Clicking "Accept All" consents to the storage of cookies for marketing and analytics purposes on this device. We use cookies to give you the best possible experience on this website. More information in our Privacy Policy.
Company News
2 min.

Security Policy - How secure is anny?

Published
July 31, 2020
Header image for the Security Policy blogpost at anny
Author
Adriaan Wind - Head of DevOps & Co-Founder, anny GmbH - Blog anny
Adriaan Wind
Head of DevOps & Co-Founder, anny GmbH
Subscribe to our newsletter
Thank you! You will receive a confirmation email shortly.
Oops! Something has gone wrong.
By subscribing to our newsletter, you agree to our Privacy Policy and agree to receive regular updates from anny .
Share this post

The security of our customers' data is a top priority at anny\. Our goal is to provide a secure environment while keeping an eye on performance and the overall user experience.

Compliance

With regard to the processing of personal data, we comply with the General Data Protection Regulation (GDPR)/Primary Data Protection Regulation (GDPD) of the EU.

End-to-end security

anny is hosted entirely on Amazon Web Services (AWS) and Google Cloud (GCP). These provide integrated end-to-end security and data protection capabilities. Our team takes additional proactive measures to ensure a secure infrastructure environment.

Data Center Security

Amazon Web Services (AWS) and Google Cloud (GCP) have an impressive list of third-party reports, certifications, and ratings. This ensures complete and ongoing state-of-the-art data center security(AWS - GCP). They have years of experience designing, building and operating large data centers. The AWS and GCP infrastructure is located in data centers controlled by Amazon and Google around the world. Our data is stored exclusively on German servers in Frankfurt. The data centers themselves are protected with a variety of physical controls to prevent unauthorized access. For more information on AWS and GCP data centers and their security controls, click here: AWS - GCPAt the same time,by using both providers, we rely on a multi-cloud infrastructure to ensure a high level of resilience.

Application Security

All communications on the anny web application are encrypted using 256-bit SSL, which cannot be viewed by third parties and has the same level of encryption used by banks and large tech corporations.

To ensure the security of our users, we do not store passwords in plain text, only their hash values. anny actively monitors ongoing security, performance and availability (24/7/365). We run automated security tests on an ongoing basis. You can view our full privacy policy here: Privacy Policy

Infrastructure security

anny 's infrastructure is hosted in a fully redundant, secured environment, with access restricted to authorized support staff only. This allows us to take advantage of full data and access separation, firewall protection and other security features.

Security Policy

anny applies strict security standards and measures throughout the startup. Every team member is trained and kept up to date on the latest security protocols. We undergo regular testing, training, and audits of our practices and policies.

Origin of technology/software

Who builds and maintains the anny technology?

Software development

anny develops and programs its technology in-house. We store source code and configuration files in private GitLab repositories. The security and development teams perform code reviews and run a static code analysis tool on every code commit.

We perform security audits on every code commit for security sensitive modules. These modules include, modules directly related to authentication, authorization, access control and encryption.

All important parts of integrated open source software libraries are tested for robustness, stability, performance and security by us.

Employee access to customer data

anny-Employees may access customer data only under the following conditions:

- Only by agreement and consent.- In case of problems or to investigate incidents.- For customer support or feature testing.- No longer than necessary to fulfill the purpose of access.- Customer data is not used in development or test systems.

Customer access

anny provides a web user interface (admin area), application programming interfaces (APIs), and data export capabilities to allow customers to access their data and thus be fully compliant with GDPD .

Data storage

Each customer is responsible for the data it creates, uses, stores, processes and destroys.

Upon expiration of the Services, Customers may instruct anny to delete all Customer Data from anny 's systems as soon as possible in accordance with applicable law.

Questions about security or compliance?

The security of our customers' data is a top priority at anny. Our goal is to provide a secure environment while considering application performance and overall user experience.

We welcome your questions at adriaan.wind@anny.co

Tags:
No items found.

Create a free account today &‍ 
start your new booking workflow

Digitize your resource management
Automate operational effort
Increase customer and team satisfaction
Daily view of the calendar in the admin area of the anny booking system incl. all bookings