Infrastructure and Development Security
Infrastructure and Development Security at Pinpoint
How our infrastructure and development practices protect your data
What is the geographical location of the site where my data is stored?
Data is stored exclusively in our production infrastructure, split across our two hyperscale cloud service partners (AWS and Digital Ocean) across three data centre locations (Amsterdam, Dublin and London).
All data centres have been accredited under at least ISO/IEC 27001:2023 or ISO/IEC 27001:2013 and SOC 1,2.
What cloud service providers do Pinpoint use?
Our cloud infrastructure is provided by Digital Ocean and Amazon Web Services.
What's Pinpoint's uptime commitment?
Pinpoint offers a 99.5% uptime SLA, and our agreements with our customers outline service credits that we offer in case of an extended downtime. Historically, our actual uptime has been between 99.99% and 99.999%, and you can see our recent uptime data here.
How does Pinpoint comply with secure development best practices?
We take security incredibly seriously at Pinpoint. Our technical leadership team have extensive experience serving customers with stringent security needs, as well as complex data protection and data residency requirements. We’ve also been recognized with SOC 2 Type II certification by an independent auditor.
Here are some of the ways we ensure security during the development process:
Configuration hardening standards – We have a standard setup for all hardware and the operating systems they run on. All new software applications are required to have two-factor authentication if available, and we maintain a strict access control policy. Security patching is done across all our infrastructure at the same time and we use the most up to date encryption cyphers and secure protocols possible.
Risk assessment – Our CTO and Technical Fellow assess the risk of all activities, define mandatory internal security standards, and provide ongoing training & support to our development team to ensure risks are appropriately managed throughout each project.
Protection of customer data during deployments – Any changes to the codebase or infrastructure that affect customer data go through a formalised review process that incorporates both manual and automated testing. This review process takes into account potential security issues and is completed prior to deployment to production and is the responsibility of the CTO.
Security & Privacy at Pinpoint
See our full list of related resources about how we keep your data secure.