Security and Privacy
Springbuk has successfully completed Service Organization Control 2 (SOC 2) Type 2 Attestation Report (commonly referred to as SOC2 certification) after undergoing a thorough attestation by NDB Accountants LLP.
These reports are intended to meet the needs of a broad range of users that need detailed information and assurance about the controls at a service organization relevant to security of the systems the service organization uses to process users’ data and the confidentiality and privacy of the information processed by these systems. These reports can play an important role in:
- Oversight of the organization
- Vendor management programs
- Internal corporate governance and risk management processes
- Regulatory oversight
This assessment reinforces the point that the Springbuk team has an unwavering commitment to keeping its clients’ data safe and secure. For questions regarding this designation, please reach out to us at firstname.lastname@example.org.
It is important to keep our user and client data secure. Additionally, HIPAA and other regulations require us to take careful precautions with client data is secured and protected. Below is an overview of the actions taken to ensure that that user data is protected from unauthorized use.
HIPAA Privacy Rule
Your privacy is ensured because only authorized users are allowed access to the system (see below). The system does not display data at an individual level. Additionally, we will never disclose individually identifying Protected Health Information (PHI) without your consent.
The data in Springbuk is secured with a variety of techniques and controls. First and foremost, your data is encrypted during transmission from 3rd-party data providers to us, and is kept in an encrypted state when at rest within our system. During data processing, all personnel and programs needing to access this data must have the required decryption keys and access to even be able to access the data. The process for allocation of user accounts and decryption keys is controlled internally and according to our written operating procedures.
Additionally, the website has various levels of user access and roles, and only certain types of users (acting within their individually authorized accounts) are allowed to perform certain operations to query or otherwise process the data. Users must sign into our site via a secure HTTP connection (HTTPS), which prevents unauthorized users from intervening and seeing the data while it is being transmitted.
Our entire server environment runs in a secured, private network in the cloud, access to which is granted only to authorized employees (also according to our written operating procedures). In setting up the server environment, we have followed the cloud provider’s documented best practices for ensuring direct access is properly configured.
As a visitor to our website, we take the privacy of your data very seriously. In an effort to ensure the best possible interaction with Springbuk, we have put in place the following policies:
At Springbuk, we collect data about our website users in order to provide better service to everyone who accesses our content online. The cookies, pixels, and tracking codes that are used on our website are provided by third parties and allow our site to remember your settings, monitor our site’s performance, and provide us with feedback about how our website is used by visitors like you.
If you would like to browse our website without cookies,, you can adjust the setting of your Internet browser to reject the setting of all or some Cookies and to alert you when a Cookie is placed on your device. For further information about how to do so, please refer to your browser ‘help’ / ‘tool’ or ‘edit’ section or see allaboutcookies.org.
How We Process and Use Your Data
We intake data about how you use our website, in addition to personally identifiable data that you provide for us by filling out forms or responding to chat windows on our website. This data is processed by and often stored within third party applications, all of which have been vetted for stringent security protocols and compliance with privacy laws, including CAN-SPAM and GDPR. We use this data for two primary purposes:
- Improving the overall performance of our website.
- Providing you with content and information related to Springbuk that you may find relevant. This data is stored securely, used selectively, and never sold or traded to a third party.
Your Right To Your Own Data
You have a right to, at any time, for any reason, make a request to receive the data we have collected on you. We are able and willing to delete, correct, or alter information that we have collected about you upon request. Ultimately, the Springbuk website usage data we have collected about you is yours, and you have a right to possess this data or remove it from our system at your discretion.
Do You Have Any Questions?
If you have any questions about how we collect, store, or use your data, please reach out to our team at email@example.com. We are happy to assist in any way we can!