Privacy on Band Pencil

30 Nov 2019 // 2 minute read

#updates #management


Privacy is incredibly important to us here at Band Pencil, which is why we have updated our privacy policy to reflect this. In this article I will explain what we've done to make Band Pencil more secure and protect your data.

Confidentiality
We now place strict access controls over your data and are committed to ensuring that nobody has access to your data that shouldn't. If you contact our support team, you will grant them temporary access to your account so that they can provide support to you. Our support team are vetted and have strict rules and controls about what they can do with their access, and their usage is monitored. They cannot access your content unless you contact support.

Accessing Band Pencil
Your password are stored using a non-reversible method using an industry standard hashing and salting algorithm. We log users out automatically after a period of inactivity and we can block users who attempt to login with invalid credentials too many times.

Your Data
We do not share personal data to third-parties with the exception of text messaging, email providers, and payment providers for the instances where users send text messages, emails, and when payments are collected via the payment providers.

Encryption
Our data is encrypted in transit (https) and all sensitive information (e.g. names, email addresses, phone numbers, addresses, billing information, passwords etc.) are stored as encrypted values in our database. To be clear, no client, musician, or student data is stored as plain-text. Database backups are encrypted individually and off-site backups have full-disk encryption too. Backups. Database and file system backups are taken daily, and are stored for a six months.

Our Data Protection Officer can be contacted via the contact page. Our Information Commissioner's Office (ICO) reference number is ZA556426. Please contact our Data Protection Officer for the copy of this certificate.


Join Band Pencil