This ensures that from June 2021, Tagger is SOC 2 Type II “certified”. SOC 2 compliance demonstrates that Tagger securely manages your data to protect the interests of your organization and the privacy of its clients according to five trust service principles: security, availability, processing integrity, confidentiality, and privacy.
Tagger using highly secure Equinix Metal infrastructure and facilities. Equinix Metal cloud computing services are compliant with multiple security and privacy standards, e.g. ISO 27001, ISO 22301, NIST 800-53, SOC 2 Type II and PCI DSS. Equinix uses advanced security equipment, techniques, and procedures to control and monitor access data centers. Typical security controls are security checkpoints that include 24/7 manned security stations, mantraps, and biometric readers.
The power systems include full UPS systems with N+1 redundancy levels or greater and backup generator systems in the event of a local utility failure. In case of a power outage, batteries turn on immediately, followed by the generators, which can power the entire data center. To keep equipment operating, each data center houses a multicomponent temperature control system running 24/7.
We strive to achieve integrated information security management system by:
We’re fully aware of the requirements of laws, regulations, court judgments, personal data protection guidelines, and T&C of social media platforms about data scraping and privacy. We are an ethical company. All employees and associates must follow the Code of Conduct and the Code of Ethics. That’s why we do not scrape any data.
Our goal as a content management company is to fully comply with privacy laws, regulations, and good practices. We take care especially with GDPR, CCPA, UK Data Protection Act 2018, and COPPA. The Chief Information Officer and Data Protection Officer are constantly monitoring our compliance and security.
We’re using advanced security controls like WAP, NGFW, SIEM, systems, networks, infrastructure monitoring tools, DMZ, and vulnerabilities scanners. Our system uses a hardened and patched OS, applications, and DB. We review vulnerability bulletins on an ongoing basis. We also have solutions to mitigate DOS and DDoS attacks. We perform penetration tests annually.
We maintain disaster recovery and business continuity plans as part of our Information Security and Privacy Management System. We have high availability infrastructure in the MY and backup failover to another MY region. We regularly test and refine this plan to ensure the fastest recoverability in the event of a disaster.
All data at rest and in transit are encrypted. To secure transfer data, we’re using HTTPS, TLS, SSH, and VPN. All our data at rest is encrypted at the server level and the level of end devices.
We encourage you to report any vulnerabilities in our service directly, using the form below.
Our security team will analyze it, fix it, and we’ll send you feedback.