How we protect your data?

Earning partner trust is the foundation of our Social Enterprise at YGROO

WE HAVE INVESTED IN WORLD-CLASS INFRASTRUCTURE TO PROTECT YOUR DATA

We are committed to protect your most critical and sensitive assets: your data. To do this, we provide technical, operational, and contractual measures needed to protect your data.

DATA CONTROLS

We use AWS Identity and Access Management (IAM) to securely manage access to AWS services and resources. We use AWS CloudTrail and Amazon Macie to enable compliance, detection, and auditing, while AWS CloudHSM and AWS Key Management Service (KMS) allow us to securely generate and manage encryption keys. AWS Control Tower provides governance and controls for data residency.


DATA PRIVACY

We encrypt data in transit and at rest using keys. We implement consistent and scalable processes to manage privacy, including how data is collected, used, accessed, stored, and deleted. We only process customer data (any personal data you or your users upload to your YGROO Platform) under your instructions or your users instructions in the course of you and your users using the system and do not access, use, or share your data without your agreement, except as required to prevent fraud and abuse, or to comply with law. Thousands of customers who are subject to GDPR, PCI, and HIPAA use similar AWS services for these types of workloads. AWS has achieved numerous internationally recognized certifications and accreditations demonstrating, compliance with rigorous international standards, such as ISO 27017 for cloud security, ISO 27701 for privacy information management, and ISO 27018 for cloud privacy.


We do not use customer data or derive information from it for marketing or advertising purposes.


SECURITY

Financial services providers, healthcare providers, and governmental agencies are among the customers, who trust and use the same services that YGROO uses of AWS. To meet core security, confidentiality, and compliance requirements we leverage AWS Nitro System, the underlying platform for our EC2 instances (Where our application and user data is hosted). The AWS Nitro System has been designed to have workload confidentiality and no operator access. With the Nitro System, there's no mechanism for any system or person to log in to EC2 servers, read the memory of EC2 instances, or access any data stored on instance storage and encrypted EBS volumes. In addition, services such as AWS CloudHSM and AWS Key Management Service allow us to securely generate and manage encryption keys, and AWS Config and AWS CloudTrail deliver monitoring and logging capabilities for compliance and audits.


At an application level we ensure data protection using the following measures:

  1. All personal and contact data of the users (emails / Phone numbers etc.) are masked

  2. We allow the end user full control over their data.

    Using the “Suspend” button in My Account > Your Details users can instantly delete all their personal and transactional data.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.