Security
Splinde Security Center
Splinde is designed with a focus on security and data privacy from the start. The company's technical team conducts regular security reviews and audits of both infrastructure and applications. Splinde is also actively working towards obtaining compliance with SOC 2 Type II, ISO 27.001, and TISAX.
Splinde partners exclusively with Subprocessors that are ISO 27.001 and GDPR compliant
Infrastructure
AWS - Amazon Web Services
Cloud Hosting Provider
-
Hosting and Data Storage Location: Frankfurt, Germany
Subprocessors
Auth0
Authentication Provider for users (via E-Mail and Google Login)
-
Hosting and Data Storage Location: Frankfurt, Germany
Brevo
Mail Automation Service Platform
-
Hosting and Data Storage Location: Google Cloud in Germany, France, Belgium
Make
API Automation Platform
-
Hosting and Data Storage Location: Dublin, Ireland
Sentry
Bug tracking Platform
-
Hosting and Data Storage Location: Frankfurt, Germany
Stripe
Payment processing Platform
-
Hosting and Data Storage Location: world wide
Security & Reliability Measurements
Application Code
-
Code Review Process
-
Automatic review: static code analysis and unit/e2e test suite
-
Manual review
-
-
Recurring audits of dependencies
-
TLS Enforced across the whole stack
-
Strict CORS and Content Security policies
-
Complete Deletion of all customer related data upon deletion of account
Infrastructure & Data
-
Infrastructure-as-Code with automated provisioning and rollback
-
Daily Database (RDS) Backups
-
AWS Database (RDS) and object storage (S3) are not exposed publicly and only reside within our network
-
MFA Policy
-
Uptime monitoring and downtime alerts
-
Credential Key Management in AWS
Company
-
Employee access is granted on a least-privilege basis
-
Immediate revocation of accounts/permissions upon offboarding of employees
-
Employee NDA
-
Supplier NDA