Security Policy
Security Policy
Security Overview
ZENUDO takes security very seriously. We are committed to doing everything we can to secure your data. Our entire business depends on it. To that end, we have architected our entire system around the principle of “privacy by design” and employ best practices around data encryption, account management, and software architecture.
We also respect and comply with the EU General Data Protection Regulations (GDPR). Please review our Privacy Policy for more information on GDPR compliance.
Services Overview
ZENUDO is a service that offers a single place for advertisers to access all their advertising data from third-party platforms. Our service works by allowing advertisers to give us access to their data on their behalf.
We will store aggregated, ‘report ready’ summaries of your advertising data in our secure and encrypted datastore hosted on Google Cloud. Storing your data allows for faster reports, outage protection, and longer lookback windows than many advertising platforms supply.
Data Ownership
All data collected on behalf of our clients is completely owned by the client. All client data will be permanently deleted at the request of the client or upon termination of our service.
Data Collection, Transfer & Storage
All 3rd party data collected on behalf of the client is fully encrypted using TLS in transit. Data is also fully encrypted at rest and never leaves our systems until being consumed by the client.
Technology Platform
Our entire system is built on platforms provided by third-party cloud services providers utilizing industry-standard security protocols and best practices for data privacy
All data is encrypted during transit using TLS 1.2 and at rest using SHA-256
We use modern AAA methods and best practices, such as IAM, HOTP / TOTP, to prevent unauthorized access to your data from both within and outside of our organization
We have implemented internal security policies in accordance with ISO 27001.
We perform regular scheduled internal and external penetration testing and after significant infrastructure or software updates.
All updates to our system go through a regimented change management process that involves automatic testing and routine code audits and security patches.
We continually monitor our system logs for anomalous behavior.