Privacy & Security
Some of the world's largest insurers trust us with their member communications and behavioural data. They expect their data to be protected and secure, that’s why we invest in the details. Through rigorous security checks, data encryption, employee screenings, comprehensive privacy permissions and compliance with industry regulations, we ensure your member data is safe with us.
Data center and network security
Boundlss services are hosted on Microsoft Azure Services. As such, we inherit the hosting environment which Microsoft maintains and demonstrates. Azure services are certified to ISO 27001/27002. See Microsoft Azure's compliance section, for further information.
Boundlss supports encryption of customer data, both in transit and at rest. Communications between you and Boundlss servers are encrypted via HTTPS and Transport Layer Security (TLS) industry best-practices.
Our Sydney-based database server is geo-replicated to Melbourne every 5 minutes and backups are retained for 90 days. Our Recovery Time Objective is < 2 hours, and Recovery Point Objective is < 30 minutes. Our databases are automatically restored by Azure upon failure. Source code is maintained privately in Github and deployed directly to Azure using continuous deployment.
Investing in your privacy
We understand the privacy commitments you make to your customers, employees, and users. We implement industry best practices to ensure the confidentiality and integrity of your data.
Comprehensive Personal Privacy
You and your members have complete control of what personal data is tracked and how and with who data is shared. Our privacy settings allow members to decide exactly what they share and when.
Internal processes and audit
Our Chief Privacy Officer works with our developers to make sure we comply with applicable international privacy laws.
All new hires are screened through the hiring process and required to sign non-disclosure and confidentiality agreements.
Service data processing