Peoplewave software is deployed on Digital Ocean, an infrastructure-as-a-service cloud platform used by organisations of all sizes to deploy and operate applications throughout the world. DigitalOcean uses commercial data centre providers to house its infrastructure, including Equinix, Digital Realty Trust-owned Telx, TelecityGroup, and Interxion, with 13 total locations in Singapore, New York, San Francisco, Amsterdam, London, Frankfurt, Toronto and Bangalore.
DigitalOcean has comprehensive security implementations and also meets all the major compliance frameworks as can be seen from their documentation below:
As a part of our practice to safeguard your information, we conduct internationally recognised policies and procedures. Specifically, we deploy Peoplewave applications currently in the Singapore data centre which is compliant with the following certifications:
We take the protection and safeguarding of your data very seriously.
All traffic between our clients and Peoplewave servers is encrypted through SSL. SSL certificates are created by using RSA and DSA based ciphers.
We don’t sell data to any 3rd parties so your data is safe with Peoplewave.
Peoplewave uses a third party credit card solution, Stripe, and all information is encrypted between the client and the Stripe servers. Peoplewave does not store Credit Card data. All credit card information is stored on Stripe, which is a validated Level 1 PCI DSS Compliant Service Provider. To validate this, please review here. Stripe employs comprehensive security protocols, which can be reviewed here.
Passwords are stored hashed and never logged, stored or transmitted as plain text.
Only authorised Peoplewave employees are given access to the resources that are required for their role, following the principle of least privilege. Authentication to access these resources is always password-based and login credentials are always transmitted encrypted, over https.
Our infrastructure is designed for maximum security to safeguard your data against unlikely risks.
We work with HackerOne to test Peoplewave for vulnerabilities and ensure any faults are identified as quickly as possible. HackerOne works with many other security conscious companies like GM, Spotify, Starbucks and airbnb.
DigitalOcean utilises disaster recovery facilities that are geographically remote from their primary data centres in the event production facilities at the primary data centres are rendered unavailable. Peoplewave also has a hot-standby follower database should the primary database be inaccessible for any reason.
We’ve planned a framework for maximum efficiency and minimum downtime.
We guarantee 99.8% uptime averaged over one month (excluding scheduled maintenance).
We are continuously updating Peoplewave software to provide excellent products and great experience for our users. Most updates take place with no downtime at all. In cases where some downtime is required, we keep it to an absolute minimum, typically between 10 to 20 minutes. Any scheduled downtime is announced at least one business day in advance and is scheduled during off-peak hours, typically Sunday evenings. All incidents and scheduled downtime are announced on our Status Page where users can subscribe for live email or SMS updates.
DigitalOcean automates the backup process and we keep full daily backups of Peoplewave data for the last 50 days. DigitalOcean also maintains a transaction log of the last 7 days.
Companies in the EU can use Peoplewave with confidence as we adhere to all the necessary data protection regulations.
Peoplewave does not store Personal Information any longer than necessary. Specifically, this means that the Personal Information is removed from our system within a set time after a user is deactivated (access to Peoplewave is cancelled) by the employer.