ABOUT

Feefo and your data

Your data and securing your data is incredibly important to us, as is your trust. We believe in being open and transparent, so here is an overview of our security practices. If you need more details, please fill in the form at the bottom of this page.

Frequently asked questions

How is my data protected?

At Feefo, we ensure customer data is protected from a number of risks, from external access to data loss.

Our customers’ data is written to multiple disks at the same time. This means that if data is unavailable in one location, or if one of our data centres goes offline, services are not interrupted and the data remains intact. The data is then streamed into an online back-up in (close to) real time, and snapshotted daily - with those snapshots being stored in multiple locations. Files uploaded by our customers are stored on servers which are designed to remove any potential bottlenecks or points of failure.

How is my data encrypted?

Whenever your data is transferred to or from Feefo through a browser or API call, everything is encrypted and sent using HTTPS. Within Feefo’s private firewalled networks, data is encrypted using Transport Layer Security (TLS).

All files uploaded by you to Feefo are stored and encrypted at rest using AES-256. All of the data that we store, including within databases and back-ups, are also encrypted at rest using the same encryption algorithm.

How do you protect your servers?

Our servers operate at full redundancy and across multiple locations, which means our systems are designed to withstand multiple server failure.

We protect our servers using biometric (fingerprint) locks and 24/7 interior and exterior surveillance monitoring. Our data centres can only be accessed by authorised personnel.

How often do you update your infrastructure?

We make sure our software infrastructure is always fully up to date with the latest security patches. It is also hosted on a virtual private cloud which is protected by firewalls and monitored. We protect our services from malicious attacks and distributed denial of service attacks (DDOS) by using web application firewall technologies.

Is my data monitored?

You can be sure of your account’s security with Feefo, as we have a team that is dedicated to monitoring account security and monitoring tools that will alert us of any potential breaches.

We also have internal security measures in place. If a Feefo employee accesses customer data with malicious intent, we will take the appropriate actions, whether that be termination or prosecution.

To date, we have never experienced a data breach, but we are prepared if we ever do. If an attack takes place, we will notify every customer that may be affected and relevant statutory bodies immediately, in line with GDPR practices.

If your question has not been answered here, please contact us at support@feefo.com

Want to know more?