Data Protection & Data Security
System access is protected according to the latest standards of security
- Minimum password length
- Non-reversible cryptographic encryption (bcrypt hash, Random Salt)
- Runtime smoothing and insertion of noise against side-channel attacks
- Protection against brute-force attacks by limiting login attempts
- 256-bit AES transport encryption
- https browser symbol to prevent phishing
Server location in the EU
- Hosting at Hetzner Online GmbH in Nuremberg and Falkenstein/Vogtland (Germany)
- Survey results and comments cannot be traced back to individual users (log files without session/user information, random initialization vector)
- Encrypted storage of all data (256-bit AES)
- State-of-the-art protection against unlawful access
- Regular security updates to prevent safety threats
Physical server access control
- Electronic access control system with logging
- Documented handing out of keys to employees
- Video surveillance of all entrances and exits
- Fire early detection system at the server location
- Regular encrypted backups at two other locations (offsite encrypted backup)
Regular staff training in data protection
- Data leakage prevention
- Increased awareness of social engineering
