Sign In App

Data security

A secure, global infrastructure built around data privacy. Sign In App is committed to ensuring the security of your data. We are GDPR compliant and ISO27001 accredited for Information Security Management.

Data security

Where is my visitor data hosted?

Sign In App is a cloud based service hosted in Tier 4 data centres. When starting a trial or purchasing a subscription, you can select from one of six data storage regions; UK (London), EU (Stockholm), US (North Virginia or California), Canada (Montreal) and Asia-Pacific (Sydney). All visitor data and backups are stored and replicated within the region you select. Our data centres employ physical security and environmental controls to secure our infrastructure from physical threat or impact. Each site is staffed 24/7/365 with on-site physical security to protect against unauthorised entry.

Sign In App network diagram
How long is data retained for?

You control how long your visitor and staff sign in history is retained for. Set the retention period for your account from 7 days to indefinitely in line with your privacy and GDPR policies.

Is data encrypted?

All data is encrypted at rest and in transit over TLS 1.2. All backups are encrypted and passwords are hashed.

How is my data backed up?

Your data is continually backed up and replicated between two data centres. All backups are encrypted and retained for 14 days.

What happens to my data in the event of a disaster?

During any disruption to the Sign In App service, your app will continue to operate in offline mode. We will notify all clients within one hour if an extended period of disruption is expected. All data is backed up and our disaster recovery procedures are outlined as part of our ISO27001 accreditation.

What does ISO27001 accreditation mean?

ISO 27001 is a specification for an information security management system (ISMS) as defined by the International Organization for Standardization (ISO). It’s a framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation's information risk management processes. Simply put, it ensures that an organisation strictly controls all aspects of information security. Sign In App Ltd is ISO27001 accredited with certificate number DK20022018ATC.

How is Sign In App GDPR compliant?

Sign In App acts as your data processor for visitor data. Our responsibilities include ensuring your data is secure, providing transparency around where the data is stored and providing features to allow you to control your data in line with your GDPR policies. Ethical data protection has always been a key part of Sign In App and the GDPR has only strengthened this since coming into force. With Sign In App you can set your own data retention rules, customise the data collected for each visitor type and present policies and opt-in options to visitors. You can also rest assured that your visitor data stays in the region you choose.

Where can I find more information?

We are continually introducing features to help you manage your staff and visitor privacy and security. If you require additional information, please contact us at privacy@signinapp.com.