Astalty Logo

Security

Data Storage

Where is my data stored?

What is meant be data?

Here we are referring to any data or documents you input/upload into Astalty.

Your data is stored within Australia with our ISO27001 certified infrastructure provider, Amazon Web Services.

You can view a copy of their certification here.

Is my personal data ever stored outside of Australia?

No.

Astalty has strict procedures in place to ensure your personal data and your Participants’ personal data never leaves Australian borders.

Where do you store credit card information?

We don’t.

When you enter your credit card information into Astalty, we use a third party payments provider to handle this - Stripe.

The only details we store about your credit card are;

  • the type of card (Visa, Mastercard etc)

  • the last 4 digits (so you can easily identify the card when listed in Astalty)

Is my credit card data safe with Stripe?

There are strict guidelines and practices that must be followed when storing credit card information. Stripe are a PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry.

Why do you store my bank account information?

We store your bank account information in Astalty in the form of;

  • your BSB number

  • your account number

  • your account name

This data is shown on invoices that are generated by Astalty so that you can get paid.

Changing Bank Details

Any time your bank account details are changed, you will receive an email notification.

Data Backup

How often do you backup my data?

Astalty has implemented continuous backup and point-in-time recovery (PITR) of our database. This means we can restore our database to any point in time should a data loss occur.

Has Astalty ever had a data loss?

No.

Data Access

Who has access to my data in Astalty?

We have strict policies in place surrounding data access. Your data is only accessible by;

  • you

  • any Users added to your account

From time to time, Astalty may access your account and your data for the purposes of providing support or improving the quality of Astalty.

We do not share any of your data to any external party unless otherwise stated or required by law.

Audit and Logging

Does Astalty have audit logs?

Yes.

Astalty has audit logs for almost all of your data in Astalty. For Tasks, these can be accessed in the ‘Activity’ tab - other logs are available upon request.

Security

What security measures do you have in place?

  • Login attempt logging

  • Data encryption in transit and at rest using industry-standard AES-256 encryption

  • Minimum password strength requirements

  • 2-hour inactivity limit (Users will be logged out after 2 hours of inactivity)