Security & Privacy Terms

How We Keep Your Data Safe

All phishla accounts use SSL-encrypted connections by default — the same level of security used by online banks. When using phishla you will never send or receive sensitive information in plain-text. Additionally, industry-standard physical and remote security is administered at ISO 27001 and PCI DSS certified datacenter facilities and 3rd party vulnerability assessment is performed twice a year.

How We Stay Reliable

phishla achieves an average 99.9% uptime. Here are a few things we do to ensure we stay available for you whenever you need to access your information:

  • Network connectivity is provided by a top carrier.
  • All data is protected by hardware RAID over multiple data storage units.
  • Critical servers have redundant power supplies.
  • Critical components are deployed in (at least) redundant pairs.

Data Retention Policy

We take our role as custodian of your data extremely seriously. We have multiple backup systems in place to protect your data, governed by the following policies:

  • All backups are replicated to at least 2 physical storages located in 2 different physical locations.
  • All backup systems are tested twice a year.
  • Backups occur once daily.
  • Database backups are retained for 180 days.
  • Application logs (for assisting phishla support cases) are retained for 90 days.

Industry Standard Security

phishla systems and processes adhere to industry best practices in security, including the following:

  • Encrypted inter-server and inter-datacenter communication.
  • Encrypted password.
  • Tightly firewalled and monitored servers.
  • Strictly controlled access to servers or customer data.
  • Immutable audit trail for support-related data access.

Responsible Security Disclosure

phishla has an engaged developer community and we value the role played by third parties in Internet security. Our customers trust us with their data and we take this trust extremely seriously. The following process is in place for any person or organization to report vulnerabilities in the phishla service:

  • Email a complete description of the issue to support@phishla.com. Include code samples and as much detail as possible.
  • The phishla security team will acknowledge receipt of the email promptly and investigate.
  • Most reports will take less than 24 hours to investigate and determine a course of action.
  • Be responsible and retain the private nature of this disclosure until the phishla security team has responded to your submission with a timeline of any mitigation underway.
  • phishla does not pursue any action against parties who disclose issues through this process.

phishla does not compensate disclosing parties for submissions.

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Start typing and press Enter to search