Security at Fibbler

Protecting Customer Data

Encryption

Fibbler supports TLS v1.3 encryption to protect communications between customer web applications and our systems. All data received from customers is encrypted at rest using AES-256-bit encryption while in storage.

Employee Access

We restrict the number of personnel with access to information systems containing sensitive data. Customer data is only accessible by those who need to access it for their work, e.g., responding to a customer support case or resolving a technical issue requiring engineering input.

Data Retention

Data is deleted from our systems using automated policy-based expiration periods once data has met the retention schedule. We also perform data removals through manual delete operations to fulfill ad-hoc requests (e.g., privacy requests).

Cloud and Network Architecture

Datacenters

We use Fly.io with our primary region located in Amsterdam (AMS). Fly.io's infrastructure is built on top of multiple cloud providers and bare metal servers in various regions, offering excellent reliability and performance. Fly.io maintains SOC2 Type 2 certification and supports HIPAA compliance, running on their own hardware deployed in secure data centers like Equinix.

Monitoring

We implement various mechanisms and are constantly improving the monitoring of our networks, servers, and applications. We monitor errors, availability, system behavior, load, and other resource usages.

Incident Reporting

If you have any questions about Fibbler's security program or if you need to escalate a security concern, please contact us at support@fibbler.co.

If you need a printed version of this information, use the 'print' and 'save as PDF' options from your web browser.