Security Statement – RightCom

Updated November 12, 2020

RightCom is dedicated to protecting all customer data using industry best standards.

Many of our biggest customers demand the highest levels of data security, and have tested our services to verify that it meets their standards. In each case, we have surpassed expectations and received high praise from large international organizations.

RightCom’ most important concern is the protection and reliability of customer data. Our servers are protected by high- end firewall systems, and scans are performed regularly to ensure that any vulnerabilities are quickly found and patched. Complete penetration tests are performed yearly. All services have quick failover points and redundant hardware, with complete backups performed nightly.

Most important is our confidential system component design. It uses multiple checks to certify that packets from one subsystem can only be received by a designated subsystem. Access to systems is severely restricted to specific individuals, whose access is monitored and audited for compliance.

Customer data are stored in a specific location; it does not float around in the “cloud.” In addition, all data are processed in that location, and are not moved to another jurisdictional area. In other words, all data are processed in EU.

RightCom uses Transport Layer Security (TLS) encryption (also known as HTTPS) for all transmitted data. Our services are hosted by trusted data centers that are independently audited using the industry standard SSAE-16 method. RightCom deploys the general requirements set forth by many International Acts, including the French Data Protection Act no. 78-17 of 6 January 1978, as amended by the Act of 6 August 2004.

Since our subscribers control their users and their data, it is important for the users to practice sound security practices by using strong account passwords and restricting access to their accounts to authorized persons.

Regarding specific data types: RightCom provides general software and other services where all data are processed equally, without regard to how a customer might classify their data. As such, RightCom cannot declare or represent any data entered into its services. Any processing of specific data types are purely incidental, and not required to use the services. RightCom safeguards all customer data, and uses secure data centers to ensure the highest protection. Questions regarding this statement may be sent to [email protected]