Data Security
Overview
Protecting our customer data is a key value at Putler. We understand the importance of safeguarding your data, which is why we have implemented the necessary controls and best practices to provide the highest standard of security for our users and customers.
The following is an overview of the main areas of our privacy and security protocols.
Data privacy
- GDPR compliant: Putler and all our third-party providers are compliant with the EU’s General Data Protection Regulation.
- Passwords: Your password is encrypted and never stored in our database in a readable/unencrypted format. You are responsible for choosing a strong password and keeping it secret. Two-factor authentication is available to all Putler users and we strongly recommended enabling it on your account for an additional layer of security.
Data access
Your data is your property and will never be sold to third parties. We will only access your Putler account with your permission for resolving account-specific issues or if we suspect the Putler terms of service are being violated.
Application security
- Encryption in Transit: Data sessions are always protected with TLS protocols and 2,048-bit keys.
- Crafting security: Putler considers security during all phases of our software development lifecycle from product ideation to deployment and release. We run automated and manual code analysis and use industry best practices to ensure the highest standards of quality for our services.
Data center security
Our data centers are ISO 27001 certified.
In-depth data flow – Import, Storage, Usage
- User signs up
- A trial account is created (No card info)
- Basic info is stored – Name, Email
- The user connects data-source (of their choice)
- Putler asks for permission to make API calls on their behalf
- Putler makes API calls to fetch data (historical + present + ongoing)
- Putler stores this data at its end (Backend / Databases / Servers)
- Putler also stores it at multiple databases and servers for better performance. It requests and accesses the data as per the computations and calculations that it has to do for the requested stats/dashboard
- Frontend/UI communicates with the backend via a secured medium. And it is not possible to make/request data for a user without proper credentials.
- Putler does not pull any additional data/information that it does not require.
- Putler periodically deletes all the data associated with a data source from the database/server, once the user unlinks and deletes it from his/her account. If you want to do it immediately, send us an email and we will delete it manually.
FAQs
Why does Putler store data beforehand?
Putler stores data to do computations, to show stats/KPIs, lists and other details as requested by the user. It is not possible to calculate the stats at runtime without storing the data, as this requires complex calculations and data processing. Putler also shows insights based on historical data. Apart from insights, users may also want to check historical data. And fetching it at runtime will require the users to wait endlessly.
Does Putler sign a DPA?
Our compliance, data protection, and information security teams have collaborated to construct a Data Processing Agreement so you can rest assured your data is safe with us. We started from the ground up to review all our data processing activities and security processes to meet, and often exceed, GDPR security requirements.
If you wish to sign the DPA, send us an email and we will revert back with the DPA.