1. Cardella is committed to protecting your privacy. We consider all the information you entrust to us as confidential, including your personal contact details, business details, employee contact details, and any data you generate while using our web applications. Your information will never be made public, shared with, or sold to any third party. You can be confident that your data remains secure with Cardella.
2. At Cardella, we go beyond simply meeting data privacy and security standards. We are committed to continuous improvement, and that’s why we undergo regular audits by a respected independent third-party organization. This ensures our practices remain at the forefront of data protection.
At Cardella we are committed to offering world-class data protection standards to ensure your data is safe and your compliance requirements are met.
Cardella aims to provide an integral component of your Corporate Identity and Sales/Marketing tech stack – a tool for networking and sharing information about you and your business. This mission can’t be fulfilled without implementing strict technical measures and following the highest security standards to build trust in our customers.
Here, you’ll find more information on how we approach security. If you have additional questions, feel free to get in touch at hello@cardella.io.
Your data’s safety is our top priority. We leverage a cloud-based hosting environment that adheres to strict disaster recovery procedures. Our provider maintains industry-leading certifications, including ISO 27001 (security management), PCI (payment card security), and SOC (service organization controls) compliance. This ensures your information is protected with the highest industry standards.
For a deeper dive into these certifications, you can explore the resources provided by our cloud hosting provider, Amazon Web Services.
We understand the importance of keeping your information safe when it travels online. That’s why we use strong encryption, similar to what banks use, to scramble your data while it’s moving between your device and our servers. This encryption technology, called TLS 1.2 with 256-bit keys, protects your data from unauthorized access, even on public Wi-Fi networks.
Cardella prioritizes your financial information security. We don’t store any credit card details ourselves. Instead, we partner with Stripe, a leading payment processor. Stripe utilizes industry-best practices, including AES256 encryption for data at rest and PCI Level 1 compliance for handling your card information. This signifies the highest level of security certification available, ensuring your transactions are always safe and protected.
In the unlikely event of a data breach, we will take immediate action to secure your information. We will also promptly notify the relevant authorities and all affected individuals (data subjects) so you can take the necessary steps to protect yourselves.
We take access control seriously. Only authorized personnel with a legitimate need to maintain or improve the system can access customer data. These individuals must navigate through multiple security layers to gain access. Furthermore, all access is logged and audited. During routine maintenance, debugging, or system servicing, authorized personnel are required to provide a valid reason and justification for each specific access session, ensuring data is only accessed for legitimate business purposes.
We take a proactive approach to security. We partner with world-leading security providers to conduct regular penetration testing on our systems and platform. This ongoing process helps us identify and address potential weaknesses before they can be exploited.
In the unlikely event of a data breach involving personal information, we will take immediate action to secure your data and investigate the incident. We will also promptly notify the relevant authorities and all affected individuals (data subjects) so you can take the necessary steps to protect yourselves.
Your data, your control. Cardella adheres to all relevant data protection laws when handling your company’s information. We only process your data based on your specific instructions.
We partner with industry-leading sub-processors who share our commitment to data security. For a complete list of our sub-processors, please refer to our Subscription Terms.
Your data is our top priority. We conduct automated daily backups of our databases to ensure its safety and continuous availability.
Comprehensive logs are collected for all platform activity, providing a detailed record of actions for potential incident investigations.
Automated systems constantly monitor code for vulnerabilities. Our infrastructure is continuously updated with the latest, most secure software versions.
Every code change triggers a suite of automated tests to verify Cardella’s functionality, including security features like authentication and permissions.
Our application forces all requests over HTTPS, ensuring all traffic is secured in transit and protecting against protocol downgrade attacks.
Our application utilizes a series of security headers like X-Frame-Options, X-XSS-Protection, and Content-Security-Policy. These headers help mitigate a broad range of common security vulnerabilities.
If you suspect a vulnerability in Cardella’s product or have a security incident to report, please contact hello@Cardella.io. We appreciate your responsible disclosure and request that you keep your findings confidential (including details in your submission) until we can address them. To effectively investigate the issue, a working Proof of Concept is highly valuable.
For reporting legal or compliance concerns with Cardella, please contact hello@Cardella.io.