Data privacy and cyber security are extremely important to all of us at Bragg Media
Bragg Media’s Client Portal is HIPAA compliant and powered by the Amazon AWS technology stack. All data always moves along encrypted networks, and is written to multiple disks instantly, backed up daily, and stored in multiple locations. Files that our customers upload are encrypted and rest on servers that use modern techniques to remove bottlenecks and points of failure. Project data, messages, text documents and tasks aren’t encrypted at rest — they are active in our database.
Ongoing internal network security audits and scanning gives us an overview for quick identification of impacted systems and services. Operating systems, software, frameworks, and libraries used in Bragg Media’s Client Portal infrastructure are updated to the latest compatible versions on a regular basis. Whenever a vulnerability in a product used by Bragg Media or a high or critical vulnerability is publicly reported, prompt actions are taken to mitigate any potential risks for our customers — we apply hotfixes and patches promptly when available and/or implement pro-active mechanisms like configuration of firewalls or IDS/IPS.
Bragg Media’s Client Portal uses Transport Layer Security (TLS) 1.2 with a 2048-bit server key length with industry-leading modern browsers. When you access the portal via web browser, mobile applications, email add-in, or browser extension, TLS technology protects your information using both server authentication and data encryption. This is equivalent to network security methods used in banking and leading e-commerce sites. All users’ passwords, cookies, and sensitive information are reliably protected from eavesdropping.
All credit card transactions are processed using secure encryption—the same level of encryption used by leading banks. Card information is securely transmitted one time to a 3rd party payment gateway, who then stores the card information & returns to us only an identifying hash (ID number) which we store. No payment information or credit card numbers are ever stored on the Portal’s servers.
If your account has been compromised by an unauthorized user, it is your responsibility to inform Bragg Media immediately.
Bragg Media follows best practices in data privacy and protection
Your privacy is important to us. We respect your privacy regarding any information we may collect from you across our website and other sites we own and operate.
What is General Data Protection Regulations (GDPR)?
GDPR is a legislation enacted in 2018 by the European Union concerning the transfer and use of personal data. GDPR gives the citizens of the European Union (EU) and the European Economic Area (EEA) the ability to exert greater control over their personal information.
Personal information is defined as “any information relating to an individual, whether it relates to his or her private, professional or public life. It can be anything from a name, a home address, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer’s IP address,” according to the European Commission.
The law ensures that personal data of European citizens will be handled more responsibly and that authorities have the legal tools to respond to misconduct by data-handling entities. Here’s more information about GDPR and what it means for you.
How does Bragg Media stay GDPR compliant?
- At Bragg Media, we take precautions to protect your personal data with the highest standards, but we also don’t abuse your trust in us:
- We do not sell or relinquish your data to third parties
- We always ask you for your data and provide an easy way to opt-out of communications
- We added a cookie banner to our website so you can opt out of accepting cookies
- We regularly backup your data
- We provide an easy-to-ready privacy policy so you can understand what information we ask for, why we ask for it, how we use it and where it’s stored
- We regularly review and update our security policies
For more information, check out Bragg Media’s privacy policy.