al) is kept safe at all times.
AhaSlides Pte Ltd, Unique Entity Number: 202009760N, is hereinafter referred to as “we”, “us”, “our” or “AhaSlides”. ”You” shall be interpreted as the person or entity who has signed up for an Account to use our Services or the persons who use our Services as a member of an Audience.
Kev Tswj Kev Nkag
All user data stored in AhaSlides is protected in accordance with our obligations in the AhaSlides Cov ntsiab lus uas Service, and access to such data by Authorised Personnel is based on the principle of least privilege. Only Authorised Personnel have direct access to AhaSlides’ production systems. Those who do have direct access to production systems are only permitted to view user data stored in AhaSlides in the aggregate, for troubleshooting purposes or as otherwise permitted in AhaSlides' Tsis pub twg paub Txoj cai.
AhaSlides maintains a list of Authorised Personnel with access to the production environment. These members undergo criminal background checks and are approved by AhaSlides' Management. AhaSlides also maintain a list of personnel who are permitted to access AhaSlides code, as well as the development and staging environments. These lists are reviewed quarterly and upon role change.
Trained members of the AhaSlides' Customer Success team also have case-specific, limited access to user data stored in AhaSlides through restricted access to customer support tools. Customer support team members are not authorised to review non-public user data stored in AhaSlides for customer support purposes without explicit permission by AhaSlides' Engineering Management.
Thaum lub luag haujlwm hloov lossis tawm hauv lub tuam txhab, cov ntaub ntawv pov thawj tsim tawm ntawm Cov Neeg Ua Haujlwm Tso Cai raug kaw, thiab lawv cov kev sib tham raug yuam kom tawm. Tom qab ntawd, tag nrho cov nyiaj no raug tshem tawm lossis hloov pauv.
Cov Ntaub Ntawv Kev Ruaj Ntseg
AhaSlides production services, user content, and data backups are hosted on Amazon Web Services platform (“AWS”). The physical servers are located in AWS’s data centres at two AWS regions:
- Lub cheeb tsam "US East" hauv North Virginia, Tebchaws Asmeskas.
- Lub cheeb tsam "EU Central 1" hauv Frankfurt, Lub Tebchaws Yelemees.
Txog hnub no, AWS (i) muaj ntawv pov thawj rau kev ua raws li ISO/IEC 27001: 2013, 27017: 2015 thiab 27018: 2014, (ii) tau lees paub raws li PCI DSS 3.2 Theem 1 Tus Muab Kev Pabcuam, thiab (iii) tau txais SOC 1, SOC 2 thiab SOC 3 kev tshuaj xyuas (nrog cov ntawv ceeb toom ib nrab xyoo). Cov ntsiab lus ntxiv txog AWS cov kev ua raws cai, suav nrog FedRAMP ua raws thiab GDPR ua raws, tuaj yeem pom ntawm AWS' website.
We do not offer customers the option of hosting AhaSlides on a private server, or to otherwise use AhaSlides on a separate infrastructure.
Nyob rau hauv lub neej yav tom ntej, yog tias peb txav peb cov kev pabcuam tsim khoom thiab cov neeg siv cov ntaub ntawv, lossis ib feem ntawm lawv, mus rau lwm lub tebchaws lossis lwm lub platform huab, peb yuav sau ntawv ceeb toom rau tag nrho peb cov neeg siv 30 hnub ua ntej.
Kev ntsuas kev nyab xeeb raug coj los tiv thaiv koj thiab koj cov ntaub ntawv ob qho tib si rau cov ntaub ntawv thaum so thiab cov ntaub ntawv hauv kev thauj mus los.
Cov ntaub ntawv thaum so
User data is stored on Amazon RDS, where data drives on servers use full disk, industry-standard AES encryption with a unique encryption key for each server. File attachments to AhaSlides presentations are stored in Amazon S3 service. Each such attachment is assigned a unique link with an unguessable, cryptographically strong random component, and are only accessible using a secure HTTPS connection. Additional details on Amazon RDS Security can be found no. Cov ntsiab lus ntxiv ntawm Amazon S3 Security tuaj yeem pom no.
Cov ntaub ntawv hauv kev thauj mus los
AhaSlides uses industry standard Transport Layer Security (“TLS”) to create a secure connection using 128-bit Advanced Encryption Standard (“AES”) encryption. This includes all data sent between the web (including the landing website, the Presenter web app, the Audience web app, and internal administrative tools) and the AhaSlides servers. Tsis muaj qhov kev xaiv tsis-TLS rau kev sib txuas AhaSlides. All connections are made securely over HTTPS.
Backups thiab Data Poob Tiv Thaiv
Cov ntaub ntawv rov qab tsis tu ncua thiab peb muaj qhov tsis siv neeg tsis siv neeg ua haujlwm yog tias lub ntsiab tsis ua haujlwm. Peb tau txais kev tiv thaiv muaj zog thiab tsis siv neeg los ntawm peb cov chaw muab ntaub ntawv ntawm Amazon RDS. Cov ntsiab lus ntxiv ntawm Amazon RDS Backup thiab Restore cov lus cog tseg tuaj yeem pom no.
Cov Lus Qhia Tus Neeg Siv
We encrypt (hashed and salted) passwords using the PBKDF2 (with SHA512) algorithm to protect them from being harmful in the case of a breach. AhaSlides can never see your password and you can self-reset it by email. User session time-out is implemented meaning that a logged-in user will be automatically logged out if they are not active on the platform.
Cov Lus Qhia Them Nqi
Peb siv PCI-raws li kev them nyiaj processors Stripe thiab PayPal rau encrypting thiab ua cov credit/debit card them. Peb yeej tsis pom lossis lis cov ntaub ntawv credit/debit card.
Kev ruaj ntseg xwm txheej
Peb muaj nyob rau hauv qhov chaw thiab yuav tswj kom tsim nyog cov kev cai thiab lub koom haum kev ntsuas los tiv thaiv tus kheej cov ntaub ntawv raws li zoo raws li lwm yam ntaub ntawv tiv thaiv kev huam yuaj los yog tsis raug cai raug puas tsuaj los yog kev huam yuaj, alternation, tsis tso cai qhia tawm los yog nkag mus rau, thiab tawm tsam tag nrho lwm yam kev cai lij choj cov ntaub ntawv ntawm kev ua (a "Kev ruaj ntseg teeb meem ").
We have an incident management process to detect and handle Security Incidents which shall be reported to the Chief Technology Officer as soon as they are detected. This applies to AhaSlides employees and all processors that handle personal data. All Security Incidents are documented and evaluated internally and an action plan for each individual incident is made, including mitigatory actions.
Lub Sijhawm Saib Xyuas Kev Ruaj Ntseg
This section shows how often AhaSlides conducts security revisions and conducts different types of tests.
Kev ua | Zaus |
Kev cob qhia cov neeg ua haujlwm ruaj ntseg | Thaum pib ntawm kev ua haujlwm |
Tshem tawm qhov system, kho vajtse thiab cov ntaub ntawv nkag | Thaum kawg ntawm kev ua haujlwm |
Ua kom cov qib nkag mus rau txhua lub tshuab thiab cov neeg ua haujlwm raug raug thiab ua raws li lub hauv paus ntsiab lus ntawm tsawg kawg nkaus | Ib zaug dhau ib zaug |
Xyuas kom tag nrho cov tsev qiv ntawv tseem ceeb tau hloov kho tshiab | Txuas ntxiv mus |
Chav ntsuas thiab kev sib xyaw ua ke | Txuas ntxiv mus |
Kev ntsuam xyuas sab nraud | Ib zaug dhau ib zaug |
Kev ruaj ntseg ntawm lub cev
Qee qhov ntawm peb cov chaw ua haujlwm sib koom ua vaj tsev nrog lwm lub tuam txhab. Vim li ntawd, txhua qhov kev nkag mus rau peb cov chaw ua haujlwm raug kaw 24/7 thiab peb yuav tsum muaj cov neeg ua haujlwm thiab cov qhua tuaj xyuas ntawm lub qhov rooj siv Smart Key Security System nrog QR Code nyob. Tsis tas li ntawd, cov neeg tuaj saib yuav tsum tuaj xyuas nrog peb lub rooj sab laj thiab yuav tsum muaj kev saib xyuas thoob plaws hauv lub tsev txhua lub sijhawm. CCTV npog cov ntsiab lus nkag thiab tawm 24/7 nrog cov cav ua rau peb sab hauv.
AhaSlides' production services are hosted on Amazon Web Services platform (“AWS”). The physical servers are located in AWS’ secure data centres as stated in section "Data Security" above.
changelog
- Kaum Ib Hlis 2021: Hloov kho ntu "Cov Ntaub Ntawv Kev Ruaj Ntseg" nrog rau qhov chaw tshiab server ntxiv.
- Lub Rau Hli 2020: Hloov kho rau ntu hauv qab no: Kev Nyab Xeeb Lub Cev.
- Lub Tsib Hlis 2020: Thawj version ntawm nplooj ntawv.
Puas muaj lus nug rau peb?
Sib cuag. Email rau peb ntawm nyob zoo@ahaslides.com.