{"component": "clause", "props": {"groups": [{"snippet": "Database only accessible from the API (database not available over the public internet) \u2022 Data encrypted at rest using Transparent Data Encryption (TDE) \u2022 SSL encryption used when transferring data between the API and the application \u2022 Microsoft advanced threat protection", "size": 2, "snippet_links": [{"key": "not-available", "type": "definition", "offset": [48, 61]}, {"key": "public-internet", "type": "definition", "offset": [71, 86]}, {"key": "data-encryption", "type": "definition", "offset": [131, 146]}, {"key": "ssl-encryption", "type": "clause", "offset": [155, 169]}, {"key": "the-application", "type": "clause", "offset": [218, 233]}, {"key": "advanced-threat-protection", "type": "clause", "offset": [246, 272]}], "samples": [{"hash": "dQJ5SYDiMtV", "uri": "/contracts/dQJ5SYDiMtV#security-measures-for-personal-data", "label": "Terms of Business", "score": 33.3450732385, "published": true}, {"hash": "lXpGAXVQiEH", "uri": "/contracts/lXpGAXVQiEH#security-measures-for-personal-data", "label": "Agreement for the Supply, Installation, Licensing, and Support of FCS Elections", "score": 31.1490325928, "published": true}], "hash": "dfbdac501402b33d1654fabe35ed9c45", "id": 2}, {"snippet": "All the data is transmitted over Secure Sockets Layer (SSL) and stored in secure data centers which are SSAE compliant and ISO certified. All personal information is securely stored using either AES 256-bit or SHA-256 cryptographic hash algorithm for maximum protection; TLS encryption for data encryption while the same is in transition.", "size": 10, "snippet_links": [{"key": "the-data", "type": "clause", "offset": [4, 12]}, {"key": "secure-sockets-layer", "type": "definition", "offset": [33, 53]}, {"key": "secure-data-centers", "type": "clause", "offset": [74, 93]}, {"key": "personal-information", "type": "clause", "offset": [142, 162]}, {"key": "hash-algorithm", "type": "clause", "offset": [232, 246]}, {"key": "data-encryption", "type": "definition", "offset": [290, 305]}], "samples": [{"hash": "55brIWk2TfG", "uri": "/contracts/55brIWk2TfG#security-measures-for-personal-data", "label": "Terms and Conditions", "score": 34.6622009277, "published": true}, {"hash": "1zEWp8SDVoW", "uri": "/contracts/1zEWp8SDVoW#security-measures-for-personal-data", "label": "Terms and Conditions", "score": 33.0334663391, "published": true}, {"hash": "hX02Oe3sikS", "uri": "/contracts/hX02Oe3sikS#security-measures-for-personal-data", "label": "Terms and Conditions", "score": 32.9872817993, "published": true}], "hash": "42c3ffdb477aa47bb215f5581aebebfd", "id": 1}, {"snippet": "Network intrusion detection system and proactive IP banning, combined with full access logging. \u2022 UK-based servers administered by a ISO 27001 certified, G-Cloud provider. \u2022 Enforced TLS, ensuring that data exchange between users and our servers is fully encrypted. \u2022 Optional 2FA to ensure greater account security. \u2022 Optional IP address whitelisting to only allow access to account whilst using corporate network. \u2022 Every interaction with data stored on the platform requires a unique validation key, which is destroyed and regenerated after every user action, providing an added layer of security. \u2022 Data-at-rest encryption for Customer collected data. \u2022 Sensitivite user credentials such as passwords and PII are fully hashed or encrypted before being stored in our database.", "size": 2, "snippet_links": [{"key": "intrusion-detection-system", "type": "definition", "offset": [8, 34]}, {"key": "full-access", "type": "definition", "offset": [75, 86]}, {"key": "iso-27001", "type": "definition", "offset": [133, 142]}, {"key": "cloud-provider", "type": "definition", "offset": [156, 170]}, {"key": "data-exchange", "type": "definition", "offset": [202, 215]}, {"key": "between-users", "type": "clause", "offset": [216, 229]}, {"key": "our-servers", "type": "definition", "offset": [234, 245]}, {"key": "to-ensure", "type": "clause", "offset": [281, 290]}, {"key": "account-security", "type": "definition", "offset": [299, 315]}, {"key": "ip-address", "type": "definition", "offset": [328, 338]}, {"key": "access-to-account", "type": "clause", "offset": [366, 383]}, {"key": "the-platform", "type": "definition", "offset": [456, 468]}, {"key": "for-customer", "type": "definition", "offset": [627, 639]}, {"key": "collected-data", "type": "clause", "offset": [640, 654]}, {"key": "user-credentials", "type": "clause", "offset": [670, 686]}], "samples": [{"hash": "kDWItYdyCLP", "uri": "/contracts/kDWItYdyCLP#security-measures-for-personal-data", "label": "Service Agreement", "score": 33.0318107605, "published": true}, {"hash": "gNORsgGjEN5", "uri": "/contracts/gNORsgGjEN5#security-measures-for-personal-data", "label": "sums.org Agreement", "score": 