Ecanvasser is robust and secure; the security and performance of Ecanvasser is our number one priority. At Ecanvasser, we do our utmost to keep your data safe and secure.

Ecanvasser's services and data are hosted in Amazon Web Services (AWS) facilities.

For non-EU customers, your data is hosted on in North California, USA (AWS region us-west-1).

For EU customers, your data is hosted in Ireland (AWS region eu-west-1).

EU customer registration data processed by Ecanvasser may be transferred to the AWS us-west-1 region. Please note that this relates to user registration data only. Amazon Web Services participates in the EU-US and Swiss-US Privacy Shield Framework regarding the collection, use, and retention of personal information from European Union member countries and Switzerland, respectively and this forms part of our data processing agreement with Amazon. Further details regarding EU-US Privacy Shield can be found here

We have taken full advantage of the extensive and rigorous security options available on AWS to give you confidence that the highest standards and best practices are maintained.

Our database includes a 30 day point in time restore function.

The web application itself is on a nightly scheduled backup.

Amazon Web Services guarantees us 99.9% up-time.

Ecanvasser forces HTTPS for all services using TLS (SSL) to our application using 256-bit encryption. All data access is protected by a role-based access-control mechanism, which only lets customers view data for which they have permission.
It’s impossible for customers to view data from accounts other than their own.

Only authorized employees have access to our production infrastructure, and passwords are strictly regulated.

We limit access to customer data to a select few employees who need it to provide support and troubleshooting on our customer’s behalf.

Accessing data center information as well as customer data is done solely on an as-needed basis, and only when approved by the customer (i.e. as part of a support request), or to provide support and maintenance.

We do not store any credit card information. We store a random identifier to associate a customer with our payment provider Stripe.com. Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1.

This is the most stringent level of certification available in the payments industry. 

As per our retention policy for personal data processed in relation to the services provided, the data retention periods are:

That said, customers (who are collectors and controllers of the personal data) have the ability to delete personal data utilizing the bulk delete actions within the Ecanvasser platform prior at any time.

We also provide customers with a personal data anonymization tool that allows you to safely anonymize data collected while retaining the analytical results of interactions performed.

Visit the Privacy Dashboard to learn more about the Anonymization tool.

Ecanvasser is regularly updated with improvements and minor fixes, typically on a weekly basis. Larger feature releases and updates are done on a 4 to 6 weeks release cycle.

Our technology and processes adhere to the strictest legal privacy requirements, and we regularly revise our policies and agreements to ensure we have continued compliance with the latest data protection regulations:

As part of the delivery of our Services to our Customers, we may use third party data processors, also know as a "Sub-processor".

Below is important information about the identity and role of each Sub-processor:

If you would like to learn more, you can reach out to support@ecanvasser.com