Security information

How your information and privacy are protected on UXaudit.io



Security at UXaudit.io
We understand that the security and privacy of your company's information is extremely important. To this effect, we make every effort to ensure that your information is always handled responsibly and securely. This page aims to answer some of the questions we frequently receive regarding security practices at UXaudit.io. If you have any other questions please don't hesitate to contact us.

Secure access
All access to the UXaudit.io website and application is restricted to HTTPS encrypted connections. UXaudit.io does not service insecure HTTP requests.

Hosting
UXaudit.io is hosted on Heroku servers. See Heroku's security policy for more information.

Image storage
Your images are hosted securely on Amazon S3 at secure URLs. See Amazon's security policy for more information.

We store your test, test images, and test results until you delete them. When you delete a test from our system we remove it from our database, remove all of the responses, and delete the images from Amazon S3.

Backups
UXaudit.io keeps rolling backups for up to 4 months, which are stored securely. Deleted content may remain in backups for this duration.

Password storage
UXaudit.io passwords are stored responsibly using BCrypt. They are never stored in plaintext and are not readable by staff.

Code review and auditing
UXaudit.io performs regular security audits, including manual and automatic code reviews.

Updates to UXaudit.io's software undergo a code peer review procedure within our development team to ensure quality and security are maintained.

Automated testing is employed to minimise the risk of introducing errors and security vulnerabilities.

UXaudit.io employee access
The information in your account is kept confidential by UXaudit.io employees. Please see our privacy page for more information.

Credit card handling and storage
Credit card processing is handled by Razorpay. Credit card numbers and CVC numbers are handled exclusively by Razorpay in accordance with PCI Data Security Standards (PCI DSS) and are note made available to UXaudit.io. Please see Razorpay's Security Documentation for more details about their payment system and security measures.

UXaudit.io staff can delete your credit card from Razorpay upon request.