Pathway’s privacy and security protocols are designed to protect the sensitive data we collect from you, our client, as well as the personal information you collect from the contacts on your email lists. Under no circumstance do we share or sell your email lists or contact information with individuals or entities outside of our organization. Pathway only uses the email addresses and other personal information you provide to deliver the agreed-upon services for your account.
Safely Storing Your Data
Pathway takes reasonable, industry-recognized measures to protect your sensitive information from theft, unauthorized access, disclosure, misuse, alteration, destruction, and loss. Some of the specific protocols we have in place to protect your passwords, credit card information, and contact lists include the following:
● Passwords–we encrypt your system password to ensure that no one gains access to your account password and any affiliated data in the event of a database breach.
● Credit cards–we never store your credit card information in our database. All credit card transactions are handled over a secure protocol (SSL) so no one gains access to your financial data in the event of a database breach.● Contact lists–we do not maintain your contact lists on our server. Actual contact list files are only kept in our filesystem for the short time it takes to upload and process them, after which they are deleted. They are then stored securely in the database.
Database Security
Our database only holds the information needed for the functioning of the application triggers. This data is encrypted and securely transmitted. Only the owner of the Pathway account has access to the relevant sensitive data necessary to execute the desired workflow. Access may be granted by the Pathway account owner to account managers and other team members.
Data Transfer
Pathway extracts data from your terminal server onto our local filesystem. That data is transmitted over a secure protocol (SSH/SFTP) from your terminal server to our server. Following this transmission, it sits on our server for a few hours while we verify data integrity and process the data from the files into our encrypted database. We then delete the original files until the next daily transfer. The link between your terminal server and our server is secured with a strong password and limited by IP address.
Despite our best efforts to protect your sensitive data, Pathway cannot guarantee absolute protection of your information due to the open and unstable nature of the Internet. We assume no liability for security breaches resulting from the failure of your computer equipment or your network or Internet service provider.
Compliance with PIPEDA
Pathway fully complies with the regulations set forth in the Personal Information Protection and Electronic Documents Act (PIPEDA) with regard to how we collect, use, and safeguard your personal information. To learn more about PIPEDA, visit: https://www.priv.gc.ca/en/privacy-topics/privacy-laws-in-canada/the-personal-information-protect ion-and-electronic-documents-act-pipeda/
On-Site Security Protocols
Pathwayport.com is hosted from a world-class data center in Canada where maximum security is a priority. To prevent any intrusions or hazards, the building perimeter is secured by barbed-wire fencing. Video surveillance and movement detection systems are also in continuous operation. Activity both inside and outside of the data center is monitored and recorded on secure servers, while a surveillance team is on-site 24/7.
Every staff member receives a radio frequency ID name badge that must be used to enter the building as well as to gain access to data servers. Only authorized employees with a need to access the servers are granted entry into the secure server rooms.
Network Security
Our hosting provider deploys its own fiber-optic network across the globe. Hardware at the cutting edge of technology is selected, installed, and maintained by in-house teams of engineers.
The network allows for an impeccable quality of service to be delivered to all customers, regardless of their location, with a bandwidth capacity of 4.5 Tbps in Europe and eventually 8000 Gbps in North America, as well as a connection on 33 peering points across 3 continents. The company has also chosen to build its network redundantly - multiple security measures have been put in place, to eliminate any risk of failure. The redundancy of links will also enable your data to take the shortest path and thus benefit from minimum latency.
Server Security
Our hosting provider maintains a human presence in the data center 24/7/365 to ensures all data servers are continually maintained. In the event of a technical incident, they will react immediately to ensure that your server is repaired as quickly as possible.
Some of the server ranges are also equipped with double power supplies and double network cards so that the infrastructure is redundant from end to end.
Electrical Supply
The data center is powered by two separate electrical power supplies and is also equipped with UPS devices. Power generators have an initial autonomy of 48 hours to counteract any failure of the electricity supply network.
Anti-DDoS Protection
All dedicated hosting services include protection against all types of DDoS attacks.
Other Security Measures to Prevent Data Leak/Hacking
Pathway uses a combination of sha256 and other encryption algorithms in our system, and our developers keep up to date with the latest in security vulnerabilities of each algorithm. If an algorithm isn't deemed safe anymore, it is replaced ASAP.
Brute-force guessing our passwords for the server is also not an option, because we ban them after a few attempts.
We do maintain an IP blacklist of visitors that have shown suspicious activity. Once an IP is blacklisted, that user can no longer see or interact with our site.
Data Retention
If the account is closed, the data remains on our servers and in our backups for the next 90 days. On request, the data can be purged sooner, to a minimum of 30 days after account closure.