Main SiteSign In

Data Security Policy

Last updated January 1, 2023

At Designware, we know how valuable your work is to you—after all, we’re in the business of producing digital experiences too, and appreciate the need for data security and privacy. Our users entrust us with safely and reliably hosting their projects, and we take that responsibility seriously.

What types of data do you directly manage, and who can access it?

  • Personal Information includes the basics like your name, email, and password that get used for logins, to identify you to project contributors, and for email correspondence. Your login credentials should be maintained confidentially by you, and only a handful of Designware employees can access this data (not including passwords) for support, reports, and maintenance purposes. For a more specific breakdown of Personal Information, check out our Privacy Policy.

  • Project Data refers to projects and their configurations as edited by you (such as pages, content settings, uploaded files, and subscription details—excluding any sensitive payment information), plus the hosted instances and updates for published apps and websites. When you begin a project, it is private by default and only you have access. A project only becomes visible to others if you a) invite other Designware users to become contributors, or b) publish the project as a public preview, website, or an app that you distribute. Designware employees do not have access to view your projects in their configured forms, unless it’s for support purposes, or the project has already been published on the web or openly distributed as an app.

Where is data physically stored?

Data that Designware directly manages is stored in Toronto, Canada, and Amsterdam, Netherlands.

What are your data security measures?

Our security policies include keeping servers within our own virtual private cloud (VPC) with network access control lists (ACLs) that prevent unauthorized requests getting to our internal network. We have data encryption in transit and at rest, meaning most data, underlying storage, backups, replicas, and snapshots are encrypted. As mentioned above, only a handful of people directly employed by Designware can access this data, and they only do so in order to improve the services we provide. We monitor and audit our usage logs.

How does Designware data security compare to a private or on-premise solution?

In addition to the security measures listed above, our reputable cloud network providers—AWS and Digital Ocean—are global industry leaders in secure data hosting. This means your data is stored with the same protective measures, expertise, and scales of economy enjoyed by the most security-conscious clients, like government agencies and militaries, and at a fraction of the cost required to build and maintain equivalent custom or on-premise environments.

What third party data services do you use?

  • Amazon Web Services (AWS) is our cloud network provider for domain management.

  • Digital Ocean is our cloud network provider and CDN for user accounts and projects.

  • Stripe processes all payments. Designware does not store any payment information or customer data from these transactions, except for the last 4 digits of the card on file for your visibility.

  • Google services are used to understand how you discover and access Designware, and how we can make it better.

  • Facebook Business Manager services are used to understand how you discover and interact with some of our content (predominantly relating to Instagram posts).

  • ActiveCampaign is used to understand how you discover and access Designware, and to send select marketing communications like our newsletter, which can be unsubscribed from using the link at the bottom of those emails.

  • Zapier is used to translate and relay data between other services.

  • Typeform, Slack, and email clients are used to collect and store communications sent to us.

Designware also has third party service integrations which allow you to add certain types of content to projects, like free media assets. These third parties do not collect or receive user-specific data from Designware, but may collect aggregate, anonymized data like overall consumption metrics.

Certifications, Compliance, and GDPR

The data centres that host Designware services maintain multiple certifications, including ISO 27001 compliance, PCI Certification, and SOC reports. For more information about their certification and compliance, please visit AWS Compliance and Digital Ocean Trust.

We’re committed to the privacy of you and your audience. Our Terms of Use, Privacy Policy, and our third party service providers adhere to the highest standard of data protection law in the world today, the EU’s General Data Protection Regulation (GDPR).

You can find out more about our policies in our Terms of Use, Privacy Policy, and Responsible Disclosure Policy. If you have any questions about security at Designware, please don’t hesitate to contact us at support@designware.io.

PreviousPrivacy PolicyNextResponsible Disclosure Policy

Last updated

Was this helpful?