Data Security
Effective date: 01.01.2024​
Compliance
CCPA
We are compliant with the California Consumer Privacy Act (CCPA), the most stringent data privacy law in the United States. Evoosurvey does not sell your personal information or your end users’ personal information, and therefore do not offer an opt-out to the sale of personal information.
​
COPPA
Evoosurvey is compliant with the Children's Online Privacy Protection Act of 1998, which prohibits unfair or deceptive acts with the collection, use, and/or disclosure of personal information from and about children on the Internet.
​
GDPR
Our legal and information security teams have carefully analyzed the General Data Protection Regulation (GDPR) and have undertaken the necessary steps to ensure compliance. Evoosurvey also offers processes to protect respondents' data from video blurring and audio distortion to personal data anonymization, and custom data retention rules.
Product Security
At Evoosurvey, safeguarding product security is a top priority. We incorporate advanced protective measures and engage in continual surveillance to maintain our platform's integrity and ensure the safety of your data. Our forward-thinking strategy in risk mitigation and vulnerability management underscores our dedication to data security.
Audit Logs
Evoosurvey provides thorough oversight and accountability with our comprehensive logging system. This system records all system and infrastructure activities, ensuring all information is securely documented and readily available for compliance and auditing needs. By meticulously logging all actions, we proactively detect and neutralize potential security threats, delivering superior protection for our clients.
Role-Based Access Control (RBAC)
Evoosurvey implements role-based access control to empower organization administrators and project managers to allocate and limit user access according to their specific roles and duties. This ensures individuals access only the data and functionalities pertinent to their roles, bolstering security and safeguarding sensitive information.
SAML SSO
Evoosurvey facilitates a secure and streamlined login experience through SAML-based Single Sign-On (SSO) solutions, promoting effortless and protected platform access. We support integration with all SAML 2.0 protocol-compliant SSO identity providers, enhancing user convenience while maintaining high security standards.
Data Security
​
Evoosurvey is committed to delivering top-tier data security, leveraging sophisticated encryption technologies, industry-leading methodologies, and comprehensive security protocols. Our dedication to protecting your data affords you confidence and assurance in the security measures implemented across our platform.
Data Encrypted At-Rest
Evoosurvey securely stores all at-rest data within Amazon Web Services (AWS) and Google environments, including RDS, ElastiCache, GCS, and S3 systems, all of which adhere to AWS's encryption-at-rest standards. In addition, we utilize a one-way bcrypt hashing mechanism for storing passwords in our database, further secured by AES-256 encryption to enhance data protection.
Data Encrypted In-Transit
We ensure the encryption of all data in transit using the most advanced and secure encryption standard available, TLS 1.2. This practice guarantees the safety of our users' sensitive information against potential cyber threats.
Passwords Encrypted
For password security, Evoosurvey applies cutting-edge one-way hashing algorithms, ensuring that passwords are encrypted securely and reliably, safeguarding user access and information.
​
​
​