FAQ - Partner

Click the link to read about all of Safeture’s Data Protection Measures:

All data sent to or from Safeture is encrypted in transit using HTTPS/TLS1.2+. Our API and application endpoints are minimum TLS1.2 and score an “A+” rating on Qualys SSL Labs‘ tests. This ensures we only use strong and correct cipher suites and have features such as HSTS and Perfect Forward Secrecy fully enabled. We also encrypt data at rest using an industry-standard AES-256 encryption algorithm.

Data is deleted after 3, 6, 12, and 18 months, depending on the sensitivity of the data.

• 3 months: Alerts sent
• 6 months: Logs, access logs, etc.
• 12 months: SMS data
• 18 months: Location data, Personal data

Safeture uses Fortlax and AddPro data centers, both of which are ISO/IEC 27001:2013 certified. The data and services are hosted in Sweden and are not subject to the US Cloud Act.

Safeture has built its Information Security Management System based on the ISO/IEC 27002:2013 controls to ensure the best practice protection controls are implemented based on industry standards and we are compliant with applicable local, federal and state regulations, as well as industry standards.These policies are updated frequently and communicated to all employees.

• All employees must also sign a non-disclosure agreement (NDA) and an ethics policy that governs the code of conduct.
• Safeture’s hosting data centers are both ISO/IEC 27001:2013 certified.
• Safeture is fully GDPR and CCPA compliant.