Sign in

Security & Compliance


As a SaaS service that you trust your data with, we understand the immense responsibility we have to safeguard your data. So we’ve put in place industry-leading security and operational measures to keep your data safe when it resides on OkaySend Cloud.

OkaySend is more secure than email as email is not intended to be used for transmitting sensitive files, and therefore may only use a basic level of encryption.



Encryption

Your data is stored and exchanged between your systems and ours by using industry standard and current encryption protocols for HTTPS.

We use full disk encryption across our entire infrastructure, so data is encrypted at rest as well.



Authentication & Authorization

Only you can see your data (or the Users you allow access to).

Authentication

We offer two forms of authentication:

For email/password based authentication, we require email confirmation after signing up.

Team access

When you signup you can invite members by their email address. They'll be sent an invitation email with a special link to join your team.

Role-based access control

Only the admin / owner of an Account can take critical actions like adding members, and deleting the Account.

Password management

Your Account passwords are never stored in plain text within our databases. We encrypt your passwords using both salt and hashes.



Data Privacy

We do not access any customer data as a strict matter of policy, unless you’ve given us explicit written approval to do so for debugging any issues.

Once an Account is terminated, all data associated with it is deleted irrecoverably.

The information collected from your Client becomes a part of the Request (until it's deleted).

For information about our privacy policy, please see: Privacy Policy.



Throttling

Repeated communication attempts to any endpoint will result in a temporary ban to safeguard against brute force and denial of service attacks.



Staff Accessibility

Employees and contractors use a password manager that enforces strong passwords and are only authorized to access data that is crucial and needed to carry out their duties.



Logging & Alerts

We continually monitor for downtime, errors and access. Logs are maintained for analysis and debugging. Critical alerts are flagged with our engineering team immediately.

In the event of any outages or infrastructure issues, we'll notify all affected via email.



Backups & Disaster Recovery

Your data is backed up daily to replicate it and your storage follows a 30 day lifecycle to reduce your storage costs. This ensures that hardware issues with any one particular node in a particular data center does not affect your up time or any collected data.



Physical Security

We use compute services from other Cloud Providers and so do not have any physical servers we run or manage directly. Physical security and redundancy for these data centers are handled by our Cloud Providers.

All of our cloud storage, data centers, and other service providers are based in the United States.



Payment Information

We do not store any payment information in our systems. We use an industry leading payment processor - Stripe and they hold your card information. Card details you enter on our site go directly from your browser to Stripe and do not touch our systems.




Still have questions? Contact us

For any privacy-related questions you have that aren't covered here, please feel free to reach out to us at: help@okaysend.com