Security

1. Our commitment to security

Qdos Sales Limited is a web and mobile cloud application used worldwide by enterprises, teams, and individuals to improve their field based sales performance. Qdos Sales Limited utilises security best practices and manages application security so our customers can concentrate on their business. Here at Qdos Sales Limited, we are committed to inspiring trust and protecting the privacy of our customer’s data. It is this commitment that motivates our decision making every day and our team holds this responsibility in the highest regard.

2. Data security practices

Each organisation on the Qdos Sales Limited platform is segregated from other organisations and cannot interact with other organisations or users in other areas of the application. This restrictive system is designed to prevent security and privacy issues. Customer data may be further segregated into an independent database or an independent environment at an additional cost. Customer data is stored in a Postgres database and we utilise industry leading security practices such as 2048 bit Industry Standard SSL, encrypted passwords, and token based authentication for the API (used by the Qdos Sales Limited mobile apps to access the data). Customised data security options are also available via an Qdos Sales Limited SaaS agreement upon request.

3. Data centres

Qdos Sales Limited’s physical infrastructure is maintained by Heroku which utilises Amazon’s secure data centres and the Amazon Web Service (AWS) technology. Heroku and Amazon continually manage risk and undergo recurring assessments to ensure compliance with industry standards. Amazon’s data centre operations have been accredited under:

  • ISO 27001
  • SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
  • PCI Level 1
  • FISMA Moderate
  • Sarbanes-Oxley (SOX)

For additional information on Heroku security
See: https://www.heroku.com/policy/security

4. Encryption

All applicable data transferred to and from the Qdos Sales Limited platform is encrypted using industry leading security standards. Qdos Sales Limited uses a 2048 bit Industry Standard SSL Certificate with 99.9% browser compatibility and 128/256 bit encryption. Qdos Sales Limited also uses PCI compliant payment processor Stripe for encrypting and processing credit card payments. Qdos Sales Limited’s infrastructure provider is PCI Level 1 compliant. Passwords are also encrypted and thus the password itself is not stored.

5. Backups

Application data is automatically backed up as part of the deployment process on secure, access controlled, and redundant storage. These backups are used to automatically bring the application back online in the event of an outage. Customer data in the database uses Continuous Protection to keep data safe. Every change to your data is written to write-ahead logs, which are shipped to multi-datacentre, high-durability storage. In the unlikely event of unrecoverable hardware failure, these logs can be automatically 'replayed' to recover the database to within seconds of its last known state. We also provide you with the ability to backup your database to meet your own backup and data retention requirements.

6. Additional information

General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) is a new European privacy regulation which replaces the EU Data Protection Directive called Directive 95/46/EC. The GDPR aims to strengthen the security and protection of personal data in the EU and harmonise EU data protection law. We are big fans of GDPR here at Qdos Sales Limited because we think it gives individuals important rights over their data. Qdos Sales Limited is committed to always operating in the best interests of our customers and this includes compliance with GDPR. Qdos Sales Limited's policy regarding GDPR compliances can viewed at

Privacy

Qdos Sales Limited has a published privacy policy that clearly defines what data is collected and how it is used. Qdos Sales Limited is committed to customer privacy and transparency. For more information on privacy, view our Privacy policy

Contact

If you have any questions or feedback, please reach out to our support team by email at Support@qdosperformance.com