Security Policy

EFFECTIVE DATE: October 25, 2018

Overview

At Canopy we take the protection of customer data extremely seriously. This Canopy Security Policy describes the organizational and technical measures Canopy implements platform wide designed to prevent unauthorized access, use, alteration or disclosure of customer data. The Canopy services operate on Amazon Web Services (“AWS”); this policy describes activities of Canopy within its instance on AWS unless otherwise specified.

Security Team

Our infrastructure and security team includes people who’ve played lead roles in designing, building, and operating highly secure Internet facing systems at companies ranging from startups to mature software providers.

Best Practices

Incident Response Plan

Infrastructure

Data

Data Transfer

Authentication

Permissions and Admin Controls

Application Monitoring

Security Audits and Certifications

Payment Processing

All payment instrument processing for purchase of the Canopy services is performed by Stripe. For more information on Stripe’s security practices, please see https://stripe.com/docs/security/stripe.

Customer Responsibilities

Canopy develops a software platform for data mining sensitive information. Canopy’s flagship product for Incident Response is designed for service providers and law firms responding to data breaches in compliance with GDPR, FERPA, PCI, HIPAA, CCPA or other privacy laws or regulations.
You won't regret opening our emails.
Subscribe Now