Data Security and Compliance
- GDPR Compliance
Knack complies with the EU’s General Data Protection Regulation (GDPR), ensuring all data handling meets stringent privacy standards. - HIPAA Compliance
Knack offers a HIPAA-compliant version of its platform, adhering to healthcare data security requirements, including the signing of a Business Associate Agreement (BAA) when applicable. - PCI DSS Compliance
Knack is PCI DSS compliant, ensuring that sensitive payment information, such as credit card data, is never transmitted through or stored on its infrastructure. - SOC2 Type 2 Certification
Knack undergoes annual SOC2 Type 2 audits, demonstrating its commitment to maintaining secure and reliable systems. Audit reports are available upon request through our support team.
Advanced Security Features
- Encrypted Data
- In Transit: All data sessions are secured using TLS 1.2 or higher protocols with 2,048-bit encryption keys.
- At Rest: Stored data is encrypted with AES-256 encryption algorithms to provide robust protection.
- Password Protection
User passwords are encrypted, salted, and stored in an unreadable format, ensuring your credentials remain secure. - Controlled Data Access
Employee access to user data is strictly limited, logged, and only granted with explicit user permission in specific circumstances, such as suspected account activity issues.
Infrastructure and Reliability
Knack operates on the highly secure cloud infrastructure provided by Amazon Web Services (AWS). AWS maintains multiple certifications, including ISO 27001 and SOC2, ensuring your data is stored in a reliable and compliant environment.
Knack’s infrastructure includes:
- Multiple global data regions to optimize performance and compliance.
- Network-level firewalls and continuous monitoring to protect against cyber threats.
For additional information or inquiries about our portal security, please contact our support team.