We protect your data
All data are written to multiple disks instantly, and backed up daily. Files that our customers upload are stored on servers that use modern techniques to remove bottlenecks and points of failure.
Your data are sent using HTTPS
Whenever your data are in transit between you and us, everything is encrypted, and sent using HTTPS.
Any files which you upload to us are stored and are encrypted at rest. Our application databases are generally not encrypted at rest - the information you add to the applications is active in our databases and subject to the same protection and monitoring as the rest of our systems.
Full redundancy for all major systems
Our servers - from power supplies to the internet connection operate at full redundancy.
Regularly-updated infrastructure
Our software infrastructure is updated regularly with the latest security patches. Our products are carefully monitored. While perfect security is a moving target, we follow best practices.
Monitoring
We monitor for nefarious activity against our domains. If an Arthur Maxwell, Inc. employee or contractor wrongly accesses customer data, they will face penalties ranging from termination to prosecution. In the unfortunate circumstances someone malicious does successfully mount an attack, we will immediately notify all affected customers.
Data & Physical Security in our Tech Stack
All Arthur Maxwell, Inc products' application data is hosted on Heroku and AWS, and Outseta is our CRM. Please consult their respective security policies for more information:
Heroku SecurityAWS Cloud SecurityOutseta Security
We do not store payment information on our servers. Instead we use tokenization with our payment processing partner Stripe. We use only the token to retrieve, access, or maintain customers' credit card information. Meanwhile, customers' real card data is stored with Stripe at a highly secure, offsite locations. Tokens have no meaning by themselves and are worthless to criminals if a company's system is breached in any way.
Stripe is certified as fully compliant with the PCI DSS. The PCI DSS covers 12 major categories of information security, including network design, data storage, intrusion monitoring and the use of security-aware IT policies.
We appreciate your concern
Keeping customer data safe and secure is a huge responsibility and a top priority. We work hard to protect our customers from the latest threats. Your input and feedback on our security is always appreciated.
Have a concern? Need to report an incident?
Have you noticed abuse, misuse, an exploit, or experienced an incident with your account? Please
email support@ourexperiences.com to report an issue.