How we make compliance seamless in everything we build.
Your data is our responsibility
Oneflow has a comprehensive Business Continuity and Disaster Recovery Policy in place which reviewed annually or whenever significant changes are made.
Oneflow is built with redundancy at every layer of its infrastructure. The platform, databases, storage and auxiliary services are hosted in multiple availability zones in Ireland, EU to allow for sporadic failures without any loss of availability, functionality or customer data. System logs and authentication logs are stored for 90 days (including 30 days off-site backup). Backups are also taken at regular intervals and stored in data centers in Sweden.
Oneflow is a secure platform with capabilities for searchability, follow-up and control. Personal data is safe in one place, rather than spread across email, servers and hard drives. Customer data (including personal data) processed and stored in Oneflow is confidential and only accessed by the customer.
Data is encrypted in transit and at rest; TLS 1.2 is used to encrypt data in transit, from the public internet to our CDN edge points, all the way into our internal network before being processed. Databases, servers and file storage also all encrypt data before storing it at rest, utilizing state-of-the-art encryption with the AES 256 algorithm.
Oneflow is aligned to the ISO 27001 standard, the NIST framework and has a range of internal policies, procedures and guidelines. These form our Information Security Management System and govern our approach to security and privacy. A selection of our policies is shown below.
• Information Security Policy
• Acceptable Use Policy
• Change Management Policy
• Decommissioning and Destruction Policy
• Information Security Risk Management Policy
• Information Security Incident Management Procedure
• Business Continuity and Disaster Recovery Policy
• Supplier Security Policy
• Secure Development Policy
• Workplace Policy
Please contact us if you wish to review any of our policies in detail.
Don’t miss a trick
Automate the entire contract process — from creating to signing and managing. Like magic.