How TENSANO secures your data
At TENSANO, we are committed to protecting your data and ensuring your privacy. Your information may be shared to facilitate communication regarding your profile, account, or services. Additionally, we reserve the right to disclose your data to law enforcement agencies when required by law. We handle your information responsibly in accordance with applicable regulations, prioritizing your privacy at every step.
Data at Rest
Our hosting provider uses infrastructure provided by Amazon Web Services (AWS) in multiple physical locations in the EU and the US. The infrastructure containing personal data is located in two AWS regions - us-east-1 (North Virginia) and eu-west-1 (Ireland).
On a physical level, AWS ensures high-grade security of the data centers. On a logical level, our hosting provider controls access to data. Special effort is taken to ensure that the following principles are followed when managing access whenever possible:
- Access is granted only to systems or personnel that need access in order to function or perform their work
- Access is granted in accordance with the least privileges principle - i.e. only the amount of access that is required is given and further access is denied by default
When certain personal data is no longer needed, it is either anonymized or deleted altogether from our hosting provider’s systems within 12 months.
Many of our hosting provider’s systems generate logs. The purpose of collecting the logs is so that our hosting provider can:
- Diagnose and fix issues with its software or systems
- Monitor and understand the performance of its systems
- Be able to investigate or prevent fraud
- Have an audit trail for important events.
Logs are deleted after 12 months, unless other special requirements exist for particular logs.
Data in Transit
To reduce the risk of data leakage while utilizing our services, we partnered with a hosting provider that implements industry-standard HTTPS web encryption for all transmitted data. This robust encryption method ensures that your information is securely transmitted over the internet. Furthermore, the likelihood of data leakage during these transmissions is comparable to that of other websites employing HTTPS protocols, providing you with peace of mind regarding the safety of your information.
Data Handling
TENSANO takes data security very seriously and security is a conscious part of our development and operations processes.
Data security is taken into account in all parts of data handling: collection, storage, management, access and eventually deletion of the data when that is requested or the data is no longer needed. This is achieved through the following actions via our hosting provider:
- Encrypted communication channels are always used when data is transmitted over a public network
- Passwords are always stored securely, hashed with a cryptographically secure one-way hashing function
- Other pieces of sensitive data may be additionally encrypted at the application level (such as customer Stripe API keys, for instance)
- Access to data is granted only to systems or personnel that need access in order to function or perform their work
- Access is granted in accordance with the least privileges principle - i.e. only the amount of access that is required is given and further access is denied by default.
- Data is deleted (or pseudonymized when deletion is not practically possible) when the data subject requests it or when it has become clear that the data is no longer needed.
Data access is controlled on multiple levels (network, application, user, etc), using appropriate security mechanisms provided by the infrastructure or service provider. For instance, for data stored in AWS, AWS IAM policies and network security groups are heavily utilized.
Device and Data Security
As TENSANO utilizes the infrastructure of our hosting provider, which leverages a selection of resources from Amazon Web Services (AWS) across multiple physical locations in the EU and the US, we are pleased to share their data security and protection practices. These measures demonstrate a strong commitment to safeguarding your information and ensuring its reliability:
- Strongly encourage the use of two-factor authentication for all accounts that support it
- Enforce two-factor authentication for all employee AWS accounts
- Employee computers must have full disk encryption enabled and must be protected with strong passwords
- Ensure that security patches are regularly installed for operating systems and key software
- Avoid storing copies of any sensitive data, such as customer data, on their devices
- Ensure that any backups on external media are always encrypted
- Ensure that mobile devices are always protected with a locking mechanism (e.g. PIN) and have encryption enabled whenever technically possible
- Ensure that access credentials are stored in a secure way (such as using a secure password manager)
- Avoid storing company data on devices not owned by the hosting provider
- Avoid accessing company systems from personal devices (not owned by the hosting provider) and in particular should avoid storing authentication credentials on such devices, unless they meet similar criteria for security and protection
- Office doors are kept locked when there are no employees present
- Office building main doors are locked outside of office hours
Recording consent for handling of Data
In general, TENSANO's clients and providers agree to TENSANO's processing of their data when they accept the Terms of Service and Privacy Policy during account creation.
Storing Credit Card Information
When you choose to store your credit card information with TENSANO, please note that it is actually stored securely by Stripe, our payment processor. Stripe is trusted by some of the world's most successful platforms, including Shopify, Mindbody, and DocuSign, ensuring that your data is managed with a strong focus on security and reliability.
We recognize that data security is a growing concern, and we want to assure you that your information is safeguarded through robust security measures. Your trust is of utmost importance to us, and we are dedicated to upholding the confidentiality of your data.