We encrypt all data sent from our server to your device (and vice-versa). We protect all access to the QTrak-Visit Servers with 256-bit SSL encryption over HTTPS. All data housed on QTrak-Visit servers is not shared with any 3rd party or used by QTrak-Visit in any manner, except by the user in the operation of the system. All data imported into or generated by QTrak-Visit remains the property of the user. We do not expose any insecure endpoints: all API calls must be made over SSL, which effectively eliminates the possibility of eavesdroppers reading your data as it is sent over the network.
This is the same level of security maintained by consumer banking applications in order to prevent unauthorized access, confidentiality, and maintain the integrity of the information.We use a unique API key for each independent client. The API key only grants access to that company’s data. We encrypt all data at rest on our servers. We maintain all access logs and every action by every QTrak-Visit user. Secure deletion will occur upon written notification from the user.
The QTrak-Visit app balances security and usability to provide a fluid customer experience while protecting valuable information. QTrak-Visit does not store any PII (Personally Identifiable Information) on the mobile devices. QTrak-Visit is a native iOS app, as a result all updates are approved by Apple for security and compliance.
Our primary infrastructure uses a Cloudmine back end which runs on Amazon's AWS platform, which has passed numerous third party security audits and certifications including HIPPA & FEDRAMP. We closely monitor uptime, as of May 31, 2017 our 90 day average up time was 99.94%