Your Privacy and Data Security Matters
Enquiry Tracker is a secure site, designed with privacy and security as a top priority. We apply stringent processes to ensure your data is safe throughout design, development, testing and day to day operations.
- Enquiry Tracker will NEVER share or rent your data to anyone without your consent.
- You can delete and or remove all of your data from your account at any time.
Account and Password Protection
- Your account is always password protected, and we utilise strong password policy and non-reversible hashing for storage of the password.
- You have the additional security option to enable Two-Factor Authentication, via a Google enabled account, which prevents anyone from accessing your account without possessing your physical device.
- The security sub-layer is capable of detecting any anomaly within the system to proactively prevent malicious activities and alert our security staff.
- Google uses several layers of encryption to protect customer data at rest in Google Cloud Platform products.
- Google Cloud Platform encrypts customer content stored at rest, without any action required from the customer, using one or more encryption mechanisms. There are some minor exceptions, noted further in this document.
- Data for storage is split into chunks, and each chunk is encrypted with a unique data encryption key. These data encryption keys are stored with the data, encrypted with (“wrapped” by) key encryption keys that are exclusively stored and used inside Google’s central Key Management Service. Google’s Key Management Service is redundant and globally distributed.
- Data stored in Google Cloud Platform is encrypted at the storage level using either AES256 or AES128.
- Google uses a common cryptographic library, CrunchyCrypt, to implement encryption consistently across almost all Google Cloud Platform products. Because this common library is widely accessible, only a small team of cryptographers needs to properly implement and maintain this tightly controlled and reviewed code.
Security and Network Protection
- Enquiry Tracker’s network is designed with security in mind. This includes firewalls and Transport Layer Security (TLS).
- Enquiry Tracker Service only permits known connections/protocols, all other connections are refused and enforced by Google Cloud firewalls.
- Secure storage and access of client data is a top priority of the cloud-based monitoring system. Each user has a unique username and password that is stored in a database, accessible only by the cloud-based monitoring system.
- The Service uses HTTPS, the well-known and understood HTTP protocol, and layers a SSL/TLS (referred to simply as “SSL”) encryption layer on top. Servers and clients still communicate via HTTP, but over a secure SSL connection that encrypts and decrypts requests and responses.
- Enquiry Tracker continuously optimises its security infrastructure, both within the application code and across our network/system platform.
Infrastructure and Hosting
- Enquiry Tracker’s physical infrastructure is hosted and managed within Google’s secure data centers, utilising Google Cloud Platform (GCP) technology.
- Google data centers are state of the art, utilising innovative architecture and engineering approaches. GCP provides a highly reliable, scalable and secure infrastructure platform.
- Your data is stored on servers in your region, and will never be stored outside of that region: Asia Pacific User data is stored in Australia (Sydney)
Enquiry Tracker automatically backs up your data every day and stored for seven days in Google Cloud.
Security and Privacy Compliance
- GCP computing environments are continuously audited, with certifications from accreditation bodies across geographies.
- GCP is fully compliant with applicable EU data protection laws.
- In the event of a suspected data breach, Enquiry Tracker has a Critical Incident Response process , and a Data Breach Policy Notification and Incident Response Plan that is reviewed regularly.
Report a Vulnerability
If you believe you have found a security vulnerability on Enquiry Tracker, please let us know right away by contacting [email protected].
We will investigate all reports and do our best to quickly fix valid issues.
The Organisation agrees that the they or their Users shall not do anything to prejudice the security or privacy of the Company’s systems or the information on them.
The Company shall do all things reasonable to ensure that the transmission of data occurs according to accepted industry standards. It is up to the Organisation to ensure that any transmission standards meet the Organisation’s operating and legal requirements.
The Company may limit the amount of data that the User stores in Enquiry Tracker, and shall advise the User of such. Data that is stored with Enquiry Tracker shall be stored according to accepted industry standards.
The Company shall perform backups of Enquiry Tracker in as reasonable manner at such times and intervals as are reasonable for its business purposes. The Company does not warrant that it is able to backup or recover specific Content from any period of time unless so stated in writing by the Company.
By accepting the terms of this Agreement the Organisation agrees that the Company shall provide access to Enquiry Tracker to the best of its abilities, however: Access to Enquiry Tracker may be prevented by issues outside of its control; and It accepts no responsibility for ongoing access to Enquiry Tracker.