Data Handling Procedures
Last modified: June 9, 2020
Data Sharing
BlackBoiler does not share any data provided by its clients with any 3rd party. All data is secured in a data silo accessible only by the client and necessary BlackBoiler staff.
Data Storage
BlackBoiler uses AWS cloud infrastructure for SaaS services, data processing and data storage. Access to those resources is secured via VPN, secure tokens and whitelists. Only approved BlackBoiler employees are given tokens enabling access to these resources and then only from known IP addresses.
Data Encryption
All data stored at rest is encrypted with AES256.
Data Transfer
BlackBoiler transfers all data across secure connections via SSL connections between servers and between BlackBoiler servers and client machines.
Data Handling
Data provided by clients is stored on a secure AWS server. In some instances, individual client files may be temporarily downloaded onto a BlackBoiler employee’s encrypted hard drive for testing purposes.
Hardcopy Data
BlackBoiler does not, in the normal course of business, print customer data. However, any hardcopy data is stored in locked filing cabinets when not in use, and destroyed when no longer needed.
Infrastructure Security
BlackBoiler uses AWS cloud services for its infrastructure. In order to secure client data, BlackBoiler uses multiple levels of access control as well as application and infrastructure monitoring. Please request a security sheet if more information is needed.
For additional questions and/or concerns please contact:
Jonathan Herr, Co-Founder & CTO