Information security policy

Physical infrastructure security

Teamspective’s physical infrastructure is hosted and managed within Amazon’s secure data centers in Europe and utilize the Amazon Web Service (AWS) technology. Amazon continually manages risk and undergoes recurring assessments to ensure compliance with industry standards. Amazon’s data centers are among the most physically secure places in the world and their operations have been accredited under:

  • ISO 27001
  • SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
  • PCI Level 1
  • FISMA Moderate
  • Sarbanes-Oxley (SOX)

For additional information see: https://aws.amazon.com/security

Data security

Encrypted in transit

All communication between your users and our servers is encrypted in TLS 1.2. Additionally, all communication between our servers are TLS 1.2 -encrypted. This link ensures that all data passed between the web server and browsers remain private and integral. TLS is an industry standard and is used by millions of websites in the protection of their online transactions with their customers.

Encrypted at rest

All data in our database is encrypted at rest with AES-256, block-level storage encryption. Encryption operations occur on the servers that host the database instances.

Backups

Encrypted backups are created and stored on a continuous basis by our hosting provider.

Privacy

Teamspective has published a privacy policy that clearly defines what data is collected, why we collect it and how it is used.

Internal security policies

Our team is highly security-aware, and security is our top priority.

We regularly hold internal security briefings and make sure every employee is aware of current best security practices. All non-trivial code is reviewed by at least one developer before being deployed.

Password managers and different passwords for all sites are required and passwords must be regularly updated. To protect access to data we use 2FA where available. Employees are responsible for keeping their own devices up to date. Device hard drives must be encrypted.

Incident response

Our team is well prepared to handle any incident and doing so will be the top priority. We have so far experienced no successful cyber attacks.

Full disclosure policy

We believe in transparency – if anything serious ever happens and your data is affected, we will provide full disclosure within 48h to enable you to take precautions and minimise the damage.

Ready to get started?

Sign up for Teamspective and start building a winning workplace today – free for up to 30 people per workspace

*No Credit Card Required

Teamspective is a people analytics platform that helps teams improve their performance through better feedback and data-driven leadership.

Your data is safe with Teamspective
Read more in our Trust Center
GDPRSOC 2CCPAHIPAA
Service status
© 2024 Teamspective. All Rights Reserved