We know how critical your data is to you and that you rely on TixTime for your key business operations services. Security is a top priority for TixTime and we are committed to maintaining both the security of our infrastructure and the security of our users' data.
Each third party facility where we maintain infrastructure has multiple layers of physical, technological, and human security measures. We require a minimum of 24/7/365 physical security, employee and contractor registration, a security audit policy, video security system, and locked cages at all third party sites.
We implement procedures to protect Customer Data against destruction, loss, alteration, unauthorized disclosure to third parties and unauthorized access by employees or contractors employed by TixTime.
By design TixTime does not handle financial data beyond number of hours for employees. We do not handle tax information, pay rates, or sensitive government identification numbers.
Banking and financial data is handled by our third party credit card processing network. Our policy is to never see a credit card number.
All network communication with TixTime is transmitted over SSL (HTTPS) for both public and private access. Our policy is that plaintext connections should never expose anything more than the location of the secure instance of the same service.
Backups are encrypted prior to being transmitted offsite where they are stored encrypted. We rotate old backups and destroy them after they are no longer needed.
If you have discovered a vulnerability we would greatly appreciate your help in disclosing it to us in a responsible manner. We will reward you fairly.
Special thank you to the following for their responsible disclosures.