Trust Center
HOMEE understands in today's digital age, where data is king, ensuring the security of our customers' data is paramount. This Trust Center demonstrates our continual investment into data security, showcases efforts to ensure the availability and accessibility to data, and provides transparency into our efforts to protect our customers' privacy.
Security
Encryption
HOMEE uses TLS protocol with 256-bit AES encryption to protect data in transit and at rest. User data, such as login credentials, is sent through encrypted public channels. All data is encrypted at rest within the databases. Encryption keys are stored separately, and have restricted, administrator-only access.
Data Center Security
HOMEE’s infrastructure is hosted within Amazon’s AWS ecosystem. HOMEE infrastructure was designed and engineered inline with AWS’ best practices as they pertain to security and availability. HOMEE leverages the many available network resources to ensure HOMEE is aligned with industry best practices while providing a safe, scalable, and reliable platform.
Multi-Factor Authentication (MFA)
HOMEE uses automated access control systems to restrict user access to its network and data. All users use multi-factor authentication (MFA) measures to ensure that access to in-scope system components are protected at all times.
Incident Response
HOMEE's privacy incident response plan and escalation procedures ensure timely and effective handling and communications to all affected customers in the event of a confirmed data breach that may potentially expose their data. HOMEE is in close contact with supervisory legal authorities to handle such cases.
SOC 2 Type II
HOMEE’s robust Risk Management practices covering governance, risk, and compliance will help meet an organization’s compliance needs. We undergo independent third-party, annual audits to provide reasonable assurance that HOMEE’s service commitments and system requirements are achieved based on the trust services criteria relevant to Security (applicable trust services criteria) set forth in TSP Section 100, 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy (AICPA, Trust Services Criteria). Customers may request HOMEE’s most recent SOC 2 Type II report, and the latest penetration testing report by emailing bizdev@homee.com.
Availability
Redundancy
HOMEE designed redundancy and maximum availability into our network infrastructure. In the event of failure, all components for critical operation are configured for near-seamless transition, and deployed such that customers are protected from major disruption in web, storage, network and servers.
Disaster recovery
HOMEE's critical servers are installed in AWS within several regions across multiple zones. If one of the data centers fails, the second data center is configured to take over all production tasks, guaranteeing minimal service disruption or capacity loss. In the event of a major disruption or disaster, HOMEE's emergency response team will activate the disaster recovery plan.
Backup and restoration
HOMEE maintains redundancy and backup processes for our service databases. In the unlikely event of massive server failure, restoration of the entire production system is in place. Mirrored data is protected in geographically disparate locations and configured to automatically come available if a primary database server fails.
Data reliability
Data can be restored to a point-in-time within 1 second of precision for the past 7 days. Data is stored with 99.999999999% durability and 99.99% availability of objects over a given year.
Privacy & Compliance
HOMEE's privacy program is designed to respond to today’s ever evolving privacy rules and regulations. HOMEE’s formal, documented, and governed data privacy program is designed to secure and protect the data entrusted to us by our customers and to ensure our customers’ right to privacy is respected. Our privacy program ensures that all data is collected, accessed, stored, and processed in an acceptable and compliant manner. Read our Privacy Policy here (hyperlink to published Privacy Policy)
Compliance with Privacy Regulations
HOMEE handles personal information with compliance in mind. HOMEE ensures compliance with the various privacy regulations and security standards it is currently subject to abide.