Last updated: July 29, 2020
All data are written to multiple disks instantly, backed up daily, and stored in multiple locations.
Whenever your data are in transit between you and us, everything is encrypted, and sent using HTTPS.
Any files which you upload to us are stored and are encrypted at rest. Our application databases are generally not encrypted at rest — the information you add to the applications is active in our databases and subject to the same protection and monitoring as the rest of our systems. Our database backups are encrypted.
Our servers operate at full redundancy. Our systems are engineered to stay up even if multiple servers fail.
Our software infrastructure is updated regularly with the latest security patches. While perfect security is a moving target, we work to keep up with the state-of-the-art in web security.
All credit card transactions are processed using secure encryption—the same level of encryption used by leading banks. Card information is transmitted, stored, and processed securely on a PCI-Compliant network.
We are dedicated to maintaining your account’s security on our systems and have monitoring tools we’ve set up to alert us to any nefarious activity against our domains. To date, we’ve never had a data breach.
We also audit internal data access. If a Dockhound employee wrongly accesses customer data, they will face penalties ranging from termination to prosecution. This has never happened.
We have processes and defenses in place to keep our streak of 0 data breaches going. But in the unfortunate circumstances someone malicious does successfully mount an attack, we will immediately notify all affected customers.
Have you noticed abuse, misuse, an exploit, or experienced an incident with your account? Please visit our security response page for details on how to securely submit a report.
Dockhound policies are open source, licensed under CC BY 4.0. Adapted from the Basecamp open-source policies / CC BY 4.0.