Txoj Cai Kev Ruaj Ntseg

At AhaSlides, our users’ privacy and online security are our top priorities. We’ve taken all the necessary steps to ensure that your data (presentation content, attachments, personal information, participants' response data, et. al) is kept safe at all times.

AhaSlides Pte Ltd, Unique Entity Number: 202009760N, is hereinafter referred to as “we”, “us”, “our” or “AhaSlides”. ”You” shall be interpreted as the person or entity who has signed up for an Account to use our Services or the persons who use our Services as a member of an Audience.

Kev Tswj Kev Nkag

All user data stored in AhaSlides is protected in accordance with our obligations in the AhaSlides Cov ntsiab lus uas Service, and access to such data by Authorised Personnel is based on the principle of least privilege. Only Authorised Personnel have direct access to AhaSlides’ production systems. Those who do have direct access to production systems are only permitted to view user data stored in AhaSlides in the aggregate, for troubleshooting purposes or as otherwise permitted in AhaSlides' Tsis pub twg paub Txoj cai.

AhaSlides maintains a list of Authorised Personnel with access to the production environment. These members undergo criminal background checks and are approved by AhaSlides' Management. AhaSlides also maintain a list of personnel who are permitted to access AhaSlides code, as well as the development and staging environments. These lists are reviewed quarterly and upon role change.

Trained members of the AhaSlides' Customer Success team also have case-specific, limited access to user data stored in AhaSlides through restricted access to customer support tools. Customer support team members are not authorised to review non-public user data stored in AhaSlides for customer support purposes without explicit permission by AhaSlides' Engineering Management.

Thaum lub luag haujlwm hloov lossis tawm hauv lub tuam txhab, cov ntaub ntawv pov thawj tsim tawm ntawm Cov Neeg Ua Haujlwm Tso Cai raug kaw, thiab lawv cov kev sib tham raug yuam kom tawm. Tom qab ntawd, tag nrho cov nyiaj no raug tshem tawm lossis hloov pauv.

Cov Ntaub Ntawv Kev Ruaj Ntseg

AhaSlides production services, user content, and data backups are hosted on Amazon Web Services platform (“AWS”). The physical servers are located in AWS’s data centres at two AWS regions:

Txog hnub no, AWS (i) muaj ntawv pov thawj rau kev ua raws li ISO/IEC 27001: 2013, 27017: 2015 thiab 27018: 2014, (ii) tau lees paub raws li PCI DSS 3.2 Theem 1 Tus Muab Kev Pabcuam, thiab (iii) tau txais SOC 1, SOC 2 thiab SOC 3 kev tshuaj xyuas (nrog cov ntawv ceeb toom ib nrab xyoo). Cov ntsiab lus ntxiv txog AWS cov kev ua raws cai, suav nrog FedRAMP ua raws thiab GDPR ua raws, tuaj yeem pom ntawm AWS' website.

We do not offer customers the option of hosting AhaSlides on a private server, or to otherwise use AhaSlides on a separate infrastructure.

Nyob rau hauv lub neej yav tom ntej, yog tias peb txav peb cov kev pabcuam tsim khoom thiab cov neeg siv cov ntaub ntawv, lossis ib feem ntawm lawv, mus rau lwm lub tebchaws lossis lwm lub platform huab, peb yuav sau ntawv ceeb toom rau tag nrho peb cov neeg siv 30 hnub ua ntej.

Kev ntsuas kev nyab xeeb raug coj los tiv thaiv koj thiab koj cov ntaub ntawv ob qho tib si rau cov ntaub ntawv thaum so thiab cov ntaub ntawv hauv kev thauj mus los.

Cov ntaub ntawv thaum so

User data is stored on Amazon RDS, where data drives on servers use full disk, industry-standard AES encryption with a unique encryption key for each server. File attachments to AhaSlides presentations are stored in Amazon S3 service. Each such attachment is assigned a unique link with an unguessable, cryptographically strong random component, and are only accessible using a secure HTTPS connection. Additional details on Amazon RDS Security can be found no. Cov ntsiab lus ntxiv ntawm Amazon S3 Security tuaj yeem pom no.

Cov ntaub ntawv hauv kev thauj mus los

AhaSlides uses industry standard Transport Layer Security (“TLS”) to create a secure connection using 128-bit Advanced Encryption Standard (“AES”) encryption. This includes all data sent between the web (including the landing website, the Presenter web app, the Audience web app, and internal administrative tools) and the AhaSlides servers. Tsis muaj qhov kev xaiv tsis-TLS rau kev sib txuas AhaSlides. All connections are made securely over HTTPS.

