Last Updated: July 27, 2023
We take the security of your data seriously at Accode. If you have questions regarding security, please write to us at security@accode.io.
This page describes the technical, administrative, and physical controls applicable to security at Accode.
Hosting and architecture
Cloud-Based Services
Accode operates on a multi-tenant architecture for its cloud-based services, provided and hosted by Hetzner Online GmbH (Hetzner). This design is built around restricting access to any workflows, dashboards, and data created by you and your users using Accode. All user-built workflows and dashboards are contained in a “Workspace”. Hetzner, the hosting provider, ensures security measures and certifications. For more information, refer to the Hetzner Security document.
Self-Hosted Services
For self-hosted Accode services, Workspaces are hosted on the user's infrastructure, such as on-premises or within their virtual private cloud (VPC) or virtual private network (VPN). Accode’s self-hosted image is based on the latest version of Debian.
Storage of User Data
Users can submit data and content, known as User Data, to their Workspaces. This can include connecting to their databases or those hosted by third parties or Accode.
When Workspaces connect to databases provided by Accode, User Data is stored on Hetzner infrastructure. When connecting to user-owned or third-party databases, Accode acts as a proxy and applies credentials server-side to avoid exposing sensitive information.
Confidentiality and Security Controls
Confidentiality
Accode enforces strict controls on employees' access to Workspaces and User Data. Only authorized personnel may access user accounts and data for support purposes. Access is logged and monitored, and employees are bound by confidentiality policies.
Protection of User Data
Accode takes joint responsibility with users to protect User Data. Security controls include audit logging, access management, host management, network protection, product security practices, and team-wide two-factor authentication. Security reviews, bug bounties, and continuous monitoring ensure ongoing security improvements.
Data Encryption
Accode employs industry-accepted encryption products to secure User Data during transmission and at rest. Up-to-date secure cipher suites and protocols are used for encryption in transit, while ensuring compatibility with older data sources.
Reliability, Backup, and Business Continuity
Service Reliability
Accode is committed to delivering a highly available service. The infrastructure is fault-tolerant, and disaster recovery measures are regularly tested. An on-call team promptly resolves unexpected incidents.
Data Redundancy and Backup
User Data stored by Accode is redundantly stored in multiple locations within the hosting provider's data centers. Regular backups and data replication ensure data availability. Backups are retained for seven days and tested regularly.
Portability, Return, and Deletion of User Data
Portability of Workspaces
The Workflows, Dashboards, and User Data. Users can import and export User Data in CSV format. Users can also import and export Workflows and Dashboards in JSON format, though some technical constraints may apply.
Return of User Data
Within 30 days post contract termination, you may request return of User Data stored by Accode (to the extent such data has not already been deleted by you). Information about the export capabilities of the Accode services can be found by reaching out to our data security team at security@accode.io.
Deletion of Workspaces and User Data
Administrators can delete Workspaces and associated User Data at any time during the subscription term. Accode performs hard deletions and destroys backups, ensuring data is permanently removed.
Monitoring, Validation, and Practices
Certifications
Accode undergoes certifications and aligns with industry standards to ensure security practices meet prevailing requirements.
Audits
Regular internal and external security assessments and audits are conducted to validate security practices. Continuous automated scanning and periodic audits are performed.
Intrusion Detection and Security Logs
Accode monitors all services and endpoints for malware and anomalies. Extensive logging and analysis of security events are overseen by the security team.
Incident Management
Accode maintains security incident management policies, promptly notifying impacted customers of any unauthorized data disclosure.
Personnel Practices
Accode implements background checks for employees and provides comprehensive privacy and security training to ensure the protection of the Accode services' security, availability, and confidentiality.
For more details, please refer to our official documentation or reach out to security@accode.io. We continuously strive to enhance security to ensure a safe and reliable experience for our users.