At Zesty, we consider the security and privacy of our customers as a top priority.
We implement a solid technical and organizational strategy to uphold Security and Data Privacy for our customers worldwide.
Our Security
We aim to maintain high levels of security for all data assets and systems.
Our comprehensive security measures, tailored to the specific nature, scope, and purpose of the processing, guarantee optimum protection and safeguard the rights and freedoms of individuals, mitigating risks at every turn.
- Accessibility
Zesty ensures seamless accessibility for authorized users. We detect and respond rapidly to incidents, such as viruses and other malware threatening the continued availability of assets, systems, and information. - Confidentiality
Zesty guarantees that information is only accessible to those authorized to access it, on a need-to-know basis. - Integrity
Zesty safeguards the accuracy and completeness of information and processing methods, preventing the destruction or modification of electronic data.
Access Control
With strict access protocols and constant monitoring, Zesty ensures uncompromised internal systems and customer data protection. Our comprehensive approach extends to physical resource management, guaranteeing top-tier security across all fronts.
- System Access Control
We ensure exclusive access to our system through strict authorization protocols and advanced monitoring, combined with multi-factor authentication and automated threat detection, safeguarding our database with unparalleled protection. - Data Access Control
Our robust user authentication measures ensure that only authorized personnel can access and interact with customer data, safeguarding against unpermitted modification, copy, or transfer. With precise and ongoing employee authorization review, Zesty provides unrivaled data protection. - Physical Access Control
At Zesty, we believe that physical security controls are a key component in any overall security program. We implement stringent access controls and procedures to prevent unauthorized access to data and assets. Hosted on Amazon’s accredited data centers, our infrastructure adheres to the highest industry standards.
Continuous Security Monitoring
Zesty implements comprehensive security measures, including employee training, robust safeguards, uninterrupted data availability, and routine Penetration Testing, ensuring the integrity and protection of your information.
- Organization & Operations
We deploy extensive training to ensure our employees adhere to our security policies, while actively raising awareness about the importance of data protection. Additionally, we maintain robust safeguards such as firewalls and anti-virus software to protect against potential threats to your information. - Data availability
Zesty ensures uninterrupted data availability with comprehensive backup policies and an automated backup procedure for cloud deployment. Our meticulous approach includes permanent monitoring and regular checks to ensure seamless recovery whenever needed. - Penetration Testing
We conduct routine Penetration Testing, including annual external tests to safeguard against unauthorized access and protect confidential information. Partnering with reputable third-party vendors, we proactively identify and remediate vulnerabilities, ensuring robust protection against potential security breaches and maintaining the integrity of our systems.
Encryption
Zesty encrypts Customer data at rest as well as any communication in transit. We utilize TLS encryption on web assets to maintain the highest security standards and secure two-factor authentication AWS IAM roles. With regular verification of security certificates and encryption algorithms, Zesty keeps your data safe and secure.
Global Compliance
Aligned with industry best practices and global regulations, Zesty maintains extensive compliance standards, including Service Organization Control (SOC2) compliance, ensuring the highest level of data privacy and protection.
- SOC2 standards
Zesty’s operations, policies, and procedures comply with Service Organization Control (SOC2) standards, verified by independent audits. With the SOC2 type 2 compliance, we guarantee an appropriate level of security, prioritizing your data and rights protection. - US Data Protection
Zesty maintains industry-standard measures to protect Customer Data according to U.S. government surveillance. We defend Customer Data against interception and maintain encryption for both data in transit and at rest, ensuring the utmost security for our Customers in the US.
Certifications and attestations
- AWS partnership
- SOC2
- CCPA
- GDPR