SimplyBook.me - Security
SimplyBook.me comes from Iceland, the land of earthquakes, volcanoes and glaciers where we have learned how to keep safe through natural disasters. That is why we always put security first for our clients. Even with the Eyjafjallajökul volcano eruption in 2010 the SimplyBook.me system continued to run smoothly :)
On top of all the below security measures we have taken, we are also GDPR compliant, please click here to read more.
Secure Data Transmission
The privacy of all internet communication between users and clients and our system is secured by SSL SHA-256-bit with RSA 2048 which is one of the strongest encryption algorithms available today.
Trusted data centers
SimplyBook.me hosts its servers with two reputable data centers, in Canada and in France. Those two hosting companies have 24/7 security personnel on site, security badge control system, video surveillance with badge entrance into their buildings and strict access control making it extremely hard to break into. The hosting centers meet the R82 and R81 APSAD standards and work according to ISO 27001 standards.
We follow strict security measures and perform an annual HIPAA risk assessment to maintain our HIPAA compliance. HIPAA compliance means that we restrict access to any PHI to a specific team within the company, implement double authentication with verification code, send all communication through SSL and have an automatic logout of the system after a given idle time. You can concentrate on making sure that security on your side is up to standards.
Your data within SimplyBook.me is backed up every single day and stored on a secure server using encrypted data transfer in different locations to avoid any potential data loss or corruption. We verify our backup procedures regularly to make sure we provide you with the most secure performance.
We monitor our SimplyBook.me´s network constantly, 24/7 against any potential threats including data breaches, adware, hackers, pop-ups and phishing attempts. Historically our uptime has been around 99.9% which corresponds with our goal, to provide you with a trustworthy business partner.
SimplyBook.me does not store any credit card information. Your payments are all processed by an external and secure PCI DSS compliant parties such as Paypal, CardConnect, Stripe, Borgun and more. This means that your payment is always 100% safe (or at least as safe as it gets with these providers) and your payment data remains confidential.
Security by Design
We develop and maintain our system according to SDL principles, defining key security risks before each project change and implementing relevant security controls to address these risks. We do our best to protect the system against known vulnerabilities (SQL and XSS injections, CSRF attacks, etc.) by implementing SaaS companies best security assurance measures.
Protecting Personal Data
SimplyBook.me is designed to control closely what level of access is needed for our support personnel and restricts any excess access. Every single person in our staff that may access data is required to sign NDA and is obliged to turn in a criminal record certificate. Relevant data is only visible for relevant people, defined by role based authorization.