Security

Project.co is an important application for our customers daily business requirements. It’s therefore extremely important to us that we are providing a safe and secure environment that our customers can rely on. This page sets out all the different ways in which we operate to make sure we’re providing an uninterrupted, reliable service with security as a major focus.

Your data

All non-file data is stored via Amazon Relational Database Service using Amazon Web Services (AWS) infrastructure.

Data transfer

All data is transferred using HTTPS SHA-256 with RSA Encryption. We ensure that all default account URL’s have a valid SSL Certificates using a wildcard certificate. We use Let’s Encrypt to automate SSL Certificate creation for all custom domains. This means that all Project.co accounts are secured by HTTPS. The result of this is that any data you send in or out of Project.co is encrypted via HTTPS.

Passwords

User passwords are one-way encrypted using an industry leading algorithm; this means we do not have access to or keep any record of the original password on our server. This means that even if our database was compromised your original password would remain secure.

File storage

File data is stored in AWS S3 and accessed via AWS CloudFront using HTTPS encrypted links.

Hosting & infrastructure

We use Amazon Web Services (AWS) London datacenter for our infrastructure. This includes the use of Elastic Compute Cloud (EC2) technology.

The infrastructure that AWS provides is designed and managed in alignment with best security practices and a variety of IT security standards. The following is a partial list of assurance programs with which AWS complies:

  • SOC 1/ISAE 3402, SOC 2, SOC 3
  • FISMA, DIACAP, and FedRAMP
  • ISO 9001, ISO 27001, ISO 27017, ISO 27018

Read more about AWS Security here: https://aws.amazon.com/security/

Billing

Project.co does not store your card details or process payments. We process all payments through Stripe who are a PCI-DSS Level 1 Service Provider. All payments are made on secure, encrypted Stripe hosted pages.

Account security

User access to each account is role based with each role having a set of core permissions. This means each user has a specific access level to each account and can only access the data allowed by their access level.

Legal

In addition to the security information included above you can see our data policies here:
Terms Of Service
Privacy Policy
Cookies Policy
Data Processing Agreement
Subprocessors

Create your FREE account

Create your free account and experience the magic of having all your information and communication in one place. Never miss a deadline, have a happier team and happier customers.