KeepShift Security Policy

Our Commitment to Security

At KeepShift, safeguarding your data is our highest priority. We are committed to delivering a secure, reliable, and privacy-respecting platform for all users and business owners. Our security practices align with industry best standards to ensure your information remains protected at all times.

Compliance and Security Standards

• KeepShift adheres to key security and data protection standards.
• All payment transactions are processed through Stripe, a PCI-DSS Level 1 compliant payment gateway—the highest certification available in the payment industry.
• Continuous monitoring through internal and external vulnerability scanning is performed to proactively identify and remediate risks.

Infrastructure and Hosting

• KeepShift is hosted on Google Cloud Platform (GCP), ensuring best-in-class infrastructure security, redundancy, and availability.
• Data is hosted in the geographic region closest to the customer to optimize performance and meet jurisdictional data residency requirements.
• GCP’s infrastructure offers 99.99% uptime SLAs, ensuring KeepShift remains reliable and accessible.

Encryption and Data Protection

• All data at rest is encrypted using AES-256 or stronger encryption methods.
• All communications are protected via TLS 1.2+ encryption, and HTTP Strict Transport Security (HSTS) is enforced to protect against downgrade attacks.
• KeepShift ensures end-to-end encryption across all web, mobile, and integration channels.

Access Security

• Access to the KeepShift platform is protected by role-based permissions, strong password policies, and optional 2-Factor Authentication (2FA) for all user accounts.
• Administrators can manage user permissions, enforce 2FA, suspend accounts, or remove access at any time.
• All logins and data access occur via secure, encrypted connections.

User Roles and Permissions

• KeepShift supports granular role-based access controls (RBAC) to limit data exposure and ensure users only access information relevant to their role—be it employee, supervisor, or administrator.
• Permissions are fully configurable within the platform.

Customer Data Isolation

• Customer data is logically separated using database partitioning and multi-tenant architecture.
• This guarantees the integrity and privacy of each customer’s data, with no overlap between accounts.

Data Privacy and Ownership

• You retain full ownership of your data.
• Upon termination of services, you may request deletion or export of all data related to your account.
• KeepShift complies with global data privacy regulations, including the Australian Privacy Act, GDPR, and other applicable standards.
• See our Privacy Policy for more details.

Financial Information Handling

• KeepShift does not store or process payment card information directly.
• All transactions are handled via Stripe, a PCI-DSS certified gateway that employs the strongest encryption and fraud protection tools in the industry.
• For more information on how Stripe protects your financial data, click here.

Need Assistance or Have Questions?

KeepShift’s Security Team is available to address your concerns or provide more details about our security practices.
Please contact us for any inquiries.