Advanced Data Security Protections
SERVER SECURITY COMPLIANT
ContractClub operates on robust and highly secured servers that comply with international security standards, including:
- HIPAA, Cloud Security Alliance and MPAA
- PCI DSS Level 1
- ISO 27001
- SSAE 16/SOC 1, SOC 2, and SOC 3
- FISMA, DIACAP, FedRAMP, and FIPS 140-2
HARDWARE AND SYSTEMS SECURITY
ContractClub stores all of your content in servers physically located in Canada with geographically dispersed automated-backups and redundancies. All servers are ISO 27001-certified and SSAE 16-audited. These data centres include state-of-the-art physical and environmental access controls and safety features including:
- 24/7 professional security staff, video surveillance, and intrusion detection systems
- Fire detection and suppression, redundant electrical power systems, and uninterruptible power supply (UPS)
- Monitoring of electrical, mechanical, and life support systems and equipment
Your connections to ContractClub are encrypted with bank-grade AES-256 secure encryption protocols. The AES-256 protocol was established by US National Institute of Standards and Technology (NIST) and uses the SHA-2 protocol to ensure data integrity.
Every document that you create or upload is encrypted with these protocols. Only you can view them or people that you share them with. ContractClub staff are not able to view your documents.
RELIABILITY AND BACKUPS
In addition to server redundancies, all data stored on ContractClub is automatically backed-up daily to prevent or minimize any data loss.
ContractClub hires third-party security consulting providers to audit our security systems and procedures on a regular basis. Each employee receives security training and all new features are subject to a security analysis before being implemented.
ContractClub does not store or process any credit card information on our servers. Payments are processed by Stripe, Inc., a PCI Data Security Standard (PCI DSS) Level 1 provider and the one of the largest processors of digital payments. PCI Data Security Standard (PCI DSS) ensures companies that process, store or transmit credit card information maintain a secure environment.