Security Policy

Security Policy

Security Overview

ZENUDO takes security very seriously. We are committed to doing everything we can to secure your data. Our entire business depends on it. To that end, we have architected our entire system around the principle of “privacy by design” and employ best practices around data encryption, account management, and software architecture.

We also respect and comply with the EU General Data Protection Regulations (GDPR). Please review our Privacy Policy for more information on GDPR compliance.

Services Overview

ZENUDO is a service that offers a single place for advertisers to access all their advertising data from third-party platforms. Our service works by allowing advertisers to give us access to their data on their behalf.

We will store aggregated, ‘report ready’ summaries of your advertising data in our secure and encrypted datastore hosted on Google Cloud. Storing your data allows for faster reports, outage protection, and longer lookback windows than many advertising platforms supply.

Data Ownership

All data collected on behalf of our clients is completely owned by the client. All client data will be permanently deleted at the request of the client or upon termination of our service.

Data Collection, Transfer & Storage

All 3rd party data collected on behalf of the client is fully encrypted using TLS in transit. Data is also fully encrypted at rest and never leaves our systems until being consumed by the client.

Technology Platform

Our entire system is built on platforms provided by third-party cloud services providers utilizing industry-standard security protocols and best practices for data privacy

All data is encrypted during transit using TLS 1.2 and at rest using SHA-256

We use modern AAA methods and best practices, such as IAM, HOTP / TOTP, to prevent unauthorized access to your data from both within and outside of our organization

We have implemented internal security policies in accordance with ISO 27001.

We perform regular scheduled internal and external penetration testing and after significant infrastructure or software updates.

All updates to our system go through a regimented change management process that involves automatic testing and routine code audits and security patches.

We continually monitor our system logs for anomalous behavior.