31.1812858582, "published": true}], "hash": "7fb12c577069fbf79a61a5944ea37303", "id": 3}, {"snippet": "The Hosted Service by default, only allows the export of customer data where the customer has explicitly opted in.", "size": 2, "snippet_links": [{"key": "hosted-service", "type": "clause", "offset": [4, 18]}, {"key": "by-default", "type": "clause", "offset": [19, 29]}, {"key": "export-of-customer-data", "type": "clause", "offset": [47, 70]}, {"key": "where-the-customer", "type": "clause", "offset": [71, 89]}], "samples": [{"hash": "jI27rGidoHH", "uri": "/contracts/jI27rGidoHH#security-measures-for-personal-data", "label": "Terms and Conditions", "score": 25.7159481049, "published": true}], "hash": "7d748643f49127fbd8c3d1059900a070", "id": 4}, {"snippet": "5.1 Access to the system is via a https encrypted connection. Additional security to access the system is available by way of enabling Two Factor Authentication (TFA) and using Authenticator Apps such as Google Authenticator to enter a code.", "size": 1, "snippet_links": [{"key": "access-to-the-system", "type": "clause", "offset": [4, 24]}, {"key": "additional-security", "type": "definition", "offset": [62, 81]}, {"key": "available-by", "type": "definition", "offset": [106, 118]}, {"key": "two-factor-authentication", "type": "definition", "offset": [135, 160]}, {"key": "to-enter", "type": "definition", "offset": [225, 233]}], "samples": [{"hash": "9GXyGgmND6v", "uri": "/contracts/9GXyGgmND6v#security-measures-for-personal-data", "label": "Sales Order", "score": 32.2177314758, "published": true}], "hash": "9ca3f5118ad0e50ec71d774730de1a01", "id": 5}, {"snippet": "Sorry will take all reasonable steps to ensure that personal information is encrypted in transit and at rest, treated with respect and care.", "size": 1, "snippet_links": [{"key": "reasonable-steps", "type": "clause", "offset": [20, 36]}, {"key": "to-ensure", "type": "clause", "offset": [37, 46]}, {"key": "personal-information", "type": "clause", "offset": [52, 72]}], "samples": [{"hash": "9ECffJHLIj1", "uri": "/contracts/9ECffJHLIj1#security-measures-for-personal-data", "label": "Data Processing Agreement", "score": 32.6255989075, "published": true}], "hash": "caba33e6c33501acafc6d6f1e93e5b40", "id": 6}, {"snippet": "The Provider takes security measures to ensure the safety of all sensitive personal data in the database. This includes, but not exclusively, https (SSL) connections, encryption, firewall, user roles, optimal cookie use, an optimal authentication flow, and the training of staff and sub-processors.", "size": 1, "snippet_links": [{"key": "the-provider", "type": "definition", "offset": [0, 12]}, {"key": "to-ensure", "type": "clause", "offset": [37, 46]}, {"key": "the-safety", "type": "clause", "offset": [47, 57]}, {"key": "sensitive-personal-data", "type": "definition", "offset": [65, 88]}, {"key": "the-database", "type": "definition", "offset": [92, 104]}, {"key": "user-roles", "type": "definition", "offset": [189, 199]}, {"key": "training-of-staff", "type": "clause", "offset": [261, 278]}], "samples": [{"hash": "1Ao88czAllM", "uri": "/contracts/1Ao88czAllM#security-measures-for-personal-data", "label": "Growe Online Terms", "score": 24.7056808472, "published": true}], "hash": "cb71b6311503e5021cf4a1fb08d65ca0", "id": 7}, {"snippet": "All data is stored behind a sophisticated firewall within a state-of-the-art data security facility in Switzerland.", "size": 1, "snippet_links": [{"key": "data-security", "type": "clause", "offset": [77, 90]}], "samples": [{"hash": "4prLILjQHKZ", "uri": "/contracts/4prLILjQHKZ#security-measures-for-personal-data", "label": "Data Processing Agreement", "score": 23.3381252289, "published": true}], "hash": "d8a8d51139c0d2ad8a75c4b438e38995", "id": 8}, {"snippet": "Personal Data is held behind Firewalls and is further protected by encryption of data in flight and at rest. Retention of historic records is minimised based on operational requirements.", "size": 1, "snippet_links": [{"key": "personal-data", "type": "clause", "offset": [0, 13]}, {"key": "encryption-of-data", "type": "clause", "offset": [67, 85]}, {"key": "retention-of", "type": "clause", "offset": [109, 121]}, {"key": "based-on", "type": "definition", "offset": [152, 160]}, {"key": "operational-requirements", "type": "definition", "offset": [161, 185]}], "samples": [{"hash": "bhEuxPgAxKo", "uri": "/contracts/bhEuxPgAxKo#security-measures-for-personal-data", "label": "Master Agreement for Managed It Services", "score": 29.3618278503, "published": true}], "hash": "31c5c01abef7f371bca00c6883b3e979", "id": 9}, {"snippet": "ChargeDesk uses a third party enterprise-class web application firewall to restrict access to our services. We have also internally developed a highly advanced Reputation Management System which would rival most banks. This system monitors access points to your customer\u2019s data and automatically blocks any