We protect your data
Storage
Data entered via our software applications is stored in our databases and is subject to the same protection and monitoring as the rest of our systems. Our data center is located in Canada. We are committed to working only with data center providers who maintain state-of-the-art access control, including video surveillance, security, access lists and exit procedures.
Regular backups
All data is written instantly to multiple disks and backed up automatically and remotely at least once an hour. Our database backups are encrypted.
Redundancy for all major systems
Our systems are designed to remain operational even in the event of multiple server failures.
Your data is sent via HTTPS
Every time your data is in transit between you and us, it's encrypted and sent over HTTPS (sha256RSA 2048 bit). In our firewall-protected private networks, data can be transferred unencrypted. We maintain A+ certification from Qualys / SSL Labs.
We protect your billing information
All credit card transactions are processed using secure encryption, the same level of encryption used by major banks. Card information is transmitted, stored and processed securely on a PCI-compliant network.
Regularly updated infrastructure and constant monitoring
Our software infrastructure is regularly updated with the latest security patches. Our products operate on a dedicated network that is locked down with firewalls and carefully monitored. We use third-party security tools to constantly scan for vulnerabilities.
Availability and reliability
Our application is available 24/7. Our goal is to maintain a monthly availability of at least 99.99%, we maintain a history of incidents and service availability metrics on our status site: https://status.toucanhq.com
Access and authentication
User passwords are stored as hashed strings using the Bcrypt algorithm. Toucan respects and implements the OAuth 2.0 and OpenID standards for all access authorizations to resources made available through its REST API.
Capacity
Our infrastructure is designed to be elastic, enabling it to grow in line with the rate of use of its various application modules. We monitor and evaluate the impact on our users of critical points in our application, so that we can make performance improvements as quickly as possible.
Accountability
We keep an audit trail of changes made to business data. Each change is associated with the user who made it, the type of change (addition, modification, deletion), the change differential and a timestamp. Retention rules are defined in the contract's service level (usually between 7 and 90 days).
Efficiency
We are sensitive to the resources consumed and optimize our code to reduce its environmental impact.
We protect your data
Storage
Data entered via our software applications is stored in our databases and is subject to the same protection and monitoring as the rest of our systems. Our data center is located in Canada. We are committed to working only with data center providers who maintain state-of-the-art access control, including video surveillance, security, access lists and exit procedures.
Regular backups
All data is written instantly to multiple disks and backed up automatically and remotely at least once an hour. Our database backups are encrypted.
Redundancy for all major systems
Our systems are designed to remain operational even in the event of multiple server failures.
Your data is sent via HTTPS
Every time your data is in transit between you and us, it's encrypted and sent over HTTPS (sha256RSA 2048 bit). In our firewall-protected private networks, data can be transferred unencrypted. We maintain A+ certification from Qualys / SSL Labs.
We protect your billing information
All credit card transactions are processed using secure encryption, the same level of encryption used by major banks. Card information is transmitted, stored and processed securely on a PCI-compliant network.
Regularly updated infrastructure and constant monitoring
Our software infrastructure is regularly updated with the latest security patches. Our products operate on a dedicated network that is locked down with firewalls and carefully monitored. We use third-party security tools to constantly scan for vulnerabilities.
Availability and reliability
Our application is available 24/7. Our goal is to maintain a monthly availability of at least 99.99%, we maintain a history of incidents and service availability metrics on our status site: https://status.toucanhq.com
Access and authentication
User passwords are stored as hashed strings using the Bcrypt algorithm. Toucan respects and implements the OAuth 2.0 and OpenID standards for all access authorizations to resources made available through its REST API.
Capacity
Our infrastructure is designed to be elastic, enabling it to grow in line with the rate of use of its various application modules. We monitor and evaluate the impact on our users of critical points in our application, so that we can make performance improvements as quickly as possible.
Accountability
We keep an audit trail of changes made to business data. Each change is associated with the user who made it, the type of change (addition, modification, deletion), the change differential and a timestamp. Retention rules are defined in the contract's service level (usually between 7 and 90 days).
Efficiency
We are sensitive to the resources consumed and optimize our code to reduce its environmental impact.