Your information and data is taken seriously with us. We fully understand the need to have a secure system. So we put this document together to answer your questions!

Where is my data stored?

Amazon Web Services

• AWS ensures data centre security through physical security, network security, environmental controls, data encryption, identity and access management, monitoring and logging, DDoS protection, and compliance.

• AWS maintains secure facilities, employs robust network defences, encrypts data, manages access, monitors for threats, protects against DDoS attacks, and adheres to industry regulations.

• Our servers are located in London region and can only be accessed via restricted IP-based SSH access for system maintenance.

• Your data is also encrypted and stored separately on their own AWS bucket.

MongoDB - Atlas Clusters

• MongoDB is trusted partner of AWS and used for application Databases. Qhub store data captured on the application through the various hubs.

• MongoDB Atlas (server located in London) ensures the security of your data in the following ways; Encryption, access control, auditing and logging, backup and recovery, compliance, network security.

• By utilising these security measures, MongoDB Atlas provides a secure environment for your data storage and management.

How is my data protected?

Data encryption

• All Qhub web application communications are encrypted over 256 bit SSL, which cannot be viewed by a third party.

• Client data is encrypted in transit and at rest and can only be viewed by the customer using the Qhub application.

Data breach prevention

• Both AWS and MongoDB provide additional encryption and industry leading data protection on their systems and servers.

• Due diligence and review checks on all sub-processors (AWS & MongoDB)

• Regular risk assessments and reviews on application packages and code base to identify weaknesses and implement corrective actions.

• Tools are used to detect any flaws or risks to the application infrastructure.

• Internal devices are all managed and secured in accordance with Cyber security recommendations and requirements. (Including a strong password policy, MFA and firewalls)

Data breach detection

• We have a vast notification system provided by AWS and MongoDB to notify if there is a breach. We also use our internal tools that will notify our team if we detect a breach.

• Any data breach affecting our customers will be immediately cascaded to the customer admins and named account owner. Notifications will repeat until acknowledgement of the situation by the affected account.

The above points are in line with or data breach response policy and business continuity plan.

Is my data backed-up, and can i recover it?

• Yes your data is backed up! - We take daily and weekly backups of our databases and AWS buckets to ensure maximum data reliability.

• Data can be retrieved and restored to accounts with built in restore features, or upon a support ticket request through our internal app ticket system, and by contacting the customer care team, or your account manager.

• Our AWS EC2 Instances also have a weekly snapshot to ensure that our servers are quickly up and running in case of any hardware failure with minimum down-time.

• Customer data is stored for 30 days after leaving and can be requested during that time frame.

What happens if the system goes down?

It shouldn’t ...

• Application availability and integrity is paramount to us, which is why we have chosen trusted and well established systems to run our application.

• AWS servers normal operations work at 99.9% uptime in a 12 month period (this can be checked on their website for recent figures).

• Qhub also has isolated environments separate to production to ensure customers are not exposed to updates with breaking changes.

• Any application maintenance downtime is planned in times where we have observed zero usage, and you be informed prior to any planned downtime.

...But incase it did go down

• Your account holder will be notified as soon as the system fault is detected

• Regular updates will be sent with information on how your account may be effected.

• You can also check - www.q-hub.app/app_report - for updates

What happens to your data if we go out of business?

We hope we never will!

But incase the world ends... and the application can no longer be supported

• Your data will be provided to you in the following ways...

  • Data bases can made available in file types such as CSV, excel

  • Your files stored on the application can be downloaded and decrypted and downloaded by you for mass migration off the platform.

  • Hub outputs (like completed forms and processes) will be made sent to you in PDF format and csv/excel formats.

  • Any unique application systems like process flows and automations are only available on the system so will not be able to be exported.

• After your data has been successfully migrated off the system, we will keep the databases for 3 months incase you needed to retrieve the data again.

• After 3 months the application and your data will be permanently deleted.