Infiniforms Security Policy

Last updated: July 1st 2015

We want you to have a clear understanding of how we secure the information we collect in order to provide services.

This is the security policy of Infiniforms Limited, UK Company number 09165993 (“Infiniforms”). This document explains Infiniforms policies for the securing of information. Its scope includes all of Infiniforms services, including the services provided to users of its system.


Storage Of Data

Our data center meets a broad range of international and industry-specific compliance standards, including ISO 27001, HIPAA, FedRAMP, SOC 1 and SOC2, as well as country-specific standards including Australia IRAP, UK G-Cloud, and Singapore MTCS.


Credit Card Data

Credit card data is not stored on the Infiniforms Servers. Credit card processing is performed by Stripe and your card information is stored on their servers. More information can be found on their website www.stripe.com.

When credit card details are being given on the Infiniforms Website, the data is securely transferred directly to Stripe from your browser and is not passed to the Infinforms servers.


User Login Information

Passwords are not stored as plain text. They are stored securely by the use of hashing and each user has a unique salt value that is used in the hashing algorithm. When we store a password, the password goes through multiple hasing cycles, further securing the data.

Hashes cannot be reverse engineered. When we compare your password to the stored hash, we run your password through the same hashing algorithm and compare the results.


Questions

If you have any questions relating to Security, please contact us directly and we will gladly discuss them.