chargeguard Data Privacy & Security Statement

At chargeguard we take great care in handling data privacy and security. We’ve taken a meaningful and deliberate approach in governing how data is collected, shared and used, as well as protecting it in accordance with cyber security standards.

 

We chose Snowflake as our cloud database solution. It serves the purpose of a data-warehouse and data-lake. Snowflake provides AES-256 strong encryption of all data ingested into the database and stored there. This ensures that data is end to end encrypted. To minimize exposure to data loss, Snowflake provides “time-travel” and “fail-safe” features that allows for data recovery in case of a critical event. Snowflake also complies with government and industry regulations, and is FedRAMP Moderate authorized.

 

chargeguard Insight’s data governance and dispute management team performs OWASP top 10 testing to ensure security of all web-systems.

 

AWS S3 is another cloud bridge we use. The IT infrastructure that AWS provides to us is designed and managed in alignment with best security practices and a variety of IT security standards. The following is a partial list of assurance programs with which AWS complies:

 

• SOC 1/ISAE 3402, SOC 2, SOC 3

• FISMA, DIACAP, and FedRAMP

• PCI DSS Level 1

• ISO 9001, ISO 27001, ISO 27017, ISO 27018

 

We’ve also implemented a Zero Trust model for accessing internal and external resources. This model verifies each login attempt via multi-factor authentication with Google’s authenticator technology. Additionally, all data distributions are protected via assigned roles and custom user permissions hierarchy rules inside each system. This process limits user access with just-in-time and just-enough-access (JIT/JEA).

 

In addition to the above data privacy and security protocols, chargeguard strives to comply with government and industry regulations, such as GDPR, CCPA, GLBA and we rely on our partners in that.