Security, Privacy, and Compliance
Cryptlex is committed to ensuring that your privacy and the data you share with us is protected. When you license your software applications using Cryptlex, you are entrusting Cryptlex with critical and sensitive data about your business and about your customers. We use the best industrial practices to secure and protect the important business data you store within Cryptlex.
As a Cryptlex customer, you are part of the team that keeps your data safe. You are responsible for implementing strong security measures, offered by Cryptlex, for properly managing access to your Cryptlex account and resources.
Cryptlex offers fine-grained role-based access control, which can be used to limit access to your account. It also provides two-factor authentication, which should be enabled to give your account an extra layer of security.
Cryptlex maintains a number of certifications to further strengthen our trust with customers. These include:
Cryptlex's payment and credit card information is handled by Stripe, which is a certified PCI Level 1 Service Provider, the most stringent level of certification available in the payments industry. Cryptlex does not typically receive credit card data, making it compliant with PCI DSS in most situations.
Cryptlex data centres are compliant with ISO 27001, ISO 27017, and ISO 27018 certifications. These internationally accepted security standards cover the systems, applications, people, technology, policies, procedures, and data centres serving customers. Our hosting provider, AWS (Amazon Web Services), has achieved ISO 27001, ISO 27017, and ISO 27018 certifications.
Cryptlex data centres are compliant with SOC 1, SOC 2, and SOC 3 certification. Our hosting provider, AWS (Amazon Web Services) has achieved SOC1, SOC 2, and SOC3 certifications.
Cryptlex has a number of basic and advanced features that help us keep your data secure and our services highly available.
Cryptlex offers basic security features for your accounts, including:
- Account-level two-factor authentication
- Transport security via TLS/SSL for all incoming and outgoing network traffic (HTTPS)
- Fine-grained role-based access control to limit access to your account and resources
- Audit logs to allow you to view the details of every user action
Additional features to protect and secure your data such as:
- Best in class, secure, battle-tested, and DDoS protected infrastructure
- Two-factor authentication enabled for all cloud hosting providers
- Only authorized personnel have access to data with two-factor authentication being mandatory