Data Security

Data security is extremely important to us. This is why we have implemented industry leading security features, are following the GDPR, HIPAA and PIPEDA regulatory frameworks, and are running AthleteMonitoring from secure dedicated servers, not Cloud servers shared by multiple companies.

Server-Side Security Features

Anti-malware protection

Firewall and Anti-DDoS protection

Web Application Firewall (WAF)

Monthly Vulnerability Testing

Data Loss Prevention Technologies

Data storage on single-tenant dedicated servers with SOC 2 Type 2, SSAE-16 Type 1, ISAE-3402, ISO 27001, SOC 1, PCI-DSS certifications

Increased protection from the Cloud Act with the option to host your data on your own server, in your own country, or (by default) on a dedicated server managed by a non US company

Application Security Features

Strong password requirements

Automated account lockout after 5 unsuccessful attempts

Two-Factor Authentication (2FA) for staff users

Role-based permissions system to control of who sees what

TLS 1.3 encryption in transit

256 AES data encryption in transit and at rest

Customizable consent forms

Audit logs

For further information, please visit our Terms of use and Privacy Policy, or contact our Privacy Officer at privacy[at]athletemonitoring.com