At RedJade, we deliver services to enterprises and educational institutions in over 45 countries. We know our RedJade customers care deeply about privacy and data security and are committed to offering a service that includes sophisticated technical and physical controls designed to prevent unauthorized access to or disclosure of RedJade customer data. Our goal is to lead in all aspects of sensory software whether that be sensory analysis, sensory evaluation, or sensory testing.
Frequently Asked Questions
- Will customer content uploaded into RedJade be secure?
Azure data centers are among the most secure in the world and are in full compliance with an extensive list of global security standards, including ISO 27018, SOC, and the PCI Data Security Standard. They are equipped with state-of-the art electronic surveillance and multi-factor access control systems, staffed 24×7 by trained security guards, and access is authorized strictly on a least privileged basis, limited to system administration purposes.
We also have robust systems, processes and procedures in place to prevent unauthorized access to customer data uploaded into RedJade by RedJade’s staff other than those staff members who are engaged in the provision of the RedJade Support Services. RedJade staff members who are engaged in the provision of the Support Services are subject to strict contractual confidentiality obligations and their access to RedJade customer data is authorized strictly on a least privileged basis. As such only three members of RedJade senior management have the technical ability to access RedJade customer data.
Azuer is contractually obligated to not access or use your data except as necessary to comply with the law or a binding order of a governmental body. Azure delivers services to more than one million active customers, including enterprises, educational institutions, and government agencies in over 190 countries. Azure customers include financial services providers, healthcare providers, and governmental agencies, which trust Azure with some of their most sensitive information.
All of your data is protected by security protocols put in place by RedJade’s development team which ensures the following:
- All data is encrypted, backed-up, and moved off-site every night. Transaction logs allow us to retrieve data at any point in time (up-to 30 days).
- All data is transmitted using 256-bit encryption. The connection uses AES256-CBC, with SHA1 for message authentication and RSA as the key exchange mechanism.
- Authentication & authorization systems leverage robust open source solutions used by thousands of SaaS providers.
- Extensive network and security monitoring systems provide important security measures, such as basic distributed denial of service (DDoS) protection and password brute-force detection.
- Multi-tenant data is protected by global filters at the ORM level. A robust test suite ensures your data is only available to authorized users.
- All system access is logged, and staff is alerted of any changes to ensure the integrity of the production system.
- Regularly scheduled penetration tests ensure the effectiveness of firewalls and other IT security measures.
- The application is designed, developed, deployed and tested in accordance with leading industry standards from BSIMM-V and COBIT guidelines.
- Where will RedJade customer content be stored?
All RedJade customer content is currently stored on Azure servers located in the European Union (EU).
- Who will have access to RedJade customer content?
We do not access or use any content uploaded by our customers into RedJade except as legally required or as necessary for the provision and support of the RedJade Hosting Services. All RedJade support services are currently provided, and RedJade is maintained, by RedJade staff based in the United States. For details of RedJade support services please visit our website at http://redjade.net/support-policy/.We will not disclose customer content uploaded into RedJade unless we determine, on advice from legal counsel, that such disclosure is required by applicable law. If we are compelled to disclose customer content we will, unless prohibited from doing so by law, use best efforts to notify the relevant customer prior to such disclosure to give them the opportunity to seek protection from the disclosure. Please see our Hosting Services Agreement for further details in this regard.
- What about customer content that includes personal data?
We do not have any visibility into or knowledge of what data RedJade customers upload into RedJade from time to time, including whether or to what extent this includes personal data, nor do we have any control over how RedJade Clients then process this data using RedJade. However, we do appreciate of course that where content uploaded by our customers into RedJade does include personal data such customers are subject to varying data protection obligations, in particular where those customers are located in the EU. We have provided the necessary tools for our customers to comply with GDPR – see https://redjade.net/gdpr. All personal data held by RedJade from time to time is subject to our Privacy Policy, a copy of which can be found at http://redjade.net/privacy/.
- What happens to RedJade customer content after termination of the Hosted Services Agreement?
As set out in the Hosted Services Agreement we will upon a RedJade Client’s written request within 90 days after the termination of the Hosted Services Agreement export or retrieve a copy of the relevant customer content from the Hosted Services to a destination designated by the RedJade Client. After expiry of these 90 days we have no obligation to further maintain or provide a customer with copies of any customer content and may, unless legally prohibited, delete the same. A RedJade Client can upon termination of the Hosted Services Agreement also request that its customer data is deleted permanently from our servers.