Regardless of your plan, all your forms are served across protected 256 bit SSL (Secure Socket Layer) connection that uses a SHA256 Certificate. This is the same level of protection used by online banking or e-commerce providers.

Prosoftly is fully compliant with the European Union’s General Data Protection Regulation (GDPR), the data protection law taking effect on May 25, 2018. This applies to any business that collects data in or from Europe.

You can backup your data with a single click from the “Data” tab in your account settings. When you trigger a backup operation, we start preparing a single ZIP file that contains data, text, photographs, videos, audio clips, written posts and comments, software, scripts, graphics, and interactive features generated. These backups can either be downloaded or stored in our database.

Prosoftly servers are co-located in a cloud based architecture with Google Cloud and Amazon Web Services (AWS) and also Heroku Web Services. AWS data centers are located both Virginia (US).

Google Cloud servers host our redundant application and data servers in active-active configuration and all data is also replicated to AWS servers continuously. This provides a platform level redundancy in addition to the redundancy obtained with multiple servers within single platform. In case we need to switch from primary platform (Google Cloud) to the secondary platform (AWS), this architecture helps us for an easy and fast switch.

Hosting Prosoftly at these major cloud platforms also provides us some extra benefits in means of implementation of security best practices in areas like hardware lifecycle management, physical security and network infrastructure. Our servers are constantly updated and patched.

Prosoftly servers are co-located in a cloud based architecture with Google Cloud and Amazon Web Services (AWS) and also Heroku Web Services. AWS data centers are located both Virginia (US).

Google Cloud servers host our redundant application and data servers in active-active configuration and all data is also replicated to AWS servers continuously. This provides a platform level redundancy in addition to the redundancy obtained with multiple servers within single platform. In case we need to switch from primary platform (Google Cloud) to the secondary platform (AWS), this architecture helps us for an easy and fast switch.

Hosting Prosoftly at these major cloud platforms also provides us some extra benefits in means of implementation of security best practices in areas like hardware lifecycle management, physical security and network infrastructure. Our servers are constantly updated and patched.

In addition to implementing features that increase security, we maintain best practices on the backend to ensure your account remains secure. We monitor sessions to restrict access of your account appropriately, and have constructed Prosoftly in a way that every account is isolated.

We have put safeguards in place to detect common attacks, such as SQL injection and cross-site scripting. Most importantly, we actively review our code for potential security concerns (in addition to evaluating all user feedback) so that we can address any issues if they arise. Our privacy statement speaks to our level of commitment to ensuring your data is not misused.

We have an outside routing layer provided by CloudFlare that provides basic filtering to handle and manage any potential DDoS (denial of service) attacks. Security scans are performed periodically as described in the audits/VA/PT chapter. Our servers are configured to allow only the absolute minimum level of access needed to maintain them.

All unnecessary users, protocols, and ports are disabled and monitored. Our employees are able to access the servers only through a Virtual Private Network using a 2048-bit encrypted connection with private keys. In addition to 3rd-party security services, our experienced development operations team continuously monitors any suspicious behavior on the entire system.

Forms are linked to only your account and account information is transferred only in encrypted format.