Preventing Unauthorized Product Access. Outsourced processing: We host our Service with outsourced cloud infrastructure providers. Additionally, we maintain contractual relationships with vendors in order to provide the Service in accordance with our DPA. We rely on contractual agreements, privacy policies, and vendor compliance programs in order to protect data processed or stored by these vendors. Physical and environmental security: We host our product infrastructure with multi- tenant, outsourced infrastructure providers. The physical and environmental security controls are audited for SOC 2 Type II and ISO 27001 compliance, among other certifications. Authentication: We implement a uniform password policy for our customer products. Customers who interact with the products via the user interface must authenticate before accessing non-public customer data. Authorization: Customer Data is stored in multi-tenant storage systems accessible to Customers via only application user interfaces and application programming interfaces. Customers are not allowed direct access to the underlying application infrastructure. The authorization model in each of our products is designed to ensure that only the appropriately assigned individuals can access relevant features, views, and customization options. Authorization to data sets is performed through validating the user’s permissions against the attributes associated with each data set. Application Programming Interface (API) access: Public product APIs may be accessed using an API key or through Oauth authorization.
Preventing Unauthorized Product Access. Outsourced processing: We host our Service with outsourced cloud infrastructure providers. Additionally, we maintain contractual relationships with vendors in order to provide the Service in accordance with our DPA. We rely on contractual agreements, privacy policies, and vendor compliance programs in order to protect data processed or stored by these vendors. Physical and environmental security: We host our product infrastructure with multi- tenant, outsourced infrastructure providers. We do not own or maintain hardware located at the outsourced infrastructure providers’ data centers. Production servers and client-facing applications are logically and physically secured from our internal corporate information systems. The physical and environmental security controls are audited for SOC 2 Type II and ISO 27001 compliance, among other certifications. Authentication: We implement a uniform password policy for our customer products. Customers who interact with the products via the user interface must authenticate before accessing non-public customer data. Authorization: Customer Data is stored in multi-tenant storage systems accessible to Customers via only application user interfaces and application programming interfaces. Customers are not allowed direct access to the underlying application infrastructure. The authorization model in each of our products is designed to ensure that only the appropriately assigned individuals can access relevant features, views, and customization options. Authorization to data sets is performed through validating the user’s permissions against the attributes associated with each data set. Application Programming Interface (API) access: Public product APIs may be accessed using an API key or through Oauth authorization.
Preventing Unauthorized Product Access. Third party data hosting and processing: We host our Service with third party cloud infrastructure providers. Additionally, we maintain contractual relationships with vendors in order to provide the Service in accordance with our DPA. We rely on contractual agreements, privacy policies, and vendor compliance programs in order to protect data processed or stored by these vendors. Physical and environmental security: We host our product infrastructure with multi-tenant, outsourced infrastructure providers. Their physical and environmental security controls are audited for SOC 2 Type II and ISO 27001 compliance, among other certifications. Authentication: Customers who interact with the products via the user interface are required to authenticate before they are able to access their non-public data. We support two-factor authentication and highly recommend that each customer enable two-factor authentication on their Zapier account. Zapier also supports Single-Sign On for Team and Company accounts. Authorization: User Content (data originated by customers that a customer transmits through Zapier online service) is stored in multi-tenant storage systems which are only accessible to Customers via application user interfaces and application programming interfaces. Customers are not allowed direct access to the underlying application infrastructure. The authorization model in each of our products is designed to ensure that only the appropriately assigned individuals can access relevant features, views, and customization options. Authorization to data sets is performed through validating the user’s permissions against the attributes associated with each data set. Application Programming Interface (API) access: Public product APIs may be accessed using an API key or through OAuth authorization. Authorization credentials are stored encrypted.
Preventing Unauthorized Product Access. Outsourced processing: If we are hosting the Services, they are hosted with outsourced infrastructure providers. Additionally, we maintain contractual relationships with vendors to provide our Services in accordance with our DPA. We rely on contractual agreements, privacy policies, and vendor compliance programs to protect data processed or stored by these vendors.
Preventing Unauthorized Product Access. Outsourced processing: Blogman DMCC hosts its Services with third party service providers. Additionally, Blogman DMCC maintains contractual relationships with service providers in order to provide the Service in accordance with our Data Processing Agreement. Blogman DMCC relies on contractual agreements, privacy policies, and service providers compliance programs in order to protect data processed or stored by these service providers. Physical and environmental security: Blogman DMCC hosts its product infrastructure with multi-tenant, outsourced infrastructure providers. The physical and environmental security controls are audited for SOC 2 Type II and ISO 27001 compliance, among other certifications. Authentication: Blogman DMCC implemented a uniform password policy for its Service. Users who interact with the Service must authenticate before accessing non-public data. Authorization: Client data is stored in multi-tenant storage systems accessible to users via only application user interfaces and application programming interfaces. Users are not allowed direct access to the underlying application infrastructure. The authorization model in each of Blogman DMCC’s products is designed to ensure that only the appropriately assigned individuals can access relevant features, views, and customization options. Authorization to data sets is performed through validating the user’s permissions against the attributes associated with each data set. Application Programming Interface (API) access: Public product APIs may be accessed using an API key or through Oauth authorization.
