Ashore has developed a strict security policy that covers how user data and account information is accessed, transferred, stored and protected.
Ashore stores your data with 99.999999999% durability of files over a given year.
Ashore provides encrypted connections by default using SSL. This method protects your data as it is transferred from our servers to internet browsers, and vice versa. This is the gold standard in transmission security.
Only authorized account users or approvers are granted access to your data. We also log access to each individual file within a proof and give account users this same data, which is visible on their Proof Timeline. If an approver has viewed or downloaded your files, you have access to this information at any time.
How data is secured within the platform?
We uphold the highest standards for data security. Data is meticulously protected by leveraging multiple layers of security controls including firewalls, intrusion detection systems, and regular security audits. We also employ the use of strict access control policies to ensure only authorized personnel have access to sensitive data.
How long is data retained?
As per our data retention policy, we retain customer data for a duration of two years. Following this period, the data is securely removed from our systems in accordance with industry best practices and legal requirements.
Can I control (either via policy or via API) when data is removed?
Yes, you can exercise control over when data is removed. This can be facilitated via our data management policies or programmatically via our API. However, it’s important to note that the data can only be removed when associated entities, such as proofs, have been deleted. In essence, when a proof is deleted, all connected files are also erased.
Is your platform subjected to any security testing or certification ?
While our platform utilizes Stripe for financial transactions, which maintains its own PCI compliance, we ensure that our platform undergoes regular security testing and complies with established security standards.
Is data encrypted at rest in the platform?
Yes, we prioritize data security highly and ensure that all data at rest within our platform is securely encrypted. This includes all forms of data, be it customer data, transaction data, or internal data.
What TLS version does the site use?
Our website employs TLS version 1.3 to ensure the secure transmission of data between the user’s browser and our servers. The cipher suite in use is TLS_AES_256_GCM_SHA384, which ensures a high level of security and integrity for data in transit.