Your Shake data,
safe and sound.
We take it seriously. These are measures and policies we stick to in order to keep your data private.
Yes, your data. Unlike others, we don’t claim ownership over it. We host it to provide you our service on top of it, just like a bank provides and protects your safe deposit box without owning its contents.
AWS infrastructure
Shake is 100% hosted on Amazon Web Services, a world leader in compliance with the latest security best practices, including Privacy Shield. All your data is in Amazon’s private data center in Frankfurt, Germany, European Union eu-central-1.
Data is encrypted
Your data in transit is encrypted using secure TLS cryptographic protocols. It’s then stored in PostgreSQL and ElasticSearch on AWS Elastic Block Store disks, both of which are encrypted at rest using AES with a 256-bit key.
No access
Even the basic data our systems are required to have can not be accessed unless formally requested by you. Then, only one of the authorized in-house employees — audited on a regular basis — could be granted an access to assist you.
Disable at the source
Shake reports non-personally identifiable info but you can customize it to report truly anything, for example during internal testing. You can use the .setNetworkRequestsFilter() to redact private info on devices so it never leaves the source.
No credit card data
The best way we can protect your credit card info is to not get it at all. If you decide to upgrade, you will do so through a secure payment processor Stripe.
Data Processing Agreement (DPA)
Shake implements comprehensive DPA in compliance with GDPR. These agreements outline our commitment to protecting personal data, detailing processing responsibilities, and more.
Data certification
ISO 27001, ISO 27017 and ISO 27018
SSAE 16 / ISAE 3402 Type II: SOC 1, SOC 2 and SOC 3
HIPAA
PCI DSS
EU GDPR
CCPA
Additional measures
Physical security
Our offices have 24-hour security personnel on site, cameras, visitor logs and smart card door entry requirements.
Agreements and courses
Our non-disclosures, training courses and security guidelines guide our entire team in making the right security decisions.
Principle of least privilege
Shake audits data access regularly so that employees only have the permissions necessary to do their jobs.
Network security
Access to an AWS account is strictly limited. Additionally, IDS and firewalls are set up at the edge locations.
Backups
To ensure business continuity in case of disaster, critical data is always backed up and moved to a different account.
Scalability and high availability
Through a multi-availability zone, we are able to maintain Shake functionality even if an entire zone fails.
Bug and crash reporting tool you’ve been looking for.
Add to app in minutes
Doesn’t affect app speed
GDPR & CCPA compliant