Data Sharing
BlackBoiler does not share any data provided by its clients with any 3rd party. All data is secured in a data silo accessible only by the client and necessary BlackBoiler staff.
Data Storage
BlackBoiler uses AWS cloud infrastructure for SaaS services, data processing and data storage. Access to those resources is secured via VPN, secure tokens and whitelists. Only approved BlackBoiler employees are given tokens enabling access to these resources and then only from known IP addresses.
Data Encryption
All data stored at rest is encrypted with AES256.
Data Transfer
BlackBoiler transfers all data across secure connections via SSL connections between servers and between BlackBoiler servers and client machines.
Data Handling
Data provided by clients is stored on a secure AWS server. In some instances, individual client files may be temporarily downloaded onto a BlackBoiler employee's encrypted hard drive for testing purposes.
Hardcopy Data
BlackBoiler does not, in the normal course of business, print customer data. However, any hardcopy data is stored in locked filing cabinets when not in use, and destroyed when no longer needed.
Infrastructure Security
BlackBoiler uses AWS cloud services for its infrastructure. In order to secure client data, BlackBoiler uses multiple levels of access control as well as application and infrastructure monitoring. Please request a security sheet if more information is needed.
Microsoft Add-In and Chat Interface Payment Disclosures
Customer acknowledges and agrees that when Authorized Users utilize Provider's Microsoft Word Add-in or interact with conversational artificial intelligence interfaces within the Services (such as BlackBoiler Veris), financial transaction details and payment information must not, and will not, be transmitted or processed through such bot, chat, or conversational user interfaces. To maintain security, all billing, fee collections, and payment transactions are processed and received exclusively through a separate user interface linked to a secure purchase API powered by Stripe. Prior to executing transactions or using the Services, Customer and its Authorized Users are hereby notified of and consent to this external routing via Stripe, and may review Stripe's data handling protocols at https://stripe.com/privacy.
For additional questions and/or concerns please contact:
Jonathan Herr, Co-Founder & CTO
info@blackboiler.com