Neeto uses commercially reasonable efforts to implement and maintain the security measures listed below. Capitalized terms used below that are not otherwise defined have the meanings given to them in the Agreement.
1. Scope
This security policy applies to the Services provided by Neeto.
2. Data Storage Location
Neeto runs its applications on NeetoDeploy, a platform built on AWS, utilizing AWS security. All instances are hosted in the us-east-1
region.
For some attachments, we use S3 service from AWS. For S3 services, we use AWS
region us-east-1
.
3. Network Controls
Data in transit between end-users and Neeto applications are encrypted using HTTPS.
4. Hosting
Our backend server is hosted on NeetoDeploy, which runs on top of Amazon Web Services.
Amazon's data center operations have been accredited under:
- SOC 1/ISAE 3402, SOC 2, SOC 3
- FISMA, DIACAP, and FedRAMP
- PCI DSS Level 1
- ISO 9001, ISO 27001, ISO 27017, ISO 27018
You can refer to AWS security policy for more details.
5. Access
Access to Neeto’s systems is strictly controlled through the "need-to-know" basis.
Only a limited number of engineers, whose job function is to support and maintain the Neeto environment, are permitted access to Neeto’s production environment.
6. Data breach
We shall investigate each and every data breach reported to us. When a breach of Personal Data is likely to result in a high risk to the rights and freedoms of individuals then Neeto will notify the affected individuals without undue delay.
7. Servers
Our servers are maintained in the United States. By using the Services, You give us Your consent to export Your personal data to the United States and to store and use it in the United States as specified in this Security Policy. You understand that data stored in the United States may be subject to lawful requests by the courts or law enforcement authorities.
8. SOC 2 or ISO 27001 certification
While We eventually love to achieve these certifications, currently, We don't have these certifications.
9. Modification
Neeto may update this policy by posting the updates to the Neeto Website. Your continued use of the Services after We post any modifications to this Policy will constitute Your acknowledgment of the modifications and Your consent to abide and be bound by the modified policy.