UpBuoy

Your Trust is Our Top Priority

We are committed to safeguarding your business and customer data through robust security practices, industry-standard technologies, and continuous vigilance.

Built with Security at the Core

At UpBuoy, we understand that the data you entrust to us  about your routes, your customers, your finances, and your team  is critical to your business. Security isn't an afterthought; it's foundational to how we design, build, and operate our platform. We employ a multi-layered approach to protect your information across our applications, infrastructure, and internal processes.

Our commitment includes:

  • Data Protection: Implementing strong measures to safeguard the confidentiality, integrity, and availability of your data.
  • Transparency: Being open about our security practices.
  • Compliance: Adhering to industry best practices and relevant regulations.
  • Continuous Improvement: Regularly reviewing and enhancing our security posture to address evolving threats.

Key Security Measures & Practices

Encryption In Transit & At Rest

All data transmitted between your devices (web browser, mobile app) and UpBuoy servers is encrypted using industry-standard TLS (Transport Layer Security). Sensitive data stored within our databases, such as passwords and certain integration keys, is encrypted at rest.

Hosted on Reliable Cloud Platforms

UpBuoy leverages leading cloud infrastructure providers (e.g., Amazon Web Services - AWS) known for their high standards of physical security, network security, and operational reliability. This includes measures like firewalls, intrusion detection/prevention systems, and regular security audits of the underlying infrastructure.

PCI Compliant Payment Processing

When you use UpBuoy Billing, customer payment information (credit card numbers, bank account details) is handled directly by our payment processing partner, Stripe, a certified PCI Level 1 Service Provider (the highest level of security certification). UpBuoy does not store full credit card numbers or bank account details on our servers. We securely process payments using tokenization provided by Stripe.

Protecting Your Login

User passwords are securely stored using industry-standard hashing algorithms. We enforce password complexity requirements and provide secure password reset mechanisms. We strongly recommend users enable multi-factor authentication on their email accounts associated with UpBuoy for added protection. Users are responsible for maintaining the confidentiality of their own passwords.

Role-Based Permissions

UpBuoy utilizes role-based access controls (Admin, Tech) to ensure users only have access to the information and features necessary for their job function. Administrators manage user accounts and can grant specific extra privileges to technicians as needed.

Secure Development Practices

We follow secure software development lifecycle practices, including code reviews, vulnerability scanning, and regular updates to address potential security issues in our codebase and third-party libraries.

Regular Backups for Reliability

We perform regular backups of critical platform data to ensure we can recover information in the event of unforeseen incidents.

Prepared for the Unexpected

We have procedures in place to detect, respond to, and mitigate potential security incidents promptly.

Working Together for Better Security

While UpBuoy implements strong security measures, protecting your account also depends on you:

  • Strong Passwords: Use unique, complex passwords for your UpBuoy account and change them regularly. Do not reuse passwords from other services.
  • User Management: Regularly review user accounts and permissions. Promptly deactivate accounts for employees who no longer work for your company.
  • Device Security: Ensure devices (computers, phones, tablets) used to access UpBuoy have up-to-date operating systems, security software (antivirus/anti-malware), and screen locks/passcodes enabled.
  • Phishing Awareness: Be cautious of emails or messages asking for your login credentials. UpBuoy will never ask for your password via email. Report any suspicious activity to us immediately.
  • Secure Customer Data Handling: Remember that you are responsible for the customer data you input into UpBuoy. Ensure you have appropriate consents and handle their information responsibly according to your own privacy policies and applicable laws.

See Something? Say Something.

If you believe you have discovered a security vulnerability in UpBuoy or have concerns about your account's security, please contact us immediately at [security@upbuoy.com] or via our main Support Channels. We take all reports seriously and will investigate promptly.

Our Ongoing Commitment to Security

The security landscape is always changing. UpBuoy is committed to staying informed about emerging threats and continuously investing in and improving our security practices to protect your valuable business data.

Certifications & Compliance

Our payment processing is handled through Stripe, which maintains PCI DSS Level 1 compliance, the highest level of certification available in the payments industry.