Skip to nav Skip to content

Security

At CustomerTrackr, we take the security of your data seriously. This page outlines the measures we have in place to protect your information and ensure the integrity of our service.

We Protect Your Data

All data stored in CustomerTrackr is backed up regularly to ensure we can recover your information in the event of any issues. Our database backups are performed automatically and stored securely to protect against data loss.

Your Data Are Sent Using HTTPS

Whenever your data are in transit between you and us, everything is encrypted and sent using HTTPS. This ensures that all communication between your browser and our servers is protected from interception. We enforce HTTPS connections and use modern SSL/TLS encryption protocols to secure all data transmission.

Our application databases are subject to the same protection and monitoring as the rest of our systems. While active database data may not be encrypted at rest, all data transfers are encrypted, and we implement strict access controls to protect your information.

Secure Password Storage

We use industry-standard password hashing algorithms to store your account passwords. Your passwords are never stored in plain text, and we cannot retrieve your original password. If you forget your password, you must reset it through our secure password reset process.

Security Headers and Protection

Our application implements comprehensive security headers to protect against common web vulnerabilities, including:

  • Strict Transport Security (HSTS): Forces secure HTTPS connections
  • Content Security Policy: Prevents cross-site scripting attacks
  • X-Frame-Options: Protects against clickjacking attacks
  • X-Content-Type-Options: Prevents MIME-type sniffing
  • Referrer Policy: Controls referrer information sharing

We Protect Your Billing Information

All credit card transactions are processed using secure encryption through Stripe, our payment processor. Stripe is PCI-DSS Level 1 compliant, the highest level of certification available in the payments industry. Card information is transmitted, stored, and processed securely on Stripe's PCI-Compliant network.

We do not store your credit card information on our servers. All payment data is handled exclusively by Stripe, which uses the same level of encryption used by leading banks. This means your payment information never touches our servers, providing an additional layer of security.

Regularly-Updated Infrastructure

Our software infrastructure is updated regularly with the latest security patches. We monitor for security vulnerabilities and apply updates promptly to ensure our systems remain protected against known threats. Our products run on a dedicated network which is locked down with firewalls and carefully monitored.

While perfect security is a moving target, we work to keep up with the state-of-the-art in web security and implement best practices to protect your data.

Constant Monitoring

We use monitoring tools and error tracking services to help us identify and respond to potential security issues quickly. Our systems are monitored for unusual activity, and we have processes in place to alert us to any potential security threats.

We also audit internal data access. Access to customer data is restricted to employees who need it to perform their job duties, and all access is logged and monitored. If a CustomerTrackr employee improperly accesses customer data, they will face penalties ranging from termination to prosecution.

Session Security

We use secure session management to protect your account. Session cookies are configured with security flags to prevent unauthorized access, and we regenerate session IDs upon login to prevent session fixation attacks. Sessions are configured to expire after periods of inactivity to reduce the risk of unauthorized access.

Access Controls

Access to customer data is restricted to authorized personnel only. We implement role-based access controls within our application, and employees are granted access only to the data they need to perform their job functions. All access is logged and regularly reviewed.

Incident Response

In the unfortunate event that we discover a security breach or unauthorized access to customer data, we will immediately investigate the incident and take appropriate action. We will notify affected customers as soon as possible, in accordance with applicable laws and regulations.

We have processes and defenses in place to protect your data, but if you notice any suspicious activity or believe your account may have been compromised, please contact us immediately.

Your Role in Security

Security is a shared responsibility. While we work hard to protect your data, you also play an important role:

  • Use a strong, unique password for your CustomerTrackr account
  • Do not share your account credentials with others
  • Log out when using shared or public computers
  • Keep your browser and operating system up to date
  • Report any suspicious activity immediately

Have a Security Concern?

If you have noticed abuse, misuse, an exploit, or experienced an incident with your account, please contact us immediately. We take all security concerns seriously and will investigate promptly.

For more information about how we handle your data, please review our Privacy Policy and Terms of Service.