Security

We know you are trusting us with your business data. Here is how we protect it.

Tenant Isolation

Every customer runs in a separate, dedicated database. Your data is never commingled with another customer's data.

Encryption

All traffic to and from the Service is encrypted in transit using HTTPS/TLS. Data is encrypted at rest on our infrastructure.

Backups

We run automated backups of your instance so your data can be recovered. Backups are retained on a rolling schedule.

Data Location

For customers in the United States, we host in a United States region of our cloud provider (DigitalOcean). Support is provided from Nicaragua; see our Privacy Policy for details on international processing.

Payments

We never store your full card details. Payments are handled by Stripe, a PCI-DSS Level 1 certified processor, so card data stays with the processor and out of our systems.

Access Control

Access to production systems is limited to authorized personnel on a need-to-know basis. You control who has access inside your own instance.

Subprocessors

We use a small set of vetted providers (such as DigitalOcean, Stripe, and Google) to deliver the Service. The current list is in our Privacy Policy and available on request.

Incident Response

We monitor the Service and maintain a plan to investigate, contain, and notify affected customers in the event of a security incident, as required by law.

Working Toward SOC 2

We follow industry-standard security practices and are working toward formal SOC 2 alignment as we grow.

Report a Concern

Found a vulnerability or have a security question? Contact us at info@easyboostmedia.com.

PQG LLC, doing business as EasyBoostMedia.