Security is very important to Yarket and everyone here is doing their best to keep your data secure. While we cannot reveal every measure we have in place (as this could be used against us by the very actors we protect ourselves against), we can give you a high-level overview of how we actively keep you and your data safe describing some of our internal security policies and how those translate into creating a secure platform that you can trust.
We are committed to follow and implement all the guidelines and recommendations from GDPR with regards to all the data and information we handle, process, and store at Yarket.
Yarket is hosted on secure servers and delivered through Amazon Web Services (AWS) using services such as AuroraDB and S3, configured to use AES-256 encryption for all data at rest. AWS is recognized for data centers that are built to withstand all types of threats and are certified for high quality and security.
To keep our users and their data safe, we continually and carefully monitor, fix and prevent any security vulnerabilities.
All of Yarket is served over HTTPS by default.
We like to keep our data organized, and for that we created different categories on which all Yarket's data needs to be categorized. The categories define who can access it and which level of monitoring they receive:
Your card information is transmitted, stored, and processed securely by Stripe - a PCI-Compliant third-arty provider, where all transactions are processed using secure encryption - the same level of encryption used by leading banks. In our infrastructure we do not see, save or store credit card information in any way.
Yarket uses the most advanced encryption technology publicly available to secure data. Using PKCS (Public Key Cryptography Standard) #1 SHA-256 with 2048-bit RSA encryption, Yarket encrypts data at rest as well as all network traffic into and out of AWS. In addition, the cryptographic key management process in Yarket includes key rotation.
We perform periodic risk analysis and assessments to ensure that our information security policies and practices meet the requirements and applicable regulatory obligations.
We always appreciate when Yarket users and security researchers contact us regarding security vulnerabilities.