We are committed to following industry best practices to ensure the security of our platform and your data.
12 March 2023
This document outlines the practices at Assessment Generator to keep your data and your respondents’ data secure.
All production systems are hosted on servers provided by a third-party cloud hosting platform. That hosting provider employs industry-standard physical access controls to prevent unauthorized access to server infrastructure.
Employees of Assessment Generator who have access to customer data use up-to-date operating systems and the access controls provided in the operating system to prevent unauthorized access to their devices.
The Assessment Generator platform fully complies with the European general data protection regulation (GDPR).
Agolix implements industry standard access control protocols for all servers and databases, using standard strong password techniques. All employees are required to utilize password protection on their devices.
- All data transfer to and from Assessment Generator production servers is encrypted. This includes web traffic (HTTPS) and transfers performed as part of development (SSL, SCP, etc.).
- Access to servers is restricted to authorized users by means of strong and unique passwords and limiting such access to only personnel that require it.
- Frequent data backups are maintained to allow for timely disaster recovery.
- All passwords stored in our database are encrypted using Bcrypt.
- Assessment Generator utilizes a third-party payment processor. Assessment Generator does not store full credit card numbers, and Assessment Generator employees cannot access client card numbers.
Although we employ industry-standard security protocols, no system is guaranteed 100% safe. If Assessment Generator learns of a data breach, we will promptly notify affected clients.