Judgify is a SaaS platform run by GlobalSign.in Pte Ltd. We take data privacy, security, and reliability seriously. As a company, we ensure that the personally identifiable information (PII) that you collect through our platform is protected and secured with the best security and compliance measures. As a company, we are ISO27001 certified with over 114 Information Security measures put into place within our company. We ensure your award complies to GDPR (as we do), and our whole platform is PCI DSS compliant as well.
Judgify Security & Safety Guide
ISO 27001 Certified
ISO 27001 is a specification for an Information Security Management System (ISMS) that is set by the International Standards Organisation (ISO). We are ISO / IEC 27001 certified, with over 114 IS control measures put into place within our company. We have been independently audited to ensure we fulfil the relevant compliance measures.
Our platform helps you maintain EU General Data Protection Regulation (GDPR) compliance. End users have access to consent options during registration and can set their notification preferences at any time. You can identify fields with personal or sensitive data to apply additional levels of security, and you can assist your users with any privacy requests, download user data for information requests, or permanently delete a user on request.
PCI DSS Compliant
Our whole platform is compliant with the Payment Card Industry Data Security Standard (PCI DSS). We also integrate with third-party payment gateways for credit card payment processing for paid events. Customer credit card details are not stored in our databases. We pass them on directly to the relevant payment gateway.
Fine-Tuned Role and Permission Access Control
A security role defines how different users access the different features and functions they’re permitted to access. To control access to data, you can modify existing user roles or change permissions. To access the custom roles and permissions, as well as to manage the users’ permissions according to their role and profile, contact us here.
Security Enforcement Features
Authorization and authentication are two different but related aspects. Judgify is equipped with a two-step verification for extra-safe authorization and authentication processes. Security enforcement features allow for cryptographic proof that users are on a legitimate Google site or account and have their security keys with them.
We encrypt data both at rest and in transit on our platform. Data stored at rest (in our databases) is fully encrypted. Data in transit is encrypted using HTTPS (TLS 1.2) by default with 256-bit encryption key and SHA-256 signed certificates.
Our databases are backed up daily, and we have a 30-day retention policy. Uploaded media is stored across multiple geographic locations to ensure redundancy and availability.
Our platform is hosted on Amazon’s AWS infrastructure. We use the best-in-class security practices and controls and isolate and secure our infrastructure with the use of Virtual Private Cloud (VPC).
We do not host in shared infrastructures with other unknown companies or websites. We chose AWS as our infrastructure provider to comply with the highest security compliance standards.
AWS data centres are housed in nondescript facilities. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilising video surveillance, intrusion detection systems, and other electronic means.