Trust and Security
Privacy and security are critical for your business. That’s why we put them at the forefront of how we design and host our services.
Privacy and personal information protection are central to how we handle data. We comply with updated privacy legislation (including the GDPR and CCPA) as it becomes available.
We’ve adjusted our infrastructure and implemented additional processes to meet the standards set by the GDPR (General Data Protection Regulation).
We’ve incorporated CCPA (California Consumer Privacy Act) standards into our data practices to meet merchant requirements under this legislation.
As our corporate headquarters are situated in Canada we follow the requirements set by PIPEDA (Personal Information Protection and Electronic Documents Act).
At ZINation, our production network segments are logically isolated from our development or corporate segments, meaning your data can’t be accessed internally without a documented access request, vetted by our information security team.
Our development processes, production environment and application architecture are all designed with security as a focus.
Our servers are hosted on Google Cloud Platform (GCP), which is compliant with PCI DSS, ISO 27017, ISO 27001, SOC 2, and SOC 3.
All production infrastructure is monitored and logically administered by our operations team.
Physical security, power, and internet connectivity is monitored by Google.
We offer data centres in the United States and Canada.
Security Incident Response
In case of a system alert, events are escalated to our on-call incident handling team dedicated to specific response processes, including communication channels and escalation paths.
Dedicated security team
Our Security team is on-call 24 x 7 x 365 to respond to security incidents. We perform network security scans routinely for quick identification of out-of-compliance or potentially vulnerable systems.
On a monthly basis, our employees participate in security training as per compliance requirements. Additionally, our security team reviews security controls on a regular basis.