Preventing Unauthorized Product Access. Outsourced processing: Contexxt hosts its Service with outsourced cloud infrastructure providers. Additionally, Contexxt maintains contractual relationships with vendors in order to provide the Service in accordance with our Data Processing Agreement. Contexxt relies on contractual agreements, privacy policies, and vendor compliance programs in order to protect data processed or stored by these vendors. Physical and environmental security: Contexxt hosts its product infrastructure with multi-tenant, outsourced infrastructure providers. The physical and environmental security controls are audited for SOC 2 Type II and ISO 27001 compliance, among other certifications. Authentication: Contexxt implemented a uniform password policy for its customer products. Customers who interact with the products via the user interface must authenticate before accessing non-public customer data. Authorization: Customer Data is stored in multi-tenant storage systems accessible to Customers via only application user interfaces and application programming interfaces. Customers are not allowed direct access to the underlying application infrastructure. The authorization model in each of Contexxt’s products is designed to ensure that only the appropriately assigned individuals can access relevant features, views, and customization options. Authorization to data sets is performed through validating the user’s permissions against the attributes associated with each data set. Application Programming Interface (API) access: Public product APIs may be accessed using an API key or through Oauth authorization.
Preventing Unauthorized Product Access. Authentication: Customers or customer affiliates who interact with the Service via the user interface must authenticate to proceed. Authorization: Customer Data can be accessed by any individual authorized by the Customer and having the required authentication details.
Preventing Unauthorized Product Access. Outsourced processing: Map My Customers hosts its Service with outsourced cloud infrastructure providers. Additionally, Map My Customers maintains contractual relationships with vendors in order to provide the Service in accordance with our Data Processing Agreement. Map My Customers relies on contractual agreements, privacy policies, and vendor compliance programs in order to protect data processed or stored by these vendors. Physical and environmental security: Map My Customers hosts its product infrastructure with multi-tenant, outsourced infrastructure providers. The physical and environmental security controls are audited for SOC 2 Type II and ISO 27001 compliance, among other certifications. Authentication: Map My Customers implemented a uniform password policy for its customer products. Customers who interact with the products via the user interface must authenticate before accessing non-public customer data. Authorization: Customer data is stored in multi-tenant storage systems accessible to Customers via only application user interfaces and application programming interfaces. Customers are not allowed direct access to the underlying application infrastructure. The authorization model in each of Map My Customers’ products is designed to ensure that only the appropriately assigned individuals can access relevant features, views, and customization options. Authorization to data sets is performed through validating the user’s permissions against the attributes associated with each data set. Application Programming Interface (API) access: Public product APIs may be accessed using an API key or through Oauth authorization.
Preventing Unauthorized Product Access. Outsourced processing: CloudBerry hosts its Service with outsourced cloud infrastructure providers. Additionally, CloudBerry maintains contractual relationships with vendors in order to provide the Service in accordance with our Data Processing Agreement. CloudBerry relies on contractual agreements, privacy policies, and vendor compliance programs in order to protect data processed or stored by these vendors. Physical and environmental security: CloudBerry hosts its product infrastructure with multi- tenant, outsourced infrastructure providers. The physical and environmental security controls are audited for SOC 2 Type II and ISO 27001 compliance, among other certifications. Authentication: CloudBerry implemented a uniform password policy for its customer products. Customers who interact with the products via the user interface must authenticate before accessing non-public customer data. Authorization: Customer data is stored in multi-tenant storage systems accessible to Customers via only application user interfaces and application programming interfaces. Customers are not allowed direct access to the underlying application infrastructure. The authorization model in each of CloudBerry’s products is designed to ensure that only the appropriately assigned individuals can access relevant features, views, and customization options. Authorization to data sets is performed through validating the user’s permissions against the attributes associated with each data set. Application Programming Interface (API) access: Public product APIs may be accessed using an API key or through Oauth authorization.
Preventing Unauthorized Product Access. Outsourced processing: Lightspeed hosts its services on third party Hosting infrastructure in form of data centers and Infrastructure-as-a-Service (IaaS). Additionally, Lightspeed maintains contractual relationships with vendors in order to provide the service in accordance with our Data Processing Agreement. Lightspeed relies on contractual agreements, privacy policies, and vendor compliance programs in order to protect data processed or stored by these vendors.
