innoloop is hosted on the Google Cloud Platform (GCP), a scalable high-performance cloud computing platform - protected by more than 500 top experts in information, application, and network security.
The Google Cloud Platform infrastructure is certified for a growing number of compliance standards and undergoes several independent third party audits to test for data safety, privacy, and security.
The list of Google Cloud Platform certifications, including ISO 27001, ISO 27017, ISO 27018, PCI DSS v3.1 and SOC reports 2, and 3, is available on their Google Cloud Platform Compliance page.
You can read more on the Google Cloud Platform Security page.
All innoloop communications are transmitted over an encrypted channel (TLS 1.2) using state of the art RSA 2048 bit keys. Meaning that data in transmission cannot be viewed by a third party and is the same level of encryption used by banks and financial institutions. Our Qualys SSL Rating is A+.
Company-specific data is kept separate through logical separation at the data tier, based on application-level access permissions and roles.
Our in-house engineering team has architected and developed innoloop based on the best practices in the technology industry. We monitor ongoing security, performance and availability 24/7/365. The application is tested on an ongoing basis for security vulnerabilities, which are patched and deployed quickly after discovery.
All billing and credit card information is processed and stored with our payment partner, Stripe, who have their own strict security policies. Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry.
We do not store credit card information on our own servers.
Questions / Disclosures
If you have any questions, concerns or disclosures regarding innoloop's security, please contact us at firstname.lastname@example.org