We take your security and privacy seriously at EmptySpace. Here are answers to commonly asked questions about our data security and data sovereignty practices:
Data Classification
- All data is housed in data centers located in the United States of America and is subject to the laws and subpoena power of the United States Department of Justice.
- We consider information posted to our services from your organization as yours. We do not divulge organization-specific data to any 3rd parties for any reason except to comply with a lawful subpoena.
- We will comply with any reasonable request to provide you with copies of your data at any time.
- We will expunge your data from our systems at your request.
- Our service generates information based on how you use our systems. We use this data for the purposes of improving the system and tracking customer and end-user activity. This data is processed by 3rd party platforms. (Google Analtyics, Stripe, etc.)
- We do not store credit card information in our systems. All online payment processing is done by a 3rd party service (Stripe.com).
Support Practices
- Employees and contractors of EmptySpace may gain access to your data for support purposes at your request.
- Support agents at data centers contracted by EmptySpace may gain access to your dat at the request of EmptySpace employees and for the purposes of ensuring service is operational.
Security Practices
- Shared secrets, API keys, machine accounts, and account passwords (hereafter referred to simply as ‘passwords’) are rotated with frequency to ensure security.
- Passwords are never stored on an employee’s machine.