Success is built on trust
And trust starts with information. On this page, you can read about HeroBase’s security measures and how we ensure that we are in GDPR Compliance.
We guarantee that your data is in safe hands with us!
Is HeroBase GDPR compliant?
Physical servers are hosted in our physical data centers in Denmark, and we are working on establishing second and third failover sites for our web application, which would be the AWS data centers in Frankfurt, Germany, and Dublin, Ireland.
Production data is hosted in EU-based data centers only, and no data ever leaves the European Union.
The overall architecture and security setup is illustrated in right side off the screen (Click this link to see full size)
- All data protected behind multiple firewalls
- Databases not available via the public internet, only via VPN
- All data transfer takes place over HTTPS only
- Fail2ban is in place in front of publicly exposed services
- All network traffic is monitored, logged and analyzed in real-time, alerting relevant personnel if abnormal patterns are detected
- Users authenticate using instance name, username and password
- IP restrictions can be applied, meaning that logins will only be authenticated when they originate from a list of IP addresses specified by you
- Multi-Factor Authentication can be applied to all HeroBase users
How can HeroBase assist in your GDPR compliance efforts?
- Easily specifying an interval for auto-deletion of your data stored in our platform
- Leads can be black-listed to avoid future contact
- Logs of all interactions with businesses or private individuals are easily searchable and accessible from the frontend
- All actions within our platform – including data exports – are logged.