Security

At CloudCannon, security is important to us. We are always looking for ways to improve our product and a big part of that is security. This includes our product and the way our people conduct themselves to achieve the entire experience.

Compliance

CloudCannon is currently working towards SOC2 compliance as a priority for 2022. In the meantime, Enterprise customers can work directly with our Information Security team.

For payments we use Stripe which is a certified Level 1 Service Provider. CloudCannon does not store any raw payment details.

GDPR

CloudCannon works hard to ensure the app is GDPR compliant. For a list of subprocessors you can review our GDPR policy. Once an account, site or project is removed, all associated data are immediately removed.

Privacy

Your privacy is critically important to us. At CloudCannon we have a few fundamental principles:

• We don’t ask you for personal information unless we truly need it.
• We don’t share your personal information with anyone except to comply with the law, develop our products, or protect our rights.
• We don’t store personal information on our servers unless required for the on-going operation of one of our services.

Read more in our privacy policy and if you have any concerns, please share them with us.

External pen testing

CloudCannon hires a 3rd party to run penetration tests at least annually. We use scanning tools to monitor and detect vulnerabilities. CloudCannon periodically runs a bug bounty program. The Bug Bounty Program is currently available; it is important to follow the guidelines stipulated.

Contact

If you need anything else, please contact support@cloudcannon.com.