threats it identifies. We use a \u2018block first, ask questions later\u2019 approach and all subsequent requests by a potential threat will also be blocked - only a manual review by our support team will lift a block. All communication with our service is performed through a secure connection. We do not provide any non-SSL endpoints. We support the most modern ciphers and important recent innovations such as Forward Secrecy and Strict Transport Security. Data encryption is applied wherever possible which means that even in transit between our servers, your data is kept encrypted. ChargeDesk takes reasonable steps to ensure that only authorized personnel have access to such Personal Data and that any persons whom it authorizes to have access to the Personal Data are under obligations of confidentiality. All access to Personal Data by our employees is behind 2 factor authentication, logged, monitored, and tracked. All our servers are firewalled and kept updated with the latest security patches. All security keys and passwords stored by our application on your behalf are kept encrypted at rest. Further information is set out on the ChargeDesk security page: \u2587\u2587\u2587\u2587\u2587://\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587.\u2587\u2587\u2587/security", "size": 1, "snippet_links": [{"key": "a-third-party", "type": "clause", "offset": [16, 29]}, {"key": "web-application", "type": "definition", "offset": [47, 62]}, {"key": "access-to-our-services", "type": "clause", "offset": [84, 106]}, {"key": "management-system", "type": "definition", "offset": [171, 188]}, {"key": "access-points", "type": "definition", "offset": [240, 253]}, {"key": "your-customer", "type": "clause", "offset": [257, 270]}, {"key": "ask-questions", "type": "clause", "offset": [353, 366]}, {"key": "subsequent-requests", "type": "clause", "offset": [391, 410]}, {"key": "potential-threat", "type": "definition", "offset": [416, 432]}, {"key": "support-team", "type": "definition", "offset": [484, 496]}, {"key": "secure-connection", "type": "clause", "offset": [574, 591]}, {"key": "any-non", "type": "clause", "offset": [611, 618]}, {"key": "forward-secrecy", "type": "clause", "offset": [710, 725]}, {"key": "data-encryption", "type": "definition", "offset": [757, 772]}, {"key": "wherever-possible", "type": "clause", "offset": [784, 801]}, {"key": "our-servers", "type": "definition", "offset": [843, 854]}, {"key": "your-data", "type": "clause", "offset": [856, 865]}, {"key": "reasonable-steps", "type": "clause", "offset": [902, 918]}, {"key": "to-ensure", "type": "clause", "offset": [919, 928]}, {"key": "authorized-personnel", "type": "definition", "offset": [939, 959]}, {"key": "persons-whom", "type": "clause", "offset": [1007, 1019]}, {"key": "the-personal-data", "type": "definition", "offset": [1052, 1069]}, {"key": "obligations-of-confidentiality", "type": "clause", "offset": [1080, 1110]}, {"key": "access-to-personal-data", "type": "clause", "offset": [1116, 1139]}, {"key": "our-employees", "type": "clause", "offset": [1143, 1156]}, {"key": "security-patches", "type": "clause", "offset": [1288, 1304]}, {"key": "security-keys", "type": "clause", "offset": [1310, 1323]}, {"key": "further-information", "type": "clause", "offset": [1407, 1426]}, {"key": "set-out", "type": "definition", "offset": [1430, 1437]}, {"key": "security-page", "type": "definition", "offset": [1456, 1469]}], "samples": [{"hash": "eSdoAg8Ym7N", "uri": "/contracts/eSdoAg8Ym7N#security-measures-for-personal-data", "label": "Data Processing Agreement", "score": 29.2860107422, "published": true}], "hash": "24daa4c0f1995c582a36388970e078cd", "id": 10}], "next_curs": "CmwSZmoVc35sYXdpbnNpZGVyY29udHJhY3RzckgLEhZDbGF1c2VTbmlwcGV0R3JvdXBfdjU2IixzZWN1cml0eS1tZWFzdXJlcy1mb3ItcGVyc29uYWwtZGF0YSMwMDAwMDAwYQyiAQJlbhgAIAA=", "clause": {"parents": [["interpretation", "Interpretation"], ["limitations-on-support-services", "Limitations on Support Services"], ["harmful-software", "Harmful software"], ["governing-law-and-jurisdiction", "GOVERNING LAW AND JURISDICTION"], ["general", "General"]], "size": 25, "title": "Security measures for Personal Data", "children": [["", ""], ["goals-objectives", "Goals & Objectives"], ["periodic-review", "Periodic Review"], ["service-scope", "Service Scope"], ["transfer-of-personal-data-during-setup-of-the-hosted", "Transfer of Personal Data during setup of the Hosted"]], "id": "security-measures-for-personal-data", "related": [["your-personal-data", "Your Personal Data", "Your Personal Data"], ["security-measures", "Security Measures", "Security Measures"], ["personal-data", "Personal Data", "Personal Data"], ["safeguard-measures", "Safeguard Measures", "Safeguard Measures"], ["safety-measures", "Safety Measures", "Safety Measures"]], "related_snippets": [], "updated": "2025-07-12T05:45:48+00:00"}, "json": true, "cursor": ""}}