Security and reliability features

Privacy and consents

  • Your data is safe with uQualio

  • uQualio follows EU regulations on GDPR

  • You can revoke electronic marketing permissions you have granted to an account owner on our platform

  • We do not use your data for other purposes than helping you get a better user experience

  • We do not sell your data to anyone

  • We have not implemented login using e.g. your Apple ID, Facebook or Google accounts as we think their data use lacks transparency and fairness

User account access ​

  • Users must sign in with a password of minimum 6 characters 

  • Unique username (id, email or phone number) is required 

  • Changes to email or phone numbers are registered as user notifications 

  • Changes to password are registered as user activities 

  • User access can be blocked by uQualio​​  

  • User can change the password from within the application 

  • An account is locked for a period after three unsuccessful login attempts  

Application data access ​

  • Data access in the application is role-based 

  • An Account Manager can delegate roles to other users on levels Account and lower 

  • A Channel Manager can delegate roles to other users on level Channel and lower 

  • User roles can be removed during the operation, so no log out is required to enforce removal of a role 

  • A user can only access data according to the role level 

Data backup and recovery 

  • uQualio​ data and applications are backed up on a daily basis 

  • Database backups are regularly restored to verify that we can continue operation with as little potential interruption and data loss as possible 

Development processes ​

  • All code is managed on git, daily backups are made of the repository 

  • All tools for development, build, and deployment are regularly updated according to the vendors' recommendations

  • User access is limited to the lowest possible level for each individual 

  • Developers must change the password on a regular basis 

Infrastructure

  • uQualio​ uses Amazon Web Services (AWS) for infrastructure and hardware services 

  • Data access to AWS hosted services is limited to a few persons in the company 

  • Data is encrypted between server and client (HTTPS) 

  • Uploaded documents are encrypted and can only be accessed via uQualio  

Information security ​

  • Internal data access policy is enforced 

  • Developers do not have access to User Acceptance Test (UAT) or Production data 

  • Developers do not have access to deployment application and database servers in Development, UAT or Production 

  • Support staff do not have access to application servicer at all and to database servers in UAT and Production 

Payment security ​

  • uQualio​ does not store information that can process a payment on your credit card. All information is handled by our credit card processing partner Stripe.

  • Stripe is a certified PCI Service Provider Level 1 and follows all international rules and regulations to keep your credit card information safe.