Since Farmbrite is web based software offered as a service, we sometimes hear questions about data storage and security, and third party vendors that we work with. We are happy to help answer these below!
First, know that your data is always secure and it is always yours. We will never sell it or share it with anyone. We take your data security and privacy very seriously and use encrypted data transmission (SSL), redundant servers, and regular data backups to help keep your data safe and sound.
Here are a few ways we work to ensure your data is safe:
Farmbrite partners with AWS, a leading cloud hosting provider to host our secure environment. You can view the security and compliance standards that AWS meets here: https://aws.amazon.com/security/.
We utilize firewalls and secure networking practices to prevent unauthorized access to our systems
All data is encrypted in transit using SSL/HTTPS encryption
All data is stored in on redundant databases and backed up nightly
We enforce strong password/pass-phrase requirements
All passwords are one-way hashed using strong cryptography
We limit session lengths to 24 hours
We enforce account locks for too many failed login attempts
We use secure coding standards (OWASP)
We limit access to customer accounts to only authorized employees and for the support of our customers
Automated monitoring and alerting is in place on all systems
Databases are configured for automatic fail-over
We leverage external security researchers to conduct scans against our systems and promptly mitigate any reported vulnerabilities
We limit access to our systems to only authorized personnel
We utilize secure and http only cookies
We never sell or share any customer data with anyone (www.farmbrite.com/privacy)
We limit the collection of Personally Identifiable Information (PII) about our customers to the minimum needed
What are your sub-processors, as defined by the GDPR?
Under the GDPR regulations, a sub-processor is any business or contractor customer data may pass through as a side effect of using Farmbrite's services. This definition is very broad and includes things some might simply consider "hardware", like cloud infrastructure.
We use partners for some business processes that are important, but not critical to our customers having a quality experience.
| Provider | Purpose | Location |
| ActiveCampaign | Customer emails | USA |
| Alchemer | Customer feedback surveys | USA |
| Amazon Web Services (AWS) | Cloud infrastructure | USA |
| Atlassian | Customer support | Australia |
| Calendly | Customer demos | USA |
| Google, Inc. | Site analytics | USA |
| HotJar | Site analytics | Malta |
| MongoDB Atlas | Customer data | USA |
| Mailgun | Transactional emails | USA |
| Slack | Internal communications | USA |
| Stripe | Customer payments | USA |