Your privacy and security are our top priority
We are fully certified against the requirements of the international ISO 27001 standard
Learn moreView our official certificationWe work with a range of sub-processors to deliver our services to you. You can learn more about these and our data privacy and security requirements from these providers here.
We’ve invited the security research community to help increase the security of our family of products and services. To learn more about our program click here.
We regularly undergo comprehensive external penetration testing of our systems and applications to find any potential security vulnerabilities.
Our data is regularly backed up with tested backup procedures and protected from a range of security threats or natural disasters.
In addition to those set out here, we have a number of internal security practises that are regularly updated and audited including cyber-security awareness training for all employees. These practices are incorporated within our comprehensive information security management system, part of ISO 27001.
Our backend server is hosted on Heroku, which runs on top of Amazon Web Services (AWS) and is protected with a range of redundancy, data protection and recovery measures. Amazon's data center operations have been accredited under:
ISO 27001
SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
PCI Level 1
FISMA Moderate
Sarbanes-Oxley (SOX)
As a company registered in London, UK and with customers across Europe, we’re committed to and are fully compliant with the requirements set out in the General Data Protection Regulation (GDPR) that came into effect across EU member states on the 25th May 2018.
We have a dedicated privacy policy that details how we collect, use and protect the data that’s shared with us across our websites and Slack apps. It can be viewed here.
Data shared with us is encrypted both in transit and at rest. We use Amazon’s RDS database product to encrypt data at rest and all our connections use SSL/TLS for encryption in transit.
As part of the installation process of Simple Poll and our family of applications, you’ll be asked to agree to a number of permissions required for the app to function correctly. A full list of these and what they mean can be found here.
Our payment provider Stripe handles the secure protection and processing of all financial information in a fully PCI compliant manner. Visit their security page to learn more here.
All authentications to our dashboard are secured with mandatory Single-Sign-On using your Slack login, no passwords are required.