Overview

At Taxi for Email we take your privacy and security seriously. In addition to the information on this page we recommend you also review our Terms of Use, Cookie Policy and Privacy Policy.

Incident Response Plan

We have implemented a formal procedure for security events and have educated all our staff on our policies.

Build Process Automation

We used automated deployment techniques which mean we can update our systems in a matter of minutes. We typically deploy code several times every day, so we have high confidence that we can get a security fix out quickly when required.

Infrastructure

All of our services run in the cloud. We do not run our own routers, load balancers, DNS servers, or physical servers. Our services and data are hosted in Amazon Web Services (AWS) facilities in Ireland.

Our infrastructure is spread across 3 AWS data centers (availability zones) and will continue to work should any one of those data centers fail unexpectedly.

Data

All customer data is stored in the EU. We are fully registered with the Information Commissioner's office.

Data Transfer

All data sent to or from Intercom is encrypted in transit using 256 bit encryption. Our API and application endpoints are TLS/SSL only.

Authentication

Taxi For Email is served 100% over https.  Our team use two-factor authentication (2FA) and strong password policies. We offer a range of options for our customers around login so they can choose the standards that suit them best and match their own security policies

Permissions and Admin Controls

Taxi for Email enables permission levels to be set for users.

Application Monitoring

Our systems are automatically monitored 24/7 and our team are notified of issues in real time.

GDPR readiness

As a London based company the GDPR is part of the law where we operate, as such we have no option but to comply from the moment it becomes active in May 2018. Our processes and systems are already fully compliant. For the purposes of the GDPR we are registered as a Data Controller for our own data and a Data Processor for situations where we handle data on behalf of our customers.

PCI Obligations

Taxi For Email is not subject to PCI obligations. All payment instrument processing is outsourced to Stripe.