Splose is committed to keeping your data secure and private.
Proactive enterprise security measures
To keep all your work secure, Splose encrypts data at rest and in transit. During transit, data is encrypted via SSL and encrypted at rest using industry-standard AES-256 encryption.
Your data will be stored in Australia in line with Government regulations for Australian users, with plans to invest in cloud storage in the UK, US and Canada for our international customers.
We create daily backups of your data, encrypt it and store it securely off-site. All data is stored redundantly at multiple AWS data centres to ensure availability.
Data is hosted in secure state-of-the-art AWS data centres with restricted physical entry, data access logs, CCTV, intrusion detection and controlled entry points.
External security testing
In addition to our internal security testing, we employ third-party firms to conduct vulnerability assessments. Results are prioritised, triaged, and remediated by our development team.
User session recording
Splose automatically records every login session, helping users and admins to monitor usage and identify any unusual behaviour.
State-of-the-art features to help protect your privacy
Human error prevention
Progress notes and invoices are auto-saved, alerts prevent you from leaving pages with unsaved information and deleted files can be restored within 30 days.
Dedicated workspace URL
Every business selects a unique Splose workspace URL which your team members log in. Your workspace URL gets used for online forms, online bookings and gift vouchers.
Set up SMS verification in online bookings and prevent fake and unwanted online bookings by sending a one-time SMS code for clients to verify.
Password protection & 2FA
All users are required to create a strong password to use Splose. 2FA is available for all users and provides an extra layer of security.
Account security roles
Decide who can access certain data in your workspace by assigning account roles for practice manager, practitioner admin, practitioner, receptionist and accountant.
All major features in Splose have revision history which provides an overview of the changes made, the time of changes and the user who made the changes.
Internationally recognised compliance and privacy standards
Australian Privacy Principles (APP)
EU General Data Protection Regulation (GDPR)
We are actively working on policies and product features to provide full compliance with GDPR as a data processor and controller. Included are dedicated data export tools (live), the right to be forgotten (live), a data processing addendum and EU representative (coming soon).Full compliance coming soon
Partner accreditations and certifications
Data storage accreditations and certifications
Our data storage provider Amazon Web Services (AWS) has achieved ISO 27001 (Information Security Management System) certification.
PCI Level 1 Compliance
Our payments provider Stripe, who we use to manage your subscription, has achieved PCI Level 1 Service Provider in the handling of credit card information, which is the highest level of assessment available.