At Joiin security is very important, our customers trust us with their data and we take this trust extremely seriously.   We understand the importance of security and follow all best practices to make sure your data is safe and secure.


Hosting


Our service runs entirely on the Amazon Web Services (AWS) platform.  We use a number of AWS services to deliver Joiin.  This ensures not only that the application follows the highest levels of security but also that the service is reliable and scalable.  See the AWS security page for more information. 


All services run internal to AWS which means that data is only transferred via SSL to your browser or via secure API connection to QuickBooks or Xero.


User Accounts


We use the built-in security services of AWS to manage user accounts and logins.  This ensures that our user login system adheres to the latest best practices.  All user authenticate using a username and password and it is your responsibility to keep this safe by not sharing it with others or leaving it in a public place.


You can invite other users to view your reports in Joiin.  This is done using an email address so you must ensure that you trust the email address you're sharing with.  At any time you can remove access to a user or contact us if you think there has been a breach of trust.


Two Factor Authentication


You can enable Two Factor Authentication on any user account to add an extra level of security.  Two Factor Authentication requires that a unqiue, one-time code, sent via SMS is entered each time a user logs in - this needs to be provided as well as the user ID and password.


SSL


We use standard Secure Sockets Layer (SSL) technology to secure access to our applications and API's across the internet.  You'll see the green padlock icon whenever you access our app.


Data


Your data is owned by you.  We store a copy of certain parts of your financial data from QuickBooks/Xero that we need to rapidly produce your Joiin reports.  We also store additional configuration data that you add to Joiin.  The data remains on AWS servers and within AWS security zones at all times.


When you delete a company from Joiin we fully delete all the financial data we store relating to that company.  We also delete any access tokens we used to make calls to the QuickBooks or Xero API's.


Some of our staff have limited access to your data in order to provide support.  The data is only accessible via secure login to AWS.  Your data is never shared with any other parties.


Your credit card and billing info is transmitted and stored securely with out third part billing provider, Stripe.


Privacy


Your privacy and the integrity of your data is important to us.  For more information on privacy see our Privacy Policy.