System Security
Raken Security
At Raken, we know how valuable your work is to you — after all, what’s more important than Data you upload to Raken everyday? That’s why we work hard to respect your privacy and ensure that your data is always safe with us. Here are some of the ways in which we keep your Data private and your work secure.
Raken and the EU General Data Protection Regulation (GDPR)
At Raken, we’re committed to privacy—that’s why our privacy policies already consistent with high standard of the new European data protection law known as GDPR, and why we’re ensuring we maintain those rights and extend them to all our users, inside and outside the EU.
How is my data safe?
Complete control over who can access your Data
- All entered Data is private by default. Accessing your Data requires a user to have a Raken account and be invited to view and modify your Data by an authorized user of your account.
- You can also decide to make your Data viewable by others with a shared link and to allow others to download the Document.
Direct file access is protected behind the following security measures:
- All files are available through a URL (including images and, when enabled, the downloadable Raken document).
- The URL can not be guessed and all filenames are obfuscated.
Where is my data stored?
All Raken data is stored in the US (AWS datacenter). More on AWS security.
Is my data secure?
- All of our servers are within our own virtual private cloud (VPC) with network access control lists (ACL’s) that prevent unauthorized requests getting to our internal network.
- We have data encryption in transit, meaning all our data in the database, underlying storage, backups, replicas and snapshots passes through the encrypted channel.
- Only a handful of people can access data and they only do so in order to improve the services we provide.
- We monitor and audit our usage logs.
What Third Party services do you use?
We use a number of third parties to store user data in order to provide/improve our services:
- We send a monthly newsletter using Sendgrid. This newsletter is only sent to customers who signed up specifically to receive the newsletter.
- We send transactional and administrative emails through Intercom.
- We use Google Analytics to track page views to improve usability of our marketing website and both Web and Mobile Raken Apps.
- We use Newrelic to track errors that occur within Web and Mobile Raken Apps and the API. This also includes certain data that correlates with the error, but does not include sensitive customer information (passwords, tokens etc).
- We use CloudFront (as CDN) to distribute our resources for our marketing website, including downloads of the app itself.
- All payments are processed by Stripe. We don’t currently store any payment information or customer data from these transactions.
- Our search functionality on both Web and Mobile Raken Apps is powered by Amazon Elastic Search.
- Our Customer Support team use Meetedgar and Intercom to provide email and social media support for users.
- We store user documents on Dropbox, Box, Google Drive, Egnyte based on your request.
Compliance
The environment that hosts the Raken services maintains multiple certifications for its data centers, including ISO 27001 compliance, PCI Certification, and SOC reports. For more information about their certification and compliance, please visit the AWS Security website and the AWS Compliance website.
You can find out more about our policies in our Terms of Service and Privacy Statement. If you have any questions about security at Raken, please contact our Customer Support team.