Security FAQ’s

1 March 2020, Ver 2.0

 

We actively encourage our users to understand the security measures we adopt at Cheqdin and participate in taking security measures at your childcare centres for the safety and integrity of all users.

Our Security Ethos

Security is everyone’s responsibility. At Cheqdin, we take security very seriously. Our website, software and mobile apps are developed and hosted in a secure environment which complies with the strictest industry security standards. We do everything in our power to keep our company, employees and user’s data safe. Cheqdin is built on a foundation where we have strict security protocols in place and do not sell any data to third parties.

Here are few frequently asked questions (FAQ’s) about security and the measures we have in place at Cheqdin: 

How secure is your site and app?

  • We use SHA-2 and 2048-bit encryption – the strongest on the market. Our website is an Enterprise SSL Secured Website. Meaning the traffic is fully encrypted to enterprise security standards which are far more secure than standard websites. Our apps are built on the security principle – Secure by design i.e., we adopt the best industry encryption and security standards for all touch points of our product.

How is your data used?

  • Cheqdin acts as a data processor, processing the data on behalf of the childcare centre. We do not use centre data for any other purpose other than for providing the software solutions required to run the system. We do not sell any data to third parties. All data is ultimately controlled by the childcare centre with read, write and delete capabilities only given to authorised personnel assigned and appointed by the childcare centre. No unauthorised personnel is allowed access as the childcare centres have the ability to control who can access what kind of data.
  • In addition to the security measures adopted by Cheqdin which are GDPR compliant, the childcare centre also has the responsibility to ensure adequate security measures are in place for data for both online and offline records.
  • For more information, please refer to the Data Processing Agreement here: https://cheqdin.com/dpa/

GDPR Privacy Policy

Who keeps my data?

  • Your data is securely stored in the cloud by AWS (Amazon Web Services), an Amazon Company and it is protected by AWS Cloud Security.

Where is my data kept?

  • All of Cheqdin’s data is securely stored in the cloud and is hosted on AWS Secure servers in London, United Kingdom. Hence your data is stored locally and complies with the UK/EU data protection laws.

Who has access to my data? Is it private?

  • Your access as a parent is provided by the childcare centre. Apart the childcare centre’s authorised staff, only you can see and have access to your data. No one else can access this information without express consent being provided by the parents or guardians. All account passwords are encrypted for additional security. For further information, please see our acceptable use policy, terms of use, EULA and privacy policy.

How safe is my data?

  • Our database is fully backed-up, and any lost data can be restored from the incremental backups that are taken at regular intervals.

Does Cheqdin comply with EU General Data Protection Regulations (GDPR)?

  • Our server is hosted in London, United Kingdom by server operator Amazon Web Services; AWS is approved in accordance with the EU GDPR.

          For more information on AWS and EU GDPR compliance, please visit https://aws.amazon.com/blogs/security/all-aws-services-gdpr-ready/

          For more information on AWS Cloud security visit: https://aws.amazon.com/security/

What certifications and assurance programs are included in AWS?

  • SOC 1/SSAE 16/ISAE 3402 (formerly SAS 70)
  • SOC 2Element 2
  • SOC 3
  • ITAR
  • FIPS 140-2
  • MTCS Level 3
  • DIACAP, and FedRAMP
  • DOD CSM Levels 1-5
  • PCI DSS Level 1
  • ISO 9001 / ISO 27001

Data protection registration

https://cheqdin.com/ the website, web portal and its mobile applications are powered by Databotix Limited. Cheqdin is the trading name of Databotix Limited. The company is registered as a data controller with the UK Information Commissioner’s Office (ICO), complying with strict data protection legislation. The data protection registration number of Databotix Limited is ZA250858

What further security measures are you adopting?

Our dedicated security team are hard at work to bring in even better, stronger security measures as we believe security is a continuous process. We are currently working towards ISO 27001 certification, the International Standard for Information Security Management also known as ISMS. With the already robust security measures adopted at Cheqdin, we believe ISO 27001 will make security procedures even more robust.

How we protect your data?

By default, encryption protects your data. Our solution protects data at rest and in transit with encryption.

Our system grants access only to authorised administrators, centre managers. The Childcare centre administrators or managers can control and limit access to staff members. They can also monitor access usage i.e., who has access to what.

We have business continuity and disaster recovery plans to safeguard our services to ensure that your business is in safe hands. This means we are able to continue operating in case of a system problem or even a catastrophe.

We undertake ‘Ethical Hacking’ or penetration testing in other words, which means we use trusted security experts to attempt to penetrate into our products, services and data in order for us to identify any weaknesses in the system and build secure defenses proactively.

If you have any questions or need more information, please write to security@cheqdin.com

© Copyright 2017-2020 Cheqdin – All rights reserved.