Bamzooka Security and Privacy Information
Security and Privacy Information - GDPR
Commitment to Data Security
Your personally identifiable information is kept secure. Only authorized employees, agents and contractors (who have agreed to keep information secure and confidential) have access to this information. All emails and newsletters from this site allow you to opt out of further mailings.
Staff Information
We require all of our staff to go through an extensive background check and ask them to sign a nondisclosure agreement that covers information about our customers and their application information. Only engineers and PM’s would have access to customer data.
Data Encryption
All passwords and credit card information are encrypted at all times. Additionally, organizations can set up Bamzooka to encrypt network transmissions with a 256-bit key.
Application Security
Your application data is safe. Data is encrypted during network transfert. Only logged in Bamzooka support staff can see the internal application and customer data during support invistigation. No end-users can see an organization data if they are not invited to join a workspace.
Collection of Information
We collect personally identifiable information, like names, postal addresses, email addresses, etc., when voluntarily submitted by our visitors. The information you provide is used to fulfill your specific request. This information is only used to fulfill your specific request, unless you give us permission to use it in another manner, for example to add you to one of our mailing lists
Cookie/Tracking Technology
We also use cookies on our website. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not harm your device, do not contain viruses, Trojans or other malicious software.
Although information returned by the browser is stored in the cookie, this does not mean that we are immediately aware of your identity. The use of cookies serves to make the use of our website more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages on our website. These are automatically deleted after leaving our page.
In addition, to improve usability, we also use temporary cookies that are stored on your device for a specified period of time. If you visit our website again to take advantage of our services, it will automatically recognize that you have already been with us and what inputs and settings you have made, so you do not have to re-enter them.
On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer. These cookies allow us to automatically recognize when you visit our site again that you have already been with us. The data processed by cookies are for the purposes mentioned in order to safeguard our legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f DSGVO required.
Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or always a hint appears before a new cookie is created. However, disabling cookies completely may mean that you can not use all features of our website.
All personal data will be deleted or blocked as soon as the purpose of the storage is omitted. In addition, such storage may be provided for by the European or national legislator in EU regulations, laws or other regulations to which the controller is subject. Blocking or deletion of the data also takes place when a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data for conclusion of a contract or fulfillment of the contract.
Backup and monitoring
On top of high availability features, Bamzooka is backed up daily and the backup is stored in a secure remote location. Bamzooka installation is monitored 24x7 and most incidents are handled within few minutes, even during off hours.
Distribution of Information
We may share information with governmental agencies or other companies assisting us in fraud prevention or investigation. We may do so when: (1) permitted or required by law; or, (2) trying to protect against or prevent actual or potential fraud or unauthorized transactions; or, (3) investigating fraud which has already taken place. The information is not provided for marketing purposes.
Hosting Information
Data Center
Hosted by AWS, located in Oregon, United States.
AWS (Amazon Web Services)
Bamzooka is hosted in a world-class facility at AWS, the world leader in managed hosting (https://aws.amazon.com/). Amazon Web Services Cloud Compliance enables customers to understand the robust controls in place at AWS to maintain security and data protection in the cloud. As systems are built on top of AWS cloud infrastructure, compliance responsibilities will be shared.
ISO 27001 Compliant
ISO 27001 is a security management standard that specifies security management best practices and comprehensive security controls following the ISO 27002 best practice guidance. The basis of this certification is the development and implementation of a rigorous security program, which includes the development and implementation of an Information Security Management System (ISMS) which defines how AWS perpetually manages security in a holistic, comprehensive manner.
The AWS ISO 27001 certification can be downloaded here.
HIPAA/Business Associate Agreement
Bamzooka Corp. have a signed BAA with Amazon to ensure HIPAA compliance. We also will sign a BAA with customers that will need to ensure PHI confidentiality and HIPAA compliance with Bamzooka. A copy of the signed BAA with AWS is available upon request.
Third-Party Integrations
Bamzooka service allows you to integrate various online third-party services or uses third-party services for onboarding and marketing emails. The services that you are able to integrate may require an account with the respective provider. Bamzooka will only collect relevant information necessary to enable the third-party services to work with Bamzooka. Any user of third-party services, is governed by the Terms and Conditions of that service. We have ensured that the third-party services we integrate with below are GDPR compliant.
Available Integrations:
- Google GSuite
- Microsoft Azure
- Zapier
Newsletter Emails and Onboarding Emails:
- Intercom
- Mail Chimp
Third-Party Payment Processor
Website Analytics
For purposes of analyzing and optimizing our websites, we use various services, which are presented below. For example, we can analyze how many people visit 0our site, which information is most in demand, or how people find it. Among other things, we collect data on which website an affected person came to a website (so-called referrer), which subpages of the website were accessed or how often and for which length of stay a subpage was viewed. This helps us to design and improve our offers in a user-friendly way. The data collected is not intended to personally identify individual users. Anonymous or at most pseudonymous data are collected. The legal basis for this is Art. 6 para. 1 f of the GDPR.
Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Inc, (1600 Amphitheater Parkway Mountain View, CA 94043, USA). Usage includes the Universal Analytics operating mode. This makes it possible to assign data, sessions and interactions across multiple devices to a pseudonymous user ID, thus analyzing the activities of a user across devices.
Google Analytics uses cookies that allow you to analyze the use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. The IP address provided by Google Analytics as part of Google Analytics will not be merged with other Google data. Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide us with other services related to website activity and internet usage . In these purposes, our legitimate interest lies in the data processing. The legal basis for the use of Google Analytics is § 15 Abs. 3 TMG or Art. 6 Abs. 1 f DSGVO. The data sent by us and linked to cookies, user IDs (eg user IDs) or advertising IDs will be automatically deleted after 26 months. The deletion of data whose retention period has been reached is done automatically once a month. For more information about Terms of Use and Privacy, please visit https://www.google.com/analytics/terms/en.html or https://policies.google.com/?hl=en.
You can prevent the storage of cookies by a corresponding setting of your browser software; however, please note that if you do this, you may not be able to use all the features of this website to the fullest extent possible. In addition, you may prevent the collection by Google of the data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google by using https://tools.google.com/dlpage/gaoptout?hl=en download and install. Opt-out cookies prevent future collection of your data when you visit this website. To prevent Universal Analytics tracking across devices, you must opt-out on all systems you use.
More Information
We reserve the right to make changes to this policy. Any changes to this policy will be posted on our website at www.bamzooka.com.
Bamzooka is located in Austin, Texas, USA.
Data Processing Agreement
The Bamzooka Data Processing Agreement is available here.