Data Security

Legal Hub Overview

• Terms of Service
• Privacy Policy
• Cookie Policy
• GDPR
• 3rd Party Services
• Data Processing Agreement
• Service-level Agreement
• Data Security
• Applicant Privacy Notice
• Dixa’s Global Feedback Panelist
• Dixa’s Referral Program
• Early Access Terms (“EAT”)

Keeping your account and data secure is a necessity for our operations. You probably came here because you have questions, so let’s answer the two most important ones:

Is our customer data secure?

The short answer is yes. We store it on Amazon’s secure servers and back it up every day. Scroll to see our setup.

Do you sell our data or give it away?

Never. Your customer data belongs to you and you only, and our employees’ access to your data is need-to-know.

Encrypted communication

Communication between your browser and Dixa is encrypted using the HTTPS protocol and SSL certificates, ensuring the integrity of and privacy of your customer data while you work with Dixa. The same goes for your customers, even if your own website only runs the standard HTTP. This is basically the same level of security as your online bank.

Data storage on Amazon’s secure servers

We store your data on Amazon’s secure servers in Ireland and back up everything once a day in another physical location in Europe in compliance with the EU Data Protection Directive.
‍
We use Amazon’s Web Services for our cloud infrastructure, all of which auto-scale so our servers won’t ever get bogged down. If you’re interested in certifications, these are Amazon’s.

Secure payments by Stripe

Stripe handles our payments and credit card data. That means we don’t even store your credit card details anywhere – we leave that to the experts.

Stripe is a level 1 PCI Service Provider, which is the highest level of certification for payment services. You can read more about Stripe’s security here.

Secure access from anywhere

We don’t work with passwords for our users. Instead we send an email to your business email address which carries a login token that expires after five minutes.

This replaces the single sign-on that many of our competitors use and is as secure as your corporate email.

Minimum necessary access controls

We make sure our employees cannot freely access your account and data. Only those of our employees who you invite, e.g. for onboarding purposes, as well as a few of our devs will ever be able to gain access. Similarly, as an admin and/or account creator, you decide on the fly who to invite from your organization and their level of access.