We're Hiring ⚡
Start Free Trial
Start Free Trial

Security and data privacy at airfocus

We take our customers’ security very seriously, and have extensive experience serving enterprise clients with complex security requirements. We fully comply with European and German data security regulations including GDPR. This page covers key elements of our security policy. For documentation about airfocus' policies, please consult our Terms and conditions and Privacy policy. If you have questions, please reach out to us through chat or email contact@airfocus.com.

Best-in-class data center and ISO 27001 certification

airfocus’ physical infrastructure is hosted and managed within DigitalOcean’s secure data centers. DigitalOcean is certified in the international standard ISO/IEC 27001:2013. By achieving compliance with this globally recognized information security controls framework, audited by a third-party, DigitalOcean has demonstrated a commitment to protecting sensitive customer and company information.

Your password is stored securely

All user passwords are hashed with a PBKDF2-based strong hashing algorithm and individual salts per password. Hashing passwords means we don’t have access to the original passwords, nor does anyone else. So even if our database were compromised, everyone’s passwords would stay secure.

We do not store payment details

airfocus does not store or process payments. All payments go through our partner, Stripe, which is a leading global payments system that is PCI DSS compliant. Details about their security can be found here.

Secure transmission

All communication between airfocus servers and the client browser is secured using the industry standard Transport Layer Security (TLS). Only the most relevant and secure level of TLS is accepted by airfocus (currently 1.2). The connection is encrypted using the most secure encryption schemes available leading to an A+ rating in the SSL Labs security report. See this SSL report for more information.