We take compliancy and security seriously. This guide answers the following questions:
Where Is Cobot Hosted?
Cobot is hosted on Amazon Web Services (AWS) and Heroku, in the Ireland/EU region. We run some of our apps on ECS, Amazon’s container hosting service, others run on Heroku dynos.
AWS by default puts our servers behind a Firewall, so only the necessary ports/services are reachable from the Internet.
Is Cobot PCI Compliant?
Our providers (Amazon) are PCI compliant and/or ISO 27001 Certified. We do not receive, store or process payment information ourselves and maintain a high level of security around this. Our process to get payment information to our partners is PCI-DSS SAQ A compliant.
We do not process or store any credit card data. When users enter credit card information on Cobot, it is sent directly to the payment processors we work with (such as Stripe).
What Is Your Server Availability?
We publish our online availability at http://www.cobotstatus.me/. Most months we're at 100%.
What Is Your Backup Strategy?
We do hourly backups of our main databases with a retention time of 48h, and daily backups with a retention time of 32 days. Other databases are backed up daily. Backups are monitored by a 3rd party service and we regularly test them by doing test restores.
All backups are stored on AWS S3.