Data Policies, Processes and Methods

Key considerations

Data access and ownership

Your data remains your exclusive property and we access it infrequently. Chargebee Reveal will never access your data without obtaining your explicit permission, except in cases of genuine security concerns or quality assurance needs.

Data privacy

Your data, 100% belongs to you and we never sell it. We will never delete any data from your account without first providing you with adequate time to export it.

Data encryption

Reveal prioritizes data security. We encrypt your data both during transit, using advanced TLS protocols and 2,048-bit keys, and at rest, using Amazon's Key Management Service (KMS).

ISO 27001 certified data centers

We host Chargebee Reveal products in collaboration with the world's leading data center providers. We rigorously control access to these data centers. Our partners hold esteemed certifications such as SOC 2 Type 2 and ISO 27001, and they ensure N+1 redundancy for all power, network, and HVAC services.

Penetration testing

We conduct thorough third-party assessments, including network, application, and physical security tests, and audits multiple times each year to strengthen our security measures and ensure your data's safety.

Cloud security

At Chargebee Reveal, we prioritize the security of cloud infrastructure to ensure the protection of your data.

Physical security of data centers

Our commitment to data center physical security is unwavering. We ensure that our facilities adhere to rigorous security standards.

Facility certifications

Chargebee Reveal primarily relies on AWS data centers, which have earned certifications including ISO 27001, PCI DSS Service Gateway Account Level 1, and SOC 2 compliance for the hosting of Service Data. To quote AWS: "Independent reviews of data center physical security is also a part of the ISO 27001, PCI, ITAR, and the FedRAMP compliance programs."

On-site security measures

AWS on-site security encompasses an array of protective features, including security personnel, perimeter fencing, security camera feeds, intrusion detection technology, and various other security protocols.

Location of data hosting

Chargebee Reveal leverages AWS data centers situated in the United States, Europe, India and multiple regions to ensure that the data storage is compliant with the law-of-the-land, especially payments' data. Customers are afforded the flexibility to select the precise location for hosting their Service Data as needed.

Network security

Dedicated infosec team

At Chargebee Reveal, we maintain a dedicated information security team that's available around the clock, every day of the year. They are on standby to respond swiftly to security alerts and incidents.

Protection through Network firewall

Our network benefits from a robust network-level firewalling system. This system provides a formidable defense against network attacks. We closely monitor and exercise tight control over firewall protections to ensure the security of our network.

External penetration testing

In addition to our comprehensive internal scanning and testing procedures, we regularly engage third-party assessments and audits, conducted multiple times each year. This practice enhances our security posture and validates its effectiveness. We effectively have an audit every single day.

Security measures

To reinforce the security of our network, we rely on essential AWS security services, ongoing audits, and vigilant network IT supervision. These measures allow us to actively monitor and proactively thwart recognized malicious traffic and attacks.

Key encryption

Encryption during data transit

During data transmission, we consistently safeguard all data sessions through the implementation of advanced TLS protocols and the utilization of 2,048-bit encryption keys.

Encryption for data at rest

When it comes to data storage, we securely encrypt all databases while at rest. This encryption is executed using Amazon's Key Management Service (KMS). The same level of encryption is consistently applied to the disks utilized for our production application servers.

Application security practices

Third party penetration testing

Chargebee Reveal conducts third-party assessments and audits multiple times every quarter. This means our teams undergo audits throughout the year.

Secure code training

Our engineers actively participate in routine secure code training sessions, encompassing OWASP Top 10 security risks, common attack vectors, and Chargebee Reveal's security controls.

Security policies

Chargebee Reveal has developed an extensive collection of security policies. These policies are shared with and accessible to all employees and contractors who have access to Chargebee Reveal's resources.

Employee training

All our employees undergo security awareness training, which is administered upon onboarding and repeated annually. Additionally, our engineers receive annual secure code training. Our security team disseminates further security awareness updates through internal messaging, email, and presentations during internal events.

Background checks

Chargebee Reveal conducts criminal background checks on all new employees in accordance with local regulations. These checks are also a mandatory requirement from our information security auditors to maintain our licenses.

Isolated environments

We maintain a strict separation between testing and staging environments and the production environment. Our development and test environments never incorporate any service data from the production environment.