Secure Data Storage
Nabooki platform is fully protected by transport layer protection (TLS) with an industry standard 256 Bit SSL encryption. Our servers are deployed to Amazon Web Services (AWS), which has achieved the following accreditations and certifications:
- PCI DSS Level 1 (Payment Card Industry Data Security Standard)
- ISO 27001 (Information Security Management System)
- FIPS 140-2 (United States Federal Information Processing Standard)
Automatic Data Backups
We run automatic encrypted backups to ensure your online data is safe and protected. Data is also constantly streamed to replica databases for up to the second redundancy. All backups are encrypted and stored in AWS Asia Pacific (Sydney) region on a secure server.
Local Data Storage
All Nabooki accounts will have their data stored in Australia in AWS Asia Pacific (Sydney) region.
Nabooki undergoes regular security testing by industry-recognised third party security specialists to verify our systems, processes and security infrastructure to ensure that all vulnerabilities are identified and swiftly mitigated.
We also regularly carry out in-house security maintenance, and re-check our processes so that you can rest assured your information is in safe hands.
Our applications and API are available to you to use 99.98% of the time. We also have an on-call technical specialists who can respond to any critical app failures 24/7, and dedicated support team who can help with any questions you may have during the standard working hours.
We enforce strict password standards and lockout policies, as well as use authentication tools to protect your account from exploits such as brute force attacks.
The EU General Data Protection Regulation (GDPR) is a comprehensive data protection law designed to strengthen and unify data protection for individuals within the EU, essentially giving EU residents and citizens more control of their personal data. The GDPR took effect on May 25, 2018. For customers in the European Union, Nabooki has taken additional steps to meet our obligations under The EU General Data Protection Regulation (GDPR).