Privacy

You own the IP and creative output of your data. Unlike other providers, we do not own your intellectual property when you use our platform. You can read more in our Privacy Policy.

Your tours can be made public or private. You can also password protect your tours in Tour Settings.

Encryption

We use Google Cloud for data storage. The data is encrypted at rest and in transit using 256-bit encryption to protect all customer data. On the frontend, our assets and certificates are protected by CloudFlare.

More detail

All customer content stored at rest is encrypted, without any action required from the customer, using one or more encryption mechanisms. All data stored in by CloudPano on Google Cloud is encrypted at the storage level using AES256.

Data is encrypted and authenticated in transit at one or more network layers when it moves outside physical boundaries not controlled by CloudPano.

Depending on the connection that is being made, CloudPano applies default protections to data in transit. For example, communications are secured between the user and the CloudPano using TLS/SSL.

CloudPano Enterprise customers with additional requirements for encryption of data over WAN can choose to implement further protections for data as it moves from a user to an application. These include VPN/IPSec tunnels and managed SSL certificates.

Redundancy

CloudPano data is secured and also backed up using industry standard-retention policies. For CloudPano, this means that backups are taken at 15-minute increments and stored for 10 days. Beyond the 10 day period, weekly snapshots are available going back one year.

Data is copied to geographically distributed datacenters, so that if a datacenter physically goes down, the data still exists at a different physical location.

Data may be deleted as requested by the customer. You may request formal deletion of data from all backups as well.

Location

We use CloudFlare CDN and our data is globally distributed at the edge. Here is a graphic of our edge server locations:

Compliance

Because we use Google Cloud for data storage, we are benefactors of their robust compliance policies and architecture. The answer is typically always “Yes, we meet that compliance need.”

You can use this site to look up the exact compliance requirements you need and learn more about how our datacenters adhere to those policies.

Cloud Compliance - Regulations & Certifications | Google Cloud

Certifications

All certifications can be found at link above.

HIPAA

The datacenters we use are HIPAA compliant.

We do not store any personal identifiable information beyond user name.

Education

The datacenters we use are compliant with standard educational requirements. We also adhere to internal processes that ensure total compliance.

We also have special provisions in our privacy policy that specifically guarantee particular rights to students and students under the age of 18. Review our privacy policies to understand our adherence to Children's Online Privacy Protection Act (COPPA) and The Family Educational Rights and Privacy Act (FERPA).

CloudPano helps our school customers be compliant. Specifically:

  • Any sensitive online information is transmitted over secure channels;

  • All student data are stored in ways that are not publicly accessible;

  • Security audits are regularly performed to ensure data integrity;

  • CloudPano does not share information with third parties that could be used to identify students without consent from the student’s parent, guardian, or school

Did this answer your question?