Backups thiab Data Poob Tiv Thaiv

Cov ntaub ntawv rov qab tsis tu ncua thiab peb muaj qhov tsis siv neeg tsis siv neeg ua haujlwm yog tias lub ntsiab tsis ua haujlwm. Peb tau txais kev tiv thaiv muaj zog thiab tsis siv neeg los ntawm peb cov chaw muab ntaub ntawv ntawm Amazon RDS. Cov ntsiab lus ntxiv ntawm Amazon RDS Backup thiab Restore cov lus cog tseg tuaj yeem pom no.

Cov Lus Qhia Tus Neeg Siv

We encrypt (hashed and salted) passwords using the PBKDF2 (with SHA512) algorithm to protect them from being harmful in the case of a breach. AhaSlides can never see your password and you can self-reset it by email. User session time-out is implemented meaning that a logged-in user will be automatically logged out if they are not active on the platform.

Cov Lus Qhia Them Nqi

Peb siv PCI-raws li kev them nyiaj processors Stripe thiab PayPal rau encrypting thiab ua cov credit/debit card them. Peb yeej tsis pom lossis lis cov ntaub ntawv credit/debit card.

Kev ruaj ntseg xwm txheej

Peb muaj nyob rau hauv qhov chaw thiab yuav tswj kom tsim nyog cov kev cai thiab lub koom haum kev ntsuas los tiv thaiv tus kheej cov ntaub ntawv raws li zoo raws li lwm yam ntaub ntawv tiv thaiv kev huam yuaj los yog tsis raug cai raug puas tsuaj los yog kev huam yuaj, alternation, tsis tso cai qhia tawm los yog nkag mus rau, thiab tawm tsam tag nrho lwm yam kev cai lij choj cov ntaub ntawv ntawm kev ua (a "Kev ruaj ntseg teeb meem ").

We have an incident management process to detect and handle Security Incidents which shall be reported to the Chief Technology Officer as soon as they are detected. This applies to AhaSlides employees and all processors that handle personal data. All Security Incidents are documented and evaluated internally and an action plan for each individual incident is made, including mitigatory actions.

Lub Sijhawm Saib Xyuas Kev Ruaj Ntseg

This section shows how often AhaSlides conducts security revisions and conducts different types of tests.

Kev uaZaus
Kev cob qhia cov neeg ua haujlwm ruaj ntsegThaum pib ntawm kev ua haujlwm
Tshem tawm qhov system, kho vajtse thiab cov ntaub ntawv nkagThaum kawg ntawm kev ua haujlwm
Ua kom cov qib nkag mus rau txhua lub tshuab thiab cov neeg ua haujlwm raug raug thiab ua raws li lub hauv paus ntsiab lus ntawm tsawg kawg nkausIb zaug dhau ib zaug
Xyuas kom tag nrho cov tsev qiv ntawv tseem ceeb tau hloov kho tshiabTxuas ntxiv mus
Chav ntsuas thiab kev sib xyaw ua keTxuas ntxiv mus
Kev ntsuam xyuas sab nraudIb zaug dhau ib zaug

Kev ruaj ntseg ntawm lub cev

Qee qhov ntawm peb cov chaw ua haujlwm sib koom ua vaj tsev nrog lwm lub tuam txhab. Vim li ntawd, txhua qhov kev nkag mus rau peb cov chaw ua haujlwm raug kaw 24/7 thiab peb yuav tsum muaj cov neeg ua haujlwm thiab cov qhua tuaj xyuas ntawm lub qhov rooj siv Smart Key Security System nrog QR Code nyob. Tsis tas li ntawd, cov neeg tuaj saib yuav tsum tuaj xyuas nrog peb lub rooj sab laj thiab yuav tsum muaj kev saib xyuas thoob plaws hauv lub tsev txhua lub sijhawm. CCTV npog cov ntsiab lus nkag thiab tawm 24/7 nrog cov cav ua rau peb sab hauv.

AhaSlides' production services are hosted on Amazon Web Services platform (“AWS”). The physical servers are located in AWS’ secure data centres as stated in section "Data Security" above.

changelog

Puas muaj lus nug rau peb?

Sib cuag. Email rau peb ntawm nyob zoo@ahaslides.com.