Your data’s security is our primary priority as a cloud provider. Here, we’ve listed crucial precautions to keep your data confidential. We also take a variety of extra precautions and safety procedures that would either be I difficult to explain or (ii) risky to disclose to the general public. If you have any queries, please not hesitate to contact us.
Certified to ISO 27001
The ISO/IEC 27001:2013 standard, which is widely regarded as the top information security management system (ISMS) standard, has been certified as compatible with Spark.
Amazon Web Services servers are used to host our application.
Continuous audits of Amazon Web Services’ offerings have shown that, among other things, they adhere to the following standards:
- ISO 27001
- ISO 27017
- ISO 27018
- SOC 2
- SOC 3
Only in accordance with the GDPR and if the precise conditions of Article 44 et seq. of the General Data Protection Regulation (GDPR) have been met will any data transfers to nations that are not members of the European Union or the European Economic Area take place. A transfer specifically calls for a written contract between Spark and any subcontractor that ensures at least the same degree of data protection as required by standard contractual clauses (SCCs) set forth by the European Commission.
Passwords
Your passwords are never kept in plain form and are always encrypted (hashed with salts). When a user attempts to log in, the platform encrypts their password in a similar manner, and then compares the encrypted versions to see whether they match. Also, as we only have access to the encrypted form of the password, we are unable to retrieve it for you; instead, you must reset it if you lose it. When a user registers up, we impose a minimum password length for added protection.
Encryption of data
Our servers and your users’ communications are always SSL-encrypted. The industry-standard security method for creating an encrypted link between a web server and a browser is SSL (Secure Sockets Layer). This connection guarantees the privacy and integrity of all information transmitted between the web server and browsers. Millions of websites utilize SSL, a widely accepted industry standard, to secure their online transactions with clients.
Moreover, we use the industry-standard AES-256 technique to encrypt all of the data in our database using encryption-at-rest. This indicates that your data is never stored in the database in plain text and is always encrypted both before and after access.