Formaloo’s most important concern is the protection and reliability of customer data. Our servers are protected by high-end firewall systems, and scans are performed regularly to ensure that any vulnerabilities are quickly found and patched. Application penetration tests are performed semi-annually by an independent third party. All services have quick fail-over points and redundant hardware, with backups performed daily.
​
Privacy and security have always been the foundation of Formaloo's approach to product development and business, and we continuously evaluate all our practices in an effort to safeguard your information as effectively as possible. In that vein, we're glad to comply with the General Data Protection Regulation ("GDPR") and to help Formaloo customers comply with the GDPR.
​
Access to systems is restricted to specific individuals who have a need-to-know such information and who are bound by confidentiality obligations. Access is monitored and audited for compliance.
​
Your business’s privacy & security is our top priority. And that’s exactly why we treat the safe custodianship of your data as our core function. Collectively referred to as HIPAA, the Health Insurance Portability and Accountability Act of 1996, along with a series of supplemental regulations, sets national standards to protect sensitive patient health information from being disclosed without the patient’s consent or knowledge.
​
In terms of Experience Management Software, the solution & security architecture must comply with all the applicable standards & implementation specifications that protect the confidentiality of Protected Health Information (PHI) stored, handled, or processed by the covered entities or business associates.
​
Maintaining the security and privacy of our customer's data is our utmost concern at Formaloo because our success and credibility depend on it. All data you enter into Formaloo remains yours, and we are committed to ensuring that your data is not seen by anyone who should not see it. Formaloo's data is encrypted both when it is sent to and from our servers, as well as when it is at rest. To protect your content in transit, Formaloo uses 256-bit SSL/TLS encryption. At rest, Formaloo content is protected using 256-bit AES encryption.
​
Formaloo's production data is regularly backed up to a separate, isolated location, and all backups are encrypted. You also have the option to manually back up your bases by exporting individual databases as spreadsheet files or by retrieving your data via the Formaloo API.
​
You may find our terms of service here, and our privacy